Overview

URL 1001-life-insurances.blogspot.com.br/search/label/Once
IP173.194.221.132
ASNAS15169 Google Inc.
Location United States
Report completed2017-10-11 09:12:07 CEST
StatusLoading report..
urlquery Alerts Crypto currency mining script


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2017-10-11 09:11:41 CEST 1  94.130.129.243 Client IP ET POLICY Request for Coinhive Browser Monero Miner M2


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-10-11 2 1001-life-insurances.blogspot.com.br/search/label/Once Malware
2017-10-11 2 1001-life-insurances.blogspot.no/search/label/Once Malware
2017-10-11 2 1001-life-insurances.blogspot.no/search/label/Once Malware
2017-10-11 2 coinhive.com/lib/coinhive.min.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 173.194.221.132

Date UQ / IDS / BL URL IP
2017-11-17 16:50:14 +0100
0 - 0 - 3 www.harry-judd-attitude-news.blogspot.com/sea (...) 173.194.221.132
2017-11-17 16:35:32 +0100
0 - 0 - 3 www.overshadowoversight2110.blogspot.mx/2011/ (...) 173.194.221.132
2017-11-17 16:34:38 +0100
0 - 0 - 2 fwdowns.blogspot.ru/2011/03/norton-360-2011-5 (...) 173.194.221.132
2017-11-17 16:31:40 +0100
0 - 0 - 6 the-junker.blogspot.ru/2012/04/tumbuhan-mampu (...) 173.194.221.132
2017-11-17 16:31:25 +0100
0 - 0 - 2 topaflam2017.blogspot.com.es/2017/08/spider-m (...) 173.194.221.132
2017-11-17 16:16:48 +0100
0 - 0 - 3 www.josh-morgan-subways-news.blogspot.in/sear (...) 173.194.221.132
2017-11-17 16:16:32 +0100
0 - 0 - 2 josh-morgan-subways-news.blogspot.mx/2011/10/ (...) 173.194.221.132
2017-11-14 17:15:02 +0100
0 - 0 - 3 alindaenua.blogspot.com.tr/2012/03/elle-alexa (...) 173.194.221.132
2017-11-14 17:15:01 +0100
0 - 0 - 3 alindaenua.blogspot.com.tr/2012/03/alyssa-mar (...) 173.194.221.132
2017-11-14 17:12:22 +0100
0 - 0 - 2 aerytyre.blogspot.com.tr/2014/08/sold-motorcy (...) 173.194.221.132

Last 10 reports on ASN: AS15169 Google Inc.

Date UQ / IDS / BL URL IP
2017-12-13 20:54:39 +0100
0 - 0 - 2 nanda-gregorio.blogspot.de/ 209.85.233.132
2017-12-13 20:54:21 +0100
0 - 0 - 0 172.217.9.206 172.217.9.206
2017-12-13 20:52:07 +0100
0 - 0 - 2 membangun-rumah8870.blogspot.com/ 209.85.233.132
2017-12-13 20:48:40 +0100
0 - 0 - 0 google.de 216.58.211.131
2017-12-13 20:48:28 +0100
0 - 0 - 2 petisaasancristobal.blogspot.com.es/ 209.85.233.132
2017-12-13 20:46:25 +0100
0 - 1 - 0 regretfulcaps.blogspot.jp/ 209.85.233.132
2017-12-13 20:43:08 +0100
0 - 0 - 1 asissyatheart.blogspot.de/2012/11/emma-glover (...) 209.85.233.132
2017-12-13 20:42:24 +0100
0 - 0 - 1 bocagulosa2.blogspot.de/2012/09/valentina-and (...) 209.85.233.132
2017-12-13 20:41:45 +0100
0 - 0 - 1 thecreationfallacy.blogspot.de/2012/06/jaime- (...) 209.85.233.132
2017-12-13 20:41:30 +0100
0 - 0 - 1 asissyatheart.blogspot.de/2010/11/jersey-shor (...) 209.85.233.132

Last 9 reports on domain: 1001-life-insurances.blogspot.com.br

Date UQ / IDS / BL URL IP
2017-11-23 09:46:50 +0100
2 - 1 - 5 1001-life-insurances.blogspot.com.br/ 216.58.211.129
2017-11-10 09:42:57 +0100
2 - 0 - 6 1001-life-insurances.blogspot.com.br/ 172.217.22.161
2017-10-29 08:44:05 +0100
2 - 1 - 6 1001-life-insurances.blogspot.com.br/ 74.125.205.132
2017-10-23 13:18:05 +0200
2 - 1 - 5 1001-life-insurances.blogspot.com.br/ 172.217.22.161
2017-10-16 09:28:07 +0200
2 - 1 - 5 1001-life-insurances.blogspot.com.br/ 172.217.22.161
2017-10-13 00:59:35 +0200
2 - 1 - 5 1001-life-insurances.blogspot.com.br/search 172.217.22.161
2017-10-11 09:12:14 +0200
2 - 1 - 5 1001-life-insurances.blogspot.com.br/search/l (...) 173.194.221.132
2017-10-11 09:12:12 +0200
2 - 1 - 5 1001-life-insurances.blogspot.com.br/search/l (...) 173.194.221.132
2017-10-11 09:12:06 +0200
2 - 1 - 5 1001-life-insurances.blogspot.com.br/search/l (...) 173.194.221.132


JavaScript

Executed Scripts (37)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 146, repeated: 1) - SHA256: 275d6bd438419a738280b8f4e67ceb5c87645a718bfd0d973331dd1afcf5cfe9

                                        < img src = "<!--Can't find substitution for tag [post.thumbnailUrl]-->"
alt = "Sandra Romain Never EVER Took On Two Guys At Once. She&#39;s Usually" / >
                                    

#2 JavaScript::Write (size: 159, repeated: 1) - SHA256: 84618a4a6982b20131ab82be1f0a98b1bf83c57ee7a0489fdbd128e576b54ee1

                                        < script src = "/feeds/posts/summary/-/http://1001-life-insurances.blogspot.no/search/label/?alt=json-in-script&callback=hitungtotaldata&max-results=1" > < /script>
                                    


HTTP Transactions (59)


Request Response
                                        
                                            GET /search/label/Once HTTP/1.1 
Host: 1001-life-insurances.blogspot.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         173.194.221.132
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Location: http://1001-life-insurances.blogspot.no/search/label/Once
Content-Encoding: gzip
Date: Wed, 11 Oct 2017 07:11:32 GMT
Expires: Wed, 11 Oct 2017 07:11:32 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 196
Server: GSE


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   196
Md5:    4bc22a243035c463aa669313afc0675c
Sha1:   8945c08bac144cb0141b1be792d7c07a174f1ce2
Sha256: eed7562a80d78ca664e71861900ea16d321ca809382e0c890bbc0069aca18591

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /search/label/Once HTTP/1.1 
Host: 1001-life-insurances.blogspot.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         173.194.221.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Wed, 11 Oct 2017 07:11:32 GMT
Date: Wed, 11 Oct 2017 07:11:32 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 23 Jul 2017 09:58:35 GMT
Etag: W/"aeef99a8903767175deb12c02f9fbe0787f9fa31aaba8834a5ca1d464063413d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 43011
Server: GSE


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   43011
Md5:    c9fc6640dc76272a64af23b2eca5e7ef
Sha1:   c83ccc79283f859bf1288defaf1a1bdf85e53080
Sha256: 8cefe64e2e9e2c2656136b24809802ff2120ec42b82a749a1af8656ba99e599f

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /css/graddit.css HTTP/1.1 
Host: static.graddit.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         104.28.9.76
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 11 Oct 2017 07:11:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd6a5998d86d7d5bf32c69a53bfd16c851507705893; expires=Thu, 11-Oct-18 07:11:33 GMT; path=/; domain=.graddit.com; HttpOnly
Last-Modified: Sat, 25 Apr 2015 17:20:22 GMT
Etag: W/"553bccd6-314b"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 11 Oct 2017 09:11:33 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 3ac0018955504261-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2337
Md5:    dfa0daa25e78200e40f9571312ec9ae5
Sha1:   568ffde7fb25a6263e31bfa58df1dab40cf8833b
Sha256: 803a55513376be5fab56f6faa9eb38fb8dae0bc428867b15fd59c6c95fedf2e7
                                        
                                            GET /css?family=Oswald HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         173.194.221.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Wed, 11 Oct 2017 07:11:33 GMT
Date: Wed, 11 Oct 2017 07:11:33 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   190
Md5:    32e1eea4c1b428f40572fa2a8e54317b
Sha1:   b436223090a443f588d8830da7b2b88fece1e19f
Sha256: 95692d6b07c607d5f0d74c51ce2b82ba54a834b48981d107f37c9d51d8a75602
                                        
                                            GET /css?family=PT+Sans+Narrow HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         173.194.221.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Wed, 11 Oct 2017 07:11:33 GMT
Date: Wed, 11 Oct 2017 07:11:33 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   212
Md5:    00f3d723193cf265644d7435222efbf6
Sha1:   7eb59ba35851938811fad10ca4c135d6001103a2
Sha256: f8b720a35e804790b3436f6611432007dde2da6bee95b94b1306b74642382267
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         173.194.221.102
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 11 Oct 2017 07:11:33 GMT
Expires: Sun, 15 Oct 2017 07:11:33 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    d3237f379521caefa745554f121d9ecd
Sha1:   e1ccc57a8d161e6b27c3bf6b3251aed6dabbdb88
Sha256: da86b9c13d43f937f168b12d034b13b0d8930b9e86c3aaade8254fceea0cadab
                                        
                                            GET /24211643151/jquery.easing.js HTTP/1.1 
Host: yourjavascript.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         80.241.212.33
HTTP/1.1 200 OK
Content-Type: text/javascript; charset: UTF-8
                                        
Server: nginx
Date: Wed, 11 Oct 2017 07:11:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public


--- Additional Info ---
Magic:  UTF-8 Unicode C program text, with CRLF line terminators
Size:   8301
Md5:    a6f75e0c043a2a087837e5c113cc6f7a
Sha1:   c6f74009a95b2d6f9c7b39ec121a4ca53a490a04
Sha256: e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248
                                        
                                            GET /jquery-1.8.3.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         94.31.29.54
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 11 Oct 2017 07:11:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Vary: Accept-Encoding
Etag: W/"54499a47-40f49"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   96625
Md5:    fc345cc666e4723a9d03b2621b12dfb1
Sha1:   a4b0d132bef1430dde86dbf1059670e3074a4439
Sha256: d80cae0232bd6ffe42be7f1559c0f25294b1d3905d1ee4268373ddc79175e320
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=494827, public, no-transform, must-revalidate
Last-Modified: Tue, 10 Oct 2017 00:34:08 GMT
Expires: Tue, 17 Oct 2017 00:34:08 GMT
Date: Wed, 11 Oct 2017 07:11:33 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    fccd40351d25d6f5eecda73fdef9b3d8
Sha1:   0d2d2f37814bb53b7dca796acc9ee278ef6297ba
Sha256: 23e276d6aa20791de9110019cb7992bae490040d4cc3a06678449d1b3f2063e4
                                        
                                            GET /static/v1/widgets/1917767771-widget_css_bundle.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         173.194.221.191
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8450
Date: Thu, 05 Oct 2017 19:33:02 GMT
Expires: Fri, 05 Oct 2018 19:33:02 GMT
Last-Modified: Tue, 03 Oct 2017 18:46:47 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 473911
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   8450
Md5:    a5f71e88ca9b26a749243568aa6cf14d
Sha1:   0ea88166a0447850ae1630b8a3720bf7e63245b7
Sha256: 9869cc111f0cf849928f9573b7d581c0b71cb1e7436bf8d02469aa83b120a748
                                        
                                            GET /jquery-2.1.1.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         94.31.29.54
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 11 Oct 2017 07:11:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Vary: Accept-Encoding
Etag: W/"54499a47-3c637"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   89265
Md5:    8eda8f2e67f0b05454b9737205d2f334
Sha1:   abc4f5d34a8923bedc92cb6d455165b683636913
Sha256: d86a75d4eae0cf75d997facaa2278440804f14e9f4313f2b99ea4e6415bc0592
                                        
                                            GET /-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         216.58.211.129
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "va2f"
Expires: Wed, 11 Oct 2017 23:14:52 GMT
Content-Disposition: inline;filename="home.gif"
Vary: Origin
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 11 Oct 2017 06:12:45 GMT
Server: fife
Content-Length: 1157
X-XSS-Protection: 1; mode=block
Age: 3528
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  GIF image data, version 89a, 21 x 21
Size:   1157
Md5:    4c4d5a137d02ca4414dfe2e76084c7a0
Sha1:   f5b0e9627a211af31faeb95b74f85471c07cc8e5
Sha256: ff33e9e45ece6b5b9099f38e8e0a246865d21330f4f6300f2f9dc6498c7441d6
                                        
                                            GET /218437119/halamanav.js HTTP/1.1 
Host: yourjavascript.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         80.241.212.33
HTTP/1.1 200 OK
Content-Type: text/javascript; charset: UTF-8
                                        
Server: nginx
Date: Wed, 11 Oct 2017 07:11:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public


--- Additional Info ---
Magic:  ASCII C program text, with very long lines, with CRLF line terminators
Size:   5361
Md5:    0b26ad0b1f8e8c99dd6377b77a6606e2
Sha1:   9423d1bb932af7237412b2d39e02a1e55eb23fcf
Sha256: c5c2a9a025bfb657e029f79941deca6f66878ecb129672f20cc774590cb84d81
                                        
                                            GET /-Es4rPAZpSEA/VO-9j025emI/AAAAAAAAAA8/v0-_VsrrI3I/s930/sun%2Blogo.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         216.58.211.129
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v10"
Expires: Wed, 11 Oct 2017 18:22:55 GMT
Content-Disposition: inline;filename="sun logo.png"
Vary: Origin
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 11 Oct 2017 07:11:33 GMT
Server: fife
Content-Length: 4937
X-XSS-Protection: 1; mode=block
Age: 0
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 50 x 50, 8-bit/color RGBA, non-interlaced
Size:   4937
Md5:    ec96de9adb433356cd5275b700162ca8
Sha1:   129635c9d3a7c80cc6a31fa529720bae1a19ed55
Sha256: c2f14ee0930eb95756034a91fa5e7e27eb22f2201d9de9f0a420a0b967df6a39
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         173.194.221.102
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 11 Oct 2017 07:11:33 GMT
Expires: Sun, 15 Oct 2017 07:11:33 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    b7ef155a3429add3fb47f0dfb7fc0597
Sha1:   b05514d9c4d1f7582804627147ede31125d28870
Sha256: c400c54b3da70f6020b5cef260bf8b2261989adb89c270f821bd8a2c23895bbb
                                        
                                            GET /img/icon18_wrench_allbkg.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         173.194.221.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Content-Length: 475
Date: Thu, 05 Oct 2017 19:45:02 GMT
Expires: Thu, 12 Oct 2017 19:45:02 GMT
Last-Modified: Thu, 05 Oct 2017 17:59:19 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=604800
Age: 473192
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  PNG image, 18 x 18, 8-bit colormap, non-interlaced
Size:   475
Md5:    f617effe6d96c15acfea8b2e8aae551f
Sha1:   6d676af11ad2e84b620cce4d5992b657cb2d8ab6
Sha256: d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
                                        
                                            GET /search/label/Once HTTP/1.1 
Host: 1001-life-insurances.blogspot.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once
If-Modified-Since: Sun, 23 Jul 2017 09:58:35 GMT
If-None-Match: W/"aeef99a8903767175deb12c02f9fbe0787f9fa31aaba8834a5ca1d464063413d"

                                         
                                         173.194.221.132
HTTP/1.1 304 Not Modified
                                        
Expires: Wed, 11 Oct 2017 07:11:33 GMT
Date: Wed, 11 Oct 2017 07:11:33 GMT
Cache-Control: private, max-age=0
Etag: W/"aeef99a8903767175deb12c02f9fbe0787f9fa31aaba8834a5ca1d464063413d"
Server: GSE


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         74.125.205.95
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 32245
Date: Thu, 14 Sep 2017 06:32:32 GMT
Expires: Fri, 14 Sep 2018 06:32:32 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 2335142
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   32245
Md5:    68ab59808bd9d610989e90a6a72de1c9
Sha1:   37e30026185877bbe73d9794a9b30083ae0709fe
Sha256: e730036ff9a2dea35ee12350105dca51535e909c854f51fe0e131a8292f73f6b
                                        
                                            GET /dyn-css/authorization.css?targetBlogID=6428404289940887029&zx=4b9aa89a-da4f-4d97-a422-4cfa395f1c98 HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         173.194.221.191
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Cache-Control: private, max-age=1800
Pragma: no-cache
Expires: Wed, 11 Oct 2017 07:11:34 GMT
Date: Wed, 11 Oct 2017 07:11:34 GMT
Last-Modified: Wed, 11 Oct 2017 07:11:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   21
Md5:    b9afc501fc43fbea335a2dc5d43263a1
Sha1:   7290a2dd6afbf39ecfc35b52dfb32a38fc222994
Sha256: d6e425ca7840c0ab6f26f5fc2822a47e26b4a8bbd104468a9c185bc132b8662f
                                        
                                            GET /-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         216.58.211.129
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v850"
Expires: Thu, 12 Oct 2017 07:11:33 GMT
Content-Disposition: inline;filename="menuh.png"
Vary: Origin
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 11 Oct 2017 07:11:33 GMT
Server: fife
Content-Length: 196
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=86400, no-transform
Age: 1


--- Additional Info ---
Magic:  PNG image, 5 x 60, 8-bit/color RGBA, non-interlaced
Size:   196
Md5:    af8a1d93aa40aadbf1f260df21bc2f80
Sha1:   7b1f56fffb743cf880bcd946851a873fe44855e8
Sha256: 55fb946d0c7e56072bb1855932f6df8583a5c4fa4e78a2ec49f3a352dd4d25c5
                                        
                                            GET /-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         216.58.211.129
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v7d7"
Expires: Wed, 11 Oct 2017 20:02:12 GMT
Content-Disposition: inline;filename="outerpic.png"
Vary: Origin
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 11 Oct 2017 06:26:54 GMT
Server: fife
Content-Length: 573
X-XSS-Protection: 1; mode=block
Age: 2680
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 3 x 360, 8-bit/color RGBA, non-interlaced
Size:   573
Md5:    9d6d0849e0f88f04ba6044729a7bf332
Sha1:   91194bb1f839c4ab78e48367084ffb6ca7da5a28
Sha256: 20559eee8ae65c5a706e7c348960d7fad2a08b02e75f4861f6c66b4bf2c452cc
                                        
                                            GET /-K4hNJ9YcB7I/URKRQe-RbaI/AAAAAAAAB_c/bGaB_wyqaoA/s1600/dotted.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         216.58.211.129
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v7f7"
Expires: Wed, 11 Oct 2017 22:30:27 GMT
Content-Disposition: inline;filename="dotted.png"
Vary: Origin
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 11 Oct 2017 06:15:05 GMT
Server: fife
Content-Length: 155
X-XSS-Protection: 1; mode=block
Age: 3389
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 3 x 3, 8-bit/color RGBA, non-interlaced
Size:   155
Md5:    068bd1f856006d35692c1bdfae79b6a6
Sha1:   b5904975c385f3623cc9d5cf90b555b8e5e9ce7c
Sha256: 68545da4030bd7eac3700eb6c90475da521a97655bae6c755960a66a1b1649cc
                                        
                                            GET /-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         216.58.211.129
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "va1c"
Expires: Wed, 11 Oct 2017 17:01:32 GMT
Content-Disposition: inline;filename="body.gif"
Vary: Origin
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 11 Oct 2017 06:16:03 GMT
Server: fife
Content-Length: 23343
X-XSS-Protection: 1; mode=block
Age: 3331
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200
Size:   23343
Md5:    6f52f16e0c8869759029f92150fac68f
Sha1:   d7171b0111ecbc51953fb6a6a0fcb639c9aacdb2
Sha256: 0ba65009d2629977348e7cc30414a518b21b8fe7f50351fcead70764219b9bb2
                                        
                                            GET /s/oswald/v14/-g5pDUSRgvxvOl5u-a_WHw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Oswald
Origin: http://1001-life-insurances.blogspot.no

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19256
Date: Mon, 04 Sep 2017 14:48:27 GMT
Expires: Tue, 04 Sep 2018 14:48:27 GMT
Last-Modified: Wed, 02 Aug 2017 22:45:08 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 3169387


--- Additional Info ---
Magic:  data
Size:   19256
Md5:    c7b96bb40a63c91659cd45c6e7640a4e
Sha1:   3081c20b7905c25d37b70d0a4d2fa953c6bd4844
Sha256: 1018f6c6e463db9125b987b08593399c5bc4f4b9c49aa6217a15d20dc09f2b1f
                                        
                                            GET /s/ptsansnarrow/v7/UyYrYy3ltEffJV9QueSi4RdbPw3QSf9R-kE0EsQUn2A.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=PT+Sans+Narrow
Origin: http://1001-life-insurances.blogspot.no

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 44404
Date: Mon, 04 Sep 2017 10:50:46 GMT
Expires: Tue, 04 Sep 2018 10:50:46 GMT
Last-Modified: Wed, 27 Aug 2014 23:49:31 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 3183648


--- Additional Info ---
Magic:  data
Size:   44404
Md5:    9b1d9a502946fed5ebfa817b53d4eb74
Sha1:   530b23c453a2b246a327de3c5bcf22a1088bd071
Sha256: a1417f819c2764846fba6bf6a2bbac4b4486c8996f64a6dd08a277f59b554401
                                        
                                            GET /embed/821054/240_180 HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         78.140.183.138
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.10.2
Date: Wed, 11 Oct 2017 07:11:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: lang=en; expires=Thu, 12-Oct-2017 07:11:35 GMT; Max-Age=86400; path=/; domain=.drtuber.com search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D; expires=Wed, 11-Oct-2017 19:11:35 GMT; Max-Age=43200; path=/; domain=.drtuber.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2150
Md5:    5baf23e8fb1cabb74f415125bbd98abc
Sha1:   babcc880b7b6dc6bb85bc3d509528140b7b0e904
Sha256: f9659e66e222d1fe9915971c81a190516b75f1bb9044c05eb006d3739156fcf0
                                        
                                            GET /feeds/posts/summary/-/http://1001-life-insurances.blogspot.no/search/label/?alt=json-in-script&callback=hitungtotaldata&max-results=1 HTTP/1.1 
Host: 1001-life-insurances.blogspot.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         173.194.221.132
HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 11 Oct 2017 07:11:35 GMT
Server: Blogger Render Server 1.0
Content-Length: 193
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  HTML document text
Size:   193
Md5:    83b482393f028e6de91b032e7fae746b
Sha1:   50bad14cd7b4602d7b9f1ef6d769288588594fc8
Sha256: 031cbc91f964c96aa1975380c3bd66f5fe254439f3281bf0e06bc385c3912aa2
                                        
                                            GET /-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         216.58.211.129
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v59d"
Expires: Wed, 11 Oct 2017 20:02:13 GMT
Content-Disposition: inline;filename="footerli.png"
Vary: Origin
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 11 Oct 2017 06:28:46 GMT
Server: fife
Content-Length: 3569
X-XSS-Protection: 1; mode=block
Age: 2569
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 4 x 7, 8-bit/color RGBA, interlaced
Size:   3569
Md5:    280d0cd69675c12bf752cceabb1502f7
Sha1:   931dd6d7487c744e2daaa36b565e14775775e4ea
Sha256: a71cc9c7f45d47492b0bf18a95262af257a63a5e5b16bc28dd55e78d686714af
                                        
                                            GET /templates/drtuber/css/embed.css?v=21.66 HTTP/1.1 
Host: p1.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Mon, 05 Dec 2016 14:53:36 GMT
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksRPQJJojIIxlPBJ4TIV8RKxXnHKPlRhxE9NN2w==
Expires: Wed, 11 Oct 2017 15:49:59 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   4457
Md5:    ed0382c421166c85e8acf34ee3a0d7e2
Sha1:   18afb413e0563bf14067d5f27fad8a9048ab2e8f
Sha256: 56c4d4bb0940147b7028fc05999761c8dc995b7d803f8846d0f3205653903da0
                                        
                                            GET /templates/base_master/js/swfobject.js?v=21.66 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180
Cookie: lang=en; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 06 Nov 2014 11:37:37 GMT
Expires: Wed, 11 Oct 2017 13:32:05 GMT
Cache-Control: max-age=777777
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksR/TPc8mI5LNvl2JqsQuCA==
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2481
Md5:    4fa1c609d3c5b568a40f0cce9ebf6563
Sha1:   5bbcb1dd35e84db379f5ce2ada00dd255072ca52
Sha256: ae5dba59bac5dbe46f5cf41b95a90c84ebd593f38e01e14091e73eafd55b86d3
                                        
                                            GET /templates/base_master/js/jquery.cookie.js?v=21.66 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180
Cookie: lang=en; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 06 Nov 2014 11:37:37 GMT
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksRbRLJojIL786F2C+AqzsyHL7XTPYMLM8CCTUA==
Expires: Sat, 14 Oct 2017 10:49:44 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   721
Md5:    0a22e00f8de0f58e90d2d8ea21998593
Sha1:   5bd1b8a7757a0b25e230fbc918c9dd5cad50b241
Sha256: 32791a3254f53b00bfc24322d5ded4e8dc22426daa16afce99b74c8a7f0dd6a9
                                        
                                            GET /templates/drtuber/js/jquery.adx.embed.js?v=21.66 HTTP/1.1 
Host: p1.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 01 Jul 2016 13:48:25 GMT
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksRPQJJojIIxlPBJ4TIV8RKxXnHKPlRhxE9NM0w==
Expires: Wed, 11 Oct 2017 15:50:00 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4497
Md5:    b87e58594206e40e9a7984d7a813a865
Sha1:   089d61f0e460922e5ce512eba090029c8dbd6c32
Sha256: 8d8723fe610a24f65c1fae4ebfd2a94200c29792886e1a6f715da47ffb70e066
                                        
                                            GET /templates/drtuber/html5_video/theme.css?v=21.66 HTTP/1.1 
Host: p1.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Mon, 05 Dec 2016 15:16:03 GMT
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksRPQJJojIIxlPBJ4TIV8RKxXnHKPlRhxE9NM0w==
Expires: Wed, 11 Oct 2017 15:50:00 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1273
Md5:    47a9a86f7be4ca5f79c8b0477ff6c38d
Sha1:   df5d0d00dedcaa389fc5b51bd676fcf3e8c715db
Sha256: 06ecf03ec5f76d4e6bd1a309d699f1e6066dac863d7c8f638deb704cb73defc4
                                        
                                            GET /templates/base_master/js/html5_video/switch.js?v=21.66 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180
Cookie: lang=en; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:37 GMT
Content-Length: 495
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 04 Oct 2017 16:35:42 GMT
Etag: "59d50dde-1ef"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksR/TPc8mI5LNvl2Jqp05ty4gLXTJg7QKAjLJ
Expires: Fri, 13 Oct 2017 16:39:24 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   495
Md5:    73704ca08d56484366ce8aeb92de9a61
Sha1:   5c4880a2159b6c3afb222ec8cb8507724de19dcc
Sha256: f3033b242fb79a5361b2438930aad894f9e371b8e097bd91ce4e408c5f0097bd
                                        
                                            GET /templates/base_master/libs/jquery/jquery-1.10.0.min.js?v=21.66 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180
Cookie: lang=en; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 27 Aug 2014 14:24:56 GMT
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksR/TPc8mI5LNvl2Jqp05ty4gLXTJg7QKAjLJ
Expires: Wed, 11 Oct 2017 15:51:58 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   38101
Md5:    8b39c49d26aebffb5a023be64d07073c
Sha1:   c83f46bdf04c907b1cb4c7efdd37030014749fd6
Sha256: f42ab01c810ffe56c5b668f90bb0955e4ec3299f9d584e207c7279caa5b31b3c
                                        
                                            GET / HTTP/1.1 
Host: www.cebr.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         52.0.7.30
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Wed, 11 Oct 2017 7:11:37 GMT
Connection: Keep-Alive
Content-Length: 288
Content-Encoding: gzip
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   288
Md5:    4d738f8cfc09215f22dc1a9a98ccfd12
Sha1:   f29a0ec3091c1c66194f43370c352290fa63b6aa
Sha256: c956877f4073066621432b9d215834540d429681003f610627b61e50d3fc98d0
                                        
                                            GET /templates/base_master/js/html5_video/ui-assets.js?v=21.66 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180
Cookie: lang=en; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Mon, 24 Oct 2016 16:11:41 GMT
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksR/TPc8mI5LNvl2Jqp05ty4gLXTJg7QKAjLJ
Expires: Wed, 11 Oct 2017 15:51:44 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   15070
Md5:    056ef0a1440336d618f559edc31e4d51
Sha1:   9ae2e3610c160d89623660efdee1e37e59055f21
Sha256: 8c78f01d2ba764dd4c1549020ccaef166e6a7c3f04e5ead2ac04ac54288a60a4
                                        
                                            GET /templates/base_master/js/html5_video/styles.css?v=21.66 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180
Cookie: lang=en; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Tue, 10 Oct 2017 16:35:08 GMT
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksRbRLJojIL786F2C+AqzsyHL7XTPYMLM8CCSWA==
Expires: Thu, 19 Oct 2017 16:38:41 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6195
Md5:    e4f394c6f634d274475a3f03358c46fb
Sha1:   86b18033f70530e05cc9079acd901418e5d2e1ce
Sha256: 163b670b698063500e4cf5589724217074ba786a06853db3c1f2d6aa78eba9aa
                                        
                                            GET /templates/base_master/js/html5_video/player.js?v=21.66 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180
Cookie: lang=en; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Tue, 10 Oct 2017 16:35:08 GMT
Expires: Thu, 19 Oct 2017 16:38:41 GMT
Cache-Control: max-age=777777
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksR/TPc8mI5LNvl2JqsQuCA==
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   12607
Md5:    e6127c283258bab50f35895815d88c8f
Sha1:   d706732523ec0e4ffa8ce0f0fb4203d766cd8172
Sha256: 203093967855c66ef1ef09aa73dd912af2681e0c90d93e75e2410cbcbf4240ef
                                        
                                            GET /2zv6 HTTP/1.1 
Host: cnhv.co
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cebr.info/

                                         
                                         94.130.129.235
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 11 Oct 2017 07:11:37 GMT
Content-Length: 178
Connection: keep-alive
Location: https://cnhv.co/2zv6


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET / HTTP/1.1 
Host: www.cebr.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1001-life-insurances.blogspot.no/search/label/Once

                                         
                                         52.0.7.30
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Wed, 11 Oct 2017 7:11:37 GMT
Connection: Keep-Alive
Content-Length: 288
Content-Encoding: gzip
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   288
Md5:    4d738f8cfc09215f22dc1a9a98ccfd12
Sha1:   f29a0ec3091c1c66194f43370c352290fa63b6aa
Sha256: c956877f4073066621432b9d215834540d429681003f610627b61e50d3fc98d0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 11 Oct 2017 07:11:38 GMT
Server: Apache
Last-Modified: Mon, 09 Oct 2017 09:41:10 GMT
Expires: Mon, 16 Oct 2017 09:41:10 GMT
Etag: 29B4730753F859D4273C8F76B81537D4CD64D5C7
Cache-Control: max-age=440371,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp35
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    fe4e8f480ba895ee7ddd05a008af02e3
Sha1:   29b4730753f859d4273c8f76b81537d4cd64d5c7
Sha256: 71a1d75f40a81848fc6703fa18368924c102159942545aafe215e17a2b91d566
                                        
                                            GET /player/videoplayer.swf?v=21.66 HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.drtuber.com/embed/821054/240_180
Cookie: lang=en; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.183.138
HTTP/1.1 200 OK
Content-Type: application/x-shockwave-flash
                                        
Server: nginx/1.10.2
Date: Wed, 11 Oct 2017 07:11:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2017 11:07:08 GMT
Etag: W/"588f1e5c-1e25b"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   123316
Md5:    70ebd041742f550cd3e6f7d87fd540c5
Sha1:   6fc593202c7f1d91aca202d3b2b959a4ad15ae78
Sha256: 8a7b667097f02f63ff46470adc2a039156390f888cbce4afc222d19c9c5059e4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 11 Oct 2017 07:11:39 GMT
Server: Apache
Last-Modified: Sat, 07 Oct 2017 21:42:49 GMT
Expires: Sat, 14 Oct 2017 21:42:49 GMT
Etag: D84514A5D7F89CF6AB4CB6DE0C01C83045571124
Cache-Control: max-age=310869,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp30
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    2be8f2c718d7adb47139bbc961aaebf4
Sha1:   d84514a5d7f89cf6ab4cb6de0c01c83045571124
Sha256: 3bc7ccb8df35bd35b7f51ee48001eb13b079445ffafa8d028e8d4766203dd02b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 11 Oct 2017 07:11:39 GMT
Server: Apache
Last-Modified: Sat, 07 Oct 2017 21:42:49 GMT
Expires: Sat, 14 Oct 2017 21:42:49 GMT
Etag: 20FDFAA64AFB2B353C22AE4E6568A04BE372009A
Cache-Control: max-age=310869,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp35
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    21f07293c67b9b8bed5c886028c5c67e
Sha1:   20fdfaa64afb2b353c22ae4e6568a04be372009a
Sha256: f695ff0d262947c608ae89503a3c64b683e9c24b6f56fe98fece2083d6c27775
                                        
                                            GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 
Host: fpdownload2.macromedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         195.159.219.11
HTTP/1.1 200 OK
Content-Type: text/xml
                                        
Server: Apache
Last-Modified: Tue, 10 Oct 2017 09:00:43 GMT
Etag: "60c-55b2d8aca2f07"
Accept-Ranges: bytes
Content-Length: 1548
Date: Wed, 11 Oct 2017 07:11:40 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  XML document text\012 XML document text
Size:   1548
Md5:    e7664061d466c21a4f6b843a5a803007
Sha1:   3cbe9ab67ec553511440bc401627930461d1d2cd
Sha256: cf8c939324f5a50cc7fbf9739d230bc3b99dd80db106b005bef3be53aeb8b28a
                                        
                                            GET /2zv6 HTTP/1.1 
Host: cnhv.co
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cebr.info/

                                         
                                         94.130.129.235
HTTP/1.1 200 OK
Content-Type: text/html; Charset=UTF-8;charset=UTF-8
                                        
Server: nginx
Date: Wed, 11 Oct 2017 07:11:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1108
Md5:    b3baa58ee8e668cd4f3e1f9025a30585
Sha1:   4d363334b444e38304cfa4f84b53523193e36bdc
Sha256: a624c960d713020e8318303f625d5505a8316e81cc457670a46dc7e607c7b158
                                        
                                            GET /player_config/?h=c934da3ec03fa13615f02a9cd9aa7852&embed=1&check_speed=1&t=1507705895&ref=http%3A%2F%2F1001-life-insurances.blogspot.no%2Fsearch%2Flabel%2FOnce&vkey=3542c45ca142ccdb8eb2&pkey=dbd01995aedaf3807cefc3d17c16ce4b&aid=&domain_id= HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: lang=en; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.183.138
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
                                        
Server: nginx/1.10.2
Date: Wed, 11 Oct 2017 07:11:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: lang=en; expires=Thu, 12-Oct-2017 07:11:40 GMT; Max-Age=86400; path=/; domain=.drtuber.com
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4491
Md5:    d21c91b2c73969e67cde87594a7babbe
Sha1:   587f889bcac21efc61cf5c0178c7cbf1ff3e8e90
Sha256: 836b4329f98e28b0c59b2d985782639d2eb86ee0b7bade81979a2821fa8f1803
                                        
                                            GET /media/shortlink.css HTTP/1.1 
Host: cnhv.co
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cnhv.co/2zv6

                                         
                                         94.130.129.235
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 11 Oct 2017 07:11:40 GMT
Content-Length: 961
Last-Modified: Tue, 26 Sep 2017 07:48:00 GMT
Connection: keep-alive
Etag: "59ca0630-3c1"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   961
Md5:    2cb84b46522579a06d2cc3b2d29ca39c
Sha1:   7d4ca936c8f476311d43e34e17e6c4311e1523bf
Sha256: 5106a9c761b8783ca6e395c2bb4189a2fdfd129b2ba8c509d5017541f3ad74f2
                                        
                                            GET /2zv6 HTTP/1.1 
Host: cnhv.co
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cebr.info/

                                         
                                         94.130.129.235
HTTP/1.1 200 OK
Content-Type: text/html; Charset=UTF-8;charset=UTF-8
                                        
Server: nginx
Date: Wed, 11 Oct 2017 07:11:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1108
Md5:    b3baa58ee8e668cd4f3e1f9025a30585
Sha1:   4d363334b444e38304cfa4f84b53523193e36bdc
Sha256: a624c960d713020e8318303f625d5505a8316e81cc457670a46dc7e607c7b158
                                        
                                            GET /media/coinhive-icon.png HTTP/1.1 
Host: cnhv.co
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cnhv.co/2zv6

                                         
                                         94.130.129.235
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 11 Oct 2017 07:11:40 GMT
Content-Length: 8501
Last-Modified: Wed, 20 Sep 2017 10:15:30 GMT
Connection: keep-alive
Etag: "59c23fc2-2135"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 512 x 512, 8-bit/color RGBA, non-interlaced
Size:   8501
Md5:    13fac981d912ae929117759ef9f2ee56
Sha1:   e46eb6d6aeed95945d4e7ab7148b3c9a253ef604
Sha256: 9ba77246c8ea90838d94d004a5b4330eb72002f515cc1e2a49ac085907a57429
                                        
                                            GET /crossdomain.xml HTTP/1.1 
Host: p6.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: text/xml
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:40 GMT
Content-Length: 211
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Mon, 09 Dec 2013 15:12:48 GMT
Etag: "52a5ddf0-d3"
Expires: Sat, 14 Oct 2017 10:49:44 GMT
Cache-Control: max-age=777777
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGpVwdTHU3svMiEoRvY2bxA==
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  XML document text
Size:   211
Md5:    1f900d0f762fc8b437076655577d6d8c
Sha1:   d12d756ad7b12f944d3a6d6aac4b6834022b16e0
Sha256: e939190aee3e77930a5c574de1d1419922d5545cacff0210e4cc54c74cc3816c
                                        
                                            GET /templates/drtuber/player/logo_normal.svg HTTP/1.1 
Host: p6.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 22 Jun 2016 13:11:40 GMT
Expires: Wed, 11 Oct 2017 15:50:03 GMT
Cache-Control: max-age=777777
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGpVwdTHU3svMiEoRvY2bxA==
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1146
Md5:    7ab0ba27e6e7076b4fd1d93e8ba75d0e
Sha1:   de76f744a709965222a6c266d0130a2b08005676
Sha256: 6f8ddc4a94a75a49aa006c4b83340264da5053c7c07da0574c1b2b9994c3ab56
                                        
                                            GET /templates/drtuber/player/logo_hover.svg HTTP/1.1 
Host: p6.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 22 Jun 2016 13:11:40 GMT
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGplzbGTR3eG3v9Ra8Jqpgi3vf2bjWb2BZCa/TA==
Expires: Thu, 12 Oct 2017 00:00:41 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1485
Md5:    82c6de39af179f1a868f09301fc24717
Sha1:   ee7239e799da30fbc3b99bda6ccc710a9afc75ec
Sha256: ea476b91066155007f0b4a2b81f444bf858cafe12a9eb837a7a289e77eee9b89
                                        
                                            GET /templates/drtuber/images/bookmark/face.png HTTP/1.1 
Host: p6.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:40 GMT
Content-Length: 3045
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 19 Sep 2014 08:05:07 GMT
Etag: "541be3b3-be5"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGpVwdTHU3svMiEoRvdSM7F5UC+pXF6dvmFTU
Expires: Wed, 11 Oct 2017 13:43:58 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 44 x 44, 8-bit/color RGBA, non-interlaced
Size:   3045
Md5:    0b215319f1911258129959a732565b66
Sha1:   045f7cadc691ec6ab204447a7d646f22732b8a71
Sha256: e13b54b95dce8f58a545011b74c323bc9a53debe828a98a0eeecd63db31fea26
                                        
                                            GET /templates/drtuber/images/bookmark/tw.png HTTP/1.1 
Host: p6.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:40 GMT
Content-Length: 2595
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 19 Sep 2014 08:05:07 GMT
Etag: "541be3b3-a23"
Expires: Wed, 11 Oct 2017 15:50:03 GMT
Cache-Control: max-age=777777
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGplzbGTR3eG3v9Ra8Jrw9Ng=
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 44 x 44, 8-bit/color RGBA, non-interlaced
Size:   2595
Md5:    1c04728ba2290b51c564898abdaa43c8
Sha1:   856eb8de0617be8617170cb4528d576cf1a12876
Sha256: c9d92b924551b1ab1b1e30cb66bc8b1fec499d3d28db2cfa1ed9f4bad641b602
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 11 Oct 2017 07:11:40 GMT
Server: Apache
Last-Modified: Tue, 10 Oct 2017 19:05:30 GMT
Expires: Tue, 17 Oct 2017 19:05:30 GMT
Etag: 22CF3E09B330CC08E46EACB09D9F431009E68AA5
Cache-Control: max-age=560629,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp35
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    27596f2d321a6d695bb7c397fee419a9
Sha1:   22cf3e09b330cc08e46eacb09d9f431009e68aa5
Sha256: 79ecd8020211bc0d2b0e3901da1be4ca91bc5b79c0740627ffc71909bd1fa83b
                                        
                                            GET /media/videos/tmb/821054/preview/16.jpg HTTP/1.1 
Host: p6.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: ucdn
Date: Wed, 11 Oct 2017 07:11:40 GMT
Content-Length: 33121
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Mon, 06 May 2013 01:58:21 GMT
Etag: "51870e3d-8161"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoULmpf99HehRlSqPZEelzAwftR1NcIjWlD2r3bQ8yZh2v0LfB3E+O2n4KgmoLBL6tf7b2Y7rzVpxfByQzN54HQ+a533hmA==
Expires: Fri, 20 Oct 2017 07:14:37 GMT
Cache-Control: max-age=777777
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "Lavc52.123.0\377"
Size:   33121
Md5:    2d02c437a78353bf22490ab2d9098cfa
Sha1:   8bea6bbb61fcc136420431404c05550e51e10988
Sha256: b1143eac3f50673acd8d921753b8810a1665119716001491e9caa4861b6d3575
                                        
                                            GET /lib/coinhive.min.js HTTP/1.1 
Host: coinhive.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cnhv.co/2zv6

                                         
                                         94.130.129.243
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Wed, 11 Oct 2017 07:11:40 GMT
Last-Modified: Mon, 02 Oct 2017 14:16:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"59d24a38-21e45"
Expires: Wed, 11 Oct 2017 15:11:40 GMT
Cache-Control: max-age=28800
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   43383
Md5:    fe144c72a53ead8a0b0960680f396821
Sha1:   dd8415779b4f07aff98c3c3cf9d8d9e5a2dbc0ae
Sha256: c5c84e973e49b5919fd11bcab34ae5a7cbc68acc717f9ddb6f1f122f35d72269

Alerts:
  urlquery:
    - Crypto currency mining script
  Blacklists:
    - fortinet: Malware