Overview

URL tomeandtext.com/categories/relationships/harry-potter/harry-potter%7Cron-weasley
IP74.208.195.81
ASNAS8560 1&1 Internet AG
Location United States
Report completed2018-10-12 18:20:24 CEST
StatusLoading report..
urlquery Alerts Crypto currency mining script


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-10-12 2 tomeandtext.com/categories/relationships/harry-potter/harry-potter%7Cron-weasley Malware
2018-10-12 2 www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron- (...) Malware
2018-10-12 2 www.textandtome.com/sites/default/files/js/js_vSmhpx_T-AShyt_WMW5_TcwwxJP1i (...) Malware
2018-10-12 2 www.textandtome.com/sites/default/files/js/js_COMsmDyrY9mzVU28X2uGvF4Ba3vd5 (...) Malware
2018-10-12 2 www.textandtome.com/sites/default/files/js/js_QP4tAAEIN5rDjDSoA2aGSvAF1ViH2 (...) Malware
2018-10-12 2 www.textandtome.com/sites/default/files/js/js_Gq_NpNXAXaOa7ubDY9NzmQGDFzAkS (...) Malware
2018-10-12 2 coinhive.com/lib/coinhive.min.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 74.208.195.81

Date UQ / IDS / BL URL IP
2018-12-14 22:25:57 +0100
2 - 0 - 6 www.schomestead.com/articles/garden-primer 74.208.195.81
2018-12-14 20:20:43 +0100
2 - 0 - 7 schomestead.com/articles/garden-primer 74.208.195.81
2018-12-04 22:46:06 +0100
2 - 0 - 6 www.schomestead.com/articles/bio-char 74.208.195.81
2018-12-03 23:33:37 +0100
2 - 1 - 6 www.schomestead.com/articles/bio-char 74.208.195.81
2018-11-25 15:10:22 +0100
2 - 1 - 6 www.schomestead.com/category/wild-game 74.208.195.81
2018-11-25 15:10:14 +0100
2 - 1 - 6 www.schomestead.com/articles/biochar-and-supp (...) 74.208.195.81
2018-11-25 13:46:43 +0100
2 - 0 - 6 www.schomestead.com/articles/better-boy-tomatoes 74.208.195.81
2018-11-24 22:34:59 +0100
2 - 0 - 7 schomestead.com/articles/biochar-and-supper-part-2 74.208.195.81
2018-11-24 22:34:36 +0100
2 - 0 - 6 www.schomestead.com/articles/biochar-and-supp (...) 74.208.195.81
2018-11-24 13:18:23 +0100
2 - 1 - 6 www.schomestead.com/category/wild-game 74.208.195.81

Last 10 reports on ASN: AS8560 1&1 Internet AG

Date UQ / IDS / BL URL IP
2018-12-18 19:03:27 +0100
0 - 0 - 1 computerservice-filip.de/plaintext/0000019864 (...) 217.160.0.219
2018-12-18 18:37:56 +0100
0 - 0 - 2 tapnprint.co.uk/SmartNet/eventer/patches/Airp (...) 88.208.252.229
2018-12-18 18:37:42 +0100
0 - 0 - 1 groupcreatedt.at/frei1.bin 87.106.18.141
2018-12-18 18:35:27 +0100
0 - 0 - 1 cheating.de/trainer/2008/silent_hill_homecomi (...) 217.160.0.181
2018-12-18 18:09:13 +0100
0 - 0 - 0 download.geomarketing.de/servicepack/EasyMap_ (...) 217.160.0.165
2018-12-18 17:49:30 +0100
0 - 0 - 4 dorstalgie.de/ 217.160.0.149
2018-12-18 17:33:23 +0100
0 - 0 - 2 latoile.monarchiste.com/ 212.227.54.186
2018-12-18 17:20:38 +0100
0 - 0 - 2 stationhoteldudley.co.uk/ 109.228.49.138
2018-12-18 17:10:57 +0100
0 - 0 - 5 desktopconnect.co.uk/ 77.68.15.31
2018-12-18 17:08:07 +0100
0 - 0 - 1 www.marcusbonfanti.com/tag/tour-dates/ 217.160.122.254

Last 10 reports on domain: tomeandtext.com

Date UQ / IDS / BL URL IP
2018-11-28 15:18:52 +0100
2 - 0 - 8 tomeandtext.com/categories/characters/harry-p (...) 34.207.151.208
2018-10-12 16:56:38 +0200
2 - 0 - 7 tomeandtext.com/categories/tags 74.208.195.81
2018-10-05 20:24:53 +0200
2 - 0 - 7 tomeandtext.com/categories/relationships/harr (...) 74.208.195.81
2018-08-15 19:17:30 +0200
2 - 0 - 7 tomeandtext.com/categories/relationships/harr (...) 74.208.195.81
2018-08-15 19:17:04 +0200
2 - 0 - 7 tomeandtext.com/categories/relationships/harr (...) 74.208.195.81
2018-08-15 19:15:57 +0200
2 - 0 - 7 tomeandtext.com/categories/relationships/harr (...) 74.208.195.81
2018-08-14 06:35:23 +0200
2 - 0 - 7 tomeandtext.com/categories/relationships/harr (...) 74.208.195.81
2018-08-14 06:33:45 +0200
2 - 0 - 7 tomeandtext.com/categories/relationships/harr (...) 74.208.195.81
2018-08-08 13:40:46 +0200
2 - 0 - 7 tomeandtext.com/stories/harry-potter/local/22 (...) 74.208.195.81
2018-06-25 10:52:10 +0200
2 - 0 - 7 tomeandtext.com/categories/characters 74.208.195.81


JavaScript

Executed Scripts (17)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (41)


Request Response
                                        
                                            GET /categories/relationships/harry-potter/harry-potter%7Cron-weasley HTTP/1.1 
Host: tomeandtext.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         74.208.195.81
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 178
Connection: keep-alive
Location: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /categories/relationships/harry-potter/harry-potter|ron-weasley HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16, PleskLin
X-Drupal-Cache: HIT
Strict-Transport-Security: max-age=400
Content-Language: en
X-Frame-Options: SAMEORIGIN
X-Generator: Text And Tome
Link: <http://www.textandtome.com/categories/relationships/harry-potter/harry-potter%7Cron-weasley>; rel="canonical",<http://www.textandtome.com/taxonomy/term/571>; rel="shortlink"
Cache-Control: public, max-age=900
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie,Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Etag: "1539349458-1"
Last-Modified: Fri, 12 Oct 2018 13:04:18 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   6444
Md5:    ad2f33c9cae9827558876cd0da25390e
Sha1:   ce0f77d6303f31becafd1a6170bd892830120dcf
Sha256: 300e591167ce5a8179eb9198b847a9e9b500569c1d928ef20ec00bb5f64e4541

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         172.217.21.170
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 32954
Date: Thu, 27 Sep 2018 19:02:37 GMT
Expires: Fri, 27 Sep 2019 19:02:37 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 1286233


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   32954
Md5:    68263720f8747715639ad6a9020dd9fa
Sha1:   121c84759a7366e4a22da1c55f07bd25a3c3a6d9
Sha256: 8632e8030f860c40b4fef513a33ef06ba067b682d461e27d4ed4ff15ee87c836
                                        
                                            GET /comfortaa:n7,n4.js HTTP/1.1 
Host: use.edgefonts.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         23.43.132.224
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Server: nginx
Status: 200 OK
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Length: 9211
Date: Fri, 12 Oct 2018 16:19:50 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   9211
Md5:    ce0249cbe0a53aece5ce4aa107aeee16
Sha1:   1b9a29037bbaf339f3f0a876d4a75a1d5286c94d
Sha256: 5dc4a6e0d804cfcf928413d45a56e2b0f2e5b714fe163a50cbb7931f30b803bc
                                        
                                            GET /pagead/show_ads.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Fri, 12 Oct 2018 16:19:50 GMT
Expires: Fri, 12 Oct 2018 16:19:50 GMT
Cache-Control: private, max-age=3600
Etag: 14942573533005944739
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 20540
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   20540
Md5:    52fd919d9a1d0befb89500ee7460048a
Sha1:   ad3e60245e3edf26972dd492079c1826ec090de7
Sha256: e8c68aeeae9618b20b1fbf3495ef13acd15eec748fda0e12a9f8728ea2356918
                                        
                                            GET /sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 2217
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Sep 2018 06:47:36 GMT
Etag: "8a9-576e8d4acb644"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   2217
Md5:    33785a199ae1f6968734504d91ee9a06
Sha1:   f82e3f4afea96f4a89dfaf3389f467488acce16f
Sha256: 19b6b1c8b0ffd1d96b08e55f73d7ab8a26b7f5cce39ae784acf72b50aa92465c
                                        
                                            GET /sites/default/files/css/css_bxJrYnkJZaBzNGSsuyBROFO3IMeAJEGNBVDda-gCFzA.css HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 2004
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sun, 07 Oct 2018 06:37:53 GMT
Etag: "7d4-5779dbe81b500"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   2004
Md5:    988d32cd43eb0f3628f16b25cb5cf80d
Sha1:   cc0056abaf22a6224ef171599d75499ac0a74e55
Sha256: cabd18360edb080ef240c87bee52e3d6347d02980aebe079fe6f0c046da2aec4
                                        
                                            GET /sites/default/files/css/css_o2vBDuR-QARpAEVlwq0RKqPtEhphz0fvaRyjwWx3VyM.css HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 2860
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Sep 2018 06:47:46 GMT
Etag: "b2c-576e8d544fb4c"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   2860
Md5:    77b754fbe0175ac7d1dfaa37e992ae43
Sha1:   4a2ae07c1a773118e11962962c1cb2404fa0ecae
Sha256: 890227faab385d9861b8d1189c5339ae67a6d2cf023cd7874257381c9cd8cf7b
                                        
                                            GET /sites/default/files/css/css_NETuA2LZ2i62Y9PB3zu3pWbYeupieGZUZGannR2rNWY.css HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 584
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Sep 2018 06:47:46 GMT
Etag: "248-576e8d545419c"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   584
Md5:    c16d4aac0cf6be33fa59cbe37984edb7
Sha1:   734568549f7d2ff5ec600fea36be7de860f7cf55
Sha256: 62470409ef1321d049da46650e0052a334ee9bbfb9713a75087c4c483d38cbac
                                        
                                            GET /sites/default/files/css/css_oSZdkEPgoLlbXPBTmB8sdELaLxGRBF7hLqGI3KLSOZ8.css HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 432
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Sep 2018 06:47:46 GMT
Etag: "1b0-576e8d5451e74"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   432
Md5:    daa7a3abaa9d11422b26c704a78e9670
Sha1:   6f62bfe21de81822c9449b921161af09571392e1
Sha256: a555e561a00553edbc0b36dc609be956f4595c67192d3483846b0d11a9abc16a
                                        
                                            GET /sites/default/files/css/css_x_cHdZK9XFUs0SvqZyIDwehEX8aBe19uGVGWZzckaqo.css HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 86
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Sep 2018 06:47:46 GMT
Etag: "56-576e8d5452e14"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   86
Md5:    3bf6fb694dfd8865f2bf4738f82d1f08
Sha1:   074ed951c490b14097bd2d8bb291d2bdc7fd52ab
Sha256: 6b88ce5394f0704f5b6d82cf75d11438455edc64d8ff7d8ab7da113b1cf541eb
                                        
                                            GET /sites/default/files/css/css_MmGrNYhX2MJBBkxNJhP1EKtYiw0PaWT2aMifAXfpBtI.css HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 4919
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Sep 2018 06:47:46 GMT
Etag: "1337-576e8d54587ec"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   4919
Md5:    f9005fa415e0ba95ee45dfd702e80265
Sha1:   55d6aa0f93fca22feaad48f06df8da6cbaa8fb28
Sha256: 8058d5eb5568a0bffa8a535f3bc97db5e93ecbd90e93fef188555b4ab51fefce
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 07 Oct 2018 01:21:31 GMT
Etag: EB50C806959B9568C8D682E5B68E87320AB669B0
X-OCSP-Responder-ID: rmdccaocsp17
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=118327
Expires: Sun, 14 Oct 2018 01:11:57 GMT
Date: Fri, 12 Oct 2018 16:19:50 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    54cdf1ee222e89442d5cb163a14ac732
Sha1:   eb50c806959b9568c8d682e5b68e87320ab669b0
Sha256: 4479274fbd14eb22f09401da01d08d64afc45f49034ccf3e66123eda1b7616d3
                                        
                                            GET /sites/default/files/js/js_vSmhpx_T-AShyt_WMW5_TcwwxJP1imoVOa8jvwL_mxE.js HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 7779
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sun, 23 Sep 2018 06:52:04 GMT
Etag: "1e63-576844f75d930"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   7779
Md5:    60e3b889e07864b6f3112962b4c8613c
Sha1:   dd3cd004f9f0c87cd846a3c8800110936ffe9ff6
Sha256: 517de396ad71d49a7b72749f15c2422e91a4adfcfe7274611641b5395d014a16

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/js/js_COMsmDyrY9mzVU28X2uGvF4Ba3vd5eTo5xEO7dvCUZM.js HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 233
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Sep 2018 06:47:36 GMT
Etag: "e9-576e8d4ad0464"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   233
Md5:    4aa1f193a9d896cfb5bfbfab98875f87
Sha1:   bf6aaf092a8582508713870a1c75401a6134ee48
Sha256: ef3961b3cc15e080038a2383f49f4108aeac7bfbc300499f57d41e16e2bedfb4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/js/js_QP4tAAEIN5rDjDSoA2aGSvAF1ViH2yhKRsCmpjv_Zls.js HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 2208
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sat, 29 Sep 2018 06:45:17 GMT
Etag: "8a0-576fcea39391e"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   2208
Md5:    f5459f445ab913db03da7b55fd9ca484
Sha1:   13abf33ab04938dbd477cebd589df89d1a9ea6a7
Sha256: 9f501edba9484c6f178d4ca50af2edb766a00f53029a74d5e8d8a111227dedf7

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/js/js_Gq_NpNXAXaOa7ubDY9NzmQGDFzAkSZ4rrj8EtW_91eQ.js HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 8566
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Sep 2018 06:47:46 GMT
Etag: "2176-576e8d54568ac"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   8566
Md5:    7c998fdb014437c38f23c8ca655218c2
Sha1:   f4f215a11bae486fea7a93a9a02427e6b46d0744
Sha256: cd3df84120da03a443b70c9717c207826c5fe60cf7bc34bc31e430663e203d8d

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/color/mayo-4e12a262/logo.png HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 3518
Last-Modified: Mon, 25 Jan 2016 22:25:57 GMT
Connection: keep-alive
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Etag: "56a6a0f5-dbe"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 60 x 60, 8-bit/color RGBA, non-interlaced
Size:   3518
Md5:    430e039e503d91296c5637f314c051ac
Sha1:   7b950a9242acb86e057f88652784d7db08ab27bf
Sha256: 9543c9e7f36623e1061835b849b92c257118347f2b7ea87718bb518e5ba8b3bb
                                        
                                            GET /misc/feed.png HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 656
Connection: keep-alive
X-Content-Type-Options: nosniff
X-Accel-Version: 0.01
Last-Modified: Wed, 25 Apr 2018 15:32:27 GMT
Etag: "290-56aadfa6eb8c0"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit colormap, non-interlaced
Size:   656
Md5:    4100d083f16434aa3e1153edc67d2ce5
Sha1:   da8a0e2fcfb2a9264e9456f860bbf1462da6128e
Sha256: 1f5390ba839b6b659b177dd4273197b0e8b4d60e45444972c966831a7f70d34f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 08 Oct 2018 09:27:34 GMT
Etag: 99401F8BD467D90F886179C64493E78DA9B8E4C5
X-OCSP-Responder-ID: rmdccaocsp13
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=233915
Expires: Mon, 15 Oct 2018 09:18:25 GMT
Date: Fri, 12 Oct 2018 16:19:50 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    d9b08f335c6577b244c88529169de9ed
Sha1:   99401f8bd467d90f886179c64493e78da9b8e4c5
Sha256: 9fb86e028f68b7b471041d512b8351fae7184d1c6d11d41eaa0a1dda673ff62a
                                        
                                            GET /misc/favicon.ico HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:50 GMT
Content-Length: 5430
Last-Modified: Wed, 25 Apr 2018 15:32:27 GMT
Connection: keep-alive
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:50 GMT
Etag: "5ae09f8b-1536"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 256-colors
Size:   5430
Md5:    cf2445dcb53a031c02f9b57e2199bc03
Sha1:   f8efd1a86c0b81e52f8e245eebfaa2e1a2de119d
Sha256: 35776c26f02597e25423068a5eb99bc282dffe8e4af09036819b69e6856b1815
                                        
                                            GET /sites/all/themes/mayo/images/black-menu.png HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/sites/default/files/css/css_NETuA2LZ2i62Y9PB3zu3pWbYeupieGZUZGannR2rNWY.css
Cookie: has_js=1

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:51 GMT
Content-Length: 390
Connection: keep-alive
X-Content-Type-Options: nosniff
X-Accel-Version: 0.01
Last-Modified: Mon, 25 Jan 2016 22:25:57 GMT
Etag: "186-52a300d84de8e"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:51 GMT
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  PNG image, 8 x 60, 8-bit/color RGB, non-interlaced
Size:   390
Md5:    dc36218160be0adff947737d03427c37
Sha1:   cf6112691c9e8a6d31aa2d620572806700c227cd
Sha256: fc6fe6a0b6710ffcfd073154317ed6e10f3a8daf56053d5a8af5f3cbca620319
                                        
                                            GET /sites/all/themes/mayo/images/search.png HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/sites/default/files/css/css_MmGrNYhX2MJBBkxNJhP1EKtYiw0PaWT2aMifAXfpBtI.css
Cookie: has_js=1

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:51 GMT
Content-Length: 481
Connection: keep-alive
X-Content-Type-Options: nosniff
X-Accel-Version: 0.01
Last-Modified: Mon, 25 Jan 2016 22:25:57 GMT
Etag: "1e1-52a300d84de8e"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:51 GMT
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  PNG image, 21 x 21, 8-bit/color RGBA, non-interlaced
Size:   481
Md5:    13b28eadc836d987899e6f35280f2280
Sha1:   9160c464ad38a195ea7709f03419814535e7a208
Sha256: dc8b2e3c921d2a669967ba8c1d4d5a93159d6a0548d38c231b21590be22ffbd0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 08 Oct 2018 09:27:34 GMT
Etag: 090C34B232998ED0CB442389A283D60A7212687C
X-OCSP-Responder-ID: rmdccaocsp19
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=233910
Expires: Mon, 15 Oct 2018 09:18:21 GMT
Date: Fri, 12 Oct 2018 16:19:51 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    918e7ad6efba9cd193ede3de6438f9b1
Sha1:   090c34b232998ed0cb442389a283d60a7212687c
Sha256: ff1641777dd048546458ac7b135f68cda235fd5d2e4dc8b9cb1c9bfa51ef30ec
                                        
                                            GET /lib/coinhive.min.js HTTP/1.1 
Host: coinhive.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         104.20.208.59
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 12 Oct 2018 16:19:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=da7c52660d5bede7c27a46499dafc6d391539361191; expires=Sat, 12-Oct-19 16:19:51 GMT; path=/; domain=.coinhive.com; HttpOnly
Last-Modified: Wed, 11 Apr 2018 09:51:50 GMT
Etag: W/"5acddab6-40063"
Expires: Sat, 13 Oct 2018 00:19:51 GMT
Cache-Control: public, max-age=28800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 468ae3f72d1142a9-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   68258
Md5:    aace5e5a34519cdd9c971d57f21e5d82
Sha1:   ceecd09dbe85c771648f2ce6942fe9707c6f31f4
Sha256: ef2f23c272fb07e8e93f26cf6051bd2c3d377cf54e2431f9fdd6666852749e62

Alerts:
  urlquery:
    - Crypto currency mining script
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 12 Oct 2018 16:19:51 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    ec20ce3c9c5b551497b535e330595881
Sha1:   4c97bb9833c5091b9193b151592d8208eb24128b
Sha256: 517619e44b5143b18f39fc9ad9c3acc3a78882a05656763281b42eca29652a3c
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 12 Oct 2018 16:19:51 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 12 Oct 2018 16:19:51 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    d376749708396e24297eadb072abf63b
Sha1:   54a0c5bc69f37a06c668bcf47df09f916cf54742
Sha256: d478d8512c0dd30e34435454806e6f1981bcab1a142d259b7efe7f897c2498e7
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 12 Oct 2018 16:19:51 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    4eb04fe4aad18239aec4c4b9c75809b8
Sha1:   36d7c7b4867974fa8fec28b0794707a26254321c
Sha256: efea6acb156042bff03a46caf2a599b8711e0fbc98d980c5760af680ed4a0e0b
                                        
                                            GET /adsid/integrator.js?domain=www.textandtome.com HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Fri, 12 Oct 2018 16:19:51 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 12 Oct 2018 16:19:51 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    72065cc0905109f0da7667340c06f338
Sha1:   0c8bdd4ecfef4bcb9efd9c469a2a80fcd5ddc46e
Sha256: a5c68cb747639fd4d878dc272cac14a221f339cb4e759008533f8325e81e0e02
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=169847
Date: Fri, 12 Oct 2018 16:19:51 GMT
Etag: "5bc0a69d-1d7"
Expires: Sun, 14 Oct 2018 15:30:38 GMT
Last-Modified: Fri, 12 Oct 2018 13:50:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    d0850e7a1451bd242bf2bb592bb9b445
Sha1:   3515b3269c32e739142e8d1707074340757c0ada
Sha256: 7fc44d5d9ebeee8ec39ee975450dc31751767c8462d338a4a9a9b952fe458090
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=163328
Date: Fri, 12 Oct 2018 16:19:51 GMT
Etag: "5bc091cb-1d7"
Expires: Sun, 14 Oct 2018 13:41:59 GMT
Last-Modified: Fri, 12 Oct 2018 12:21:31 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    8e86adecab5700e34462e26170e25e71
Sha1:   041025a47da9691c54fb6f15eb4e33c381967241
Sha256: 88185c50e3b1635a0306cd32ba832a3edae79f9d3824ea08afc9181f1be84a49
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Fri, 12 Oct 2018 15:23:13 GMT
Expires: Fri, 12 Oct 2018 17:23:13 GMT
Last-Modified: Thu, 11 Oct 2018 19:41:26 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17301
Cache-Control: public, max-age=7200
Age: 3398
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17301
Md5:    19b0f85b8b4b117274aff1ad8310ec11
Sha1:   695835c290fa5a0df4179f6939d3f62ab2af07d2
Sha256: 065250fb7caf1c4930fe4b2088d37fe31fc160b9f8c3e5644ded5348ea8e59ec
                                        
                                            GET /adsid/integrator.js?domain=www.textandtome.com HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Fri, 12 Oct 2018 16:19:51 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /pub-config/r20160913/ca-pub-3713326668133593.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Fri, 12 Oct 2018 16:19:52 GMT
Expires: Sat, 13 Oct 2018 04:19:52 GMT
Cache-Control: public, max-age=43200
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
Content-Length: 88
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   88
Md5:    447300cfe76a026545c27482e7ada077
Sha1:   995fa7efb4f9b8be29ea4c3c69a361e0a1f27ba1
Sha256: 994d8a1f3b94c1b503343b827ffd37a0a2a50015d48a054812591825cc305a40
                                        
                                            GET /collect?v=1&_v=j71&a=1227025295&t=pageview&_s=1&dl=http%3A%2F%2Fwww.textandtome.com%2Fcategories%2Frelationships%2Fharry-potter%2Fharry-potter%7Cron-weasley&ul=en-us&de=UTF-8&dt=Harry%20Potter%7CRon%20Weasley%20%7C%20TextAndTome.com&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=YGBAiEQAB~&jid=875973948&gjid=805899070&cid=1042004644.1539361192&tid=UA-49490049-1&_gid=366442621.1539361192&cm1=0&z=1757455421 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Thu, 11 Oct 2018 13:48:09 GMT
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Cache-Control: no-cache, no-store, must-revalidate
Age: 95503
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /c/680f5d/1w;comfortaa,2,Wph:W:n4,Wpk:W:n7/d HTTP/1.1 
Host: use.edgefonts.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         23.43.132.224
HTTP/1.1 200 OK
Content-Type: text/css;charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Content-Encoding: gzip
Server: nginx
Status: 200 OK
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Length: 32685
Date: Fri, 12 Oct 2018 16:19:52 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   32685
Md5:    78345cb3917810bf8200386104ceabe5
Sha1:   79574dc52e4038ef2fbe9dc210eee56fcac009d5
Sha256: b3e6ba7818225eb8e6e07873ab60c205ad6c294cfc5fae2cf1cae435fcb55c0c
                                        
                                            GET /r/collect?t=dc&aip=1&_r=3&v=1&_v=j71&tid=UA-49490049-1&cid=1042004644.1539361192&jid=875973948&gjid=805899070&_gid=366442621.1539361192&_u=YGBAiEQAB~&z=1452345446 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         64.233.162.157
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Fri, 12 Oct 2018 16:19:52 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /sites/all/libraries/superfish/images/arrows-ffffff.png HTTP/1.1 
Host: www.textandtome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/sites/default/files/css/css_bxJrYnkJZaBzNGSsuyBROFO3IMeAJEGNBVDda-gCFzA.css
Cookie: has_js=1; _ga=GA1.2.1042004644.1539361192; _gid=GA1.2.366442621.1539361192; _gat=1

                                         
                                         74.208.195.81
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 12 Oct 2018 16:19:52 GMT
Content-Length: 250
Connection: keep-alive
X-Content-Type-Options: nosniff
X-Accel-Version: 0.01
Last-Modified: Mon, 25 Jan 2016 22:25:57 GMT
Etag: "fa-52a300d86cea8"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Fri, 26 Oct 2018 16:19:52 GMT
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  PNG image, 20 x 110, 8-bit/color RGBA, non-interlaced
Size:   250
Md5:    6d3582c2bd244539e8ba38e0e8df161d
Sha1:   b7ae7b9ac1f43424fcd34aa6012542e1595c8528
Sha256: 2ea87d332edda7bc80411d7bcfe5e25bb068fbfd5b0efc6383e4a753089b823c
                                        
                                            GET /p.gif?s=4&k=&app=&ht=tk&h=www.textandtome.com&f=16102.16100&a=&sl=280&fl=1597&dc=true&js=1.14.9&_=1539361192802 HTTP/1.1 
Host: p.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.textandtome.com/categories/relationships/harry-potter/harry-potter|ron-weasley

                                         
                                         23.43.132.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Etag: "5ad6aefe-23"
Expires: Fri, 29 Jun 2018 19:51:34 GMT
Last-Modified: Wed, 18 Apr 2018 02:35:42 GMT
Server: nginx
Content-Length: 35
Date: Fri, 12 Oct 2018 16:19:52 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    81144d75b3e69e9aa2fa3e9d83a64d03
Sha1:   f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
Sha256: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39