Overview

URL rustam.party
IP52.59.60.69
ASN
Location United States
Report completed2018-11-09 14:58:10 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-11-09 2 basepush.com/ntfc.php?p=1685525 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 8 reports on IP: 52.59.60.69

Date UQ / IDS / BL URL IP
2018-11-14 09:19:47 +0100
0 - 1 - 0 https://www.traking.faith/go/26721f11-2795-46 (...) 52.59.60.69
2018-11-14 08:58:14 +0100
0 - 1 - 0 https://www.traking.faith/go/3ebc2eda-9fc4-47 (...) 52.59.60.69
2018-11-14 07:04:29 +0100
0 - 1 - 0 https://www.traking.faith/go/7055d78f-f05c-42 (...) 52.59.60.69
2018-11-10 00:03:22 +0100
0 - 4 - 0 https://click.abctrack.bid/go/795e1080-39b7-4 (...) 52.59.60.69
2018-11-09 23:37:46 +0100
0 - 4 - 0 https://click.abctrack.bid/go/795e1080-39b7-4 (...) 52.59.60.69
2018-11-09 15:54:46 +0100
0 - 0 - 2 https://wxtpu.bemobtrk.com/go/91b66d8c-9980-4 (...) 52.59.60.69
2018-11-09 15:54:18 +0100
0 - 0 - 2 https://wxtpu.bemobtrk.com/go/5bc96de6-193e-4 (...) 52.59.60.69
2018-11-08 00:28:43 +0100
0 - 0 - 1 https://www.traking.faith/go/7b799baf-2556-4c (...) 52.59.60.69

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2018-11-14 23:56:16 +0100
0 - 3 - 0 staffingconnect.tk/mondaymoney/all1/others?ra (...) 13.233.22.47
2018-11-14 23:54:47 +0100
0 - 3 - 0 staffingconnect.tk/mondaymoney/all1/others/cm (...) 13.233.22.47
2018-11-14 23:52:30 +0100
0 - 0 - 1 esoutenirb.tk 145.239.22.80
2018-11-14 23:52:20 +0100
0 - 0 - 1 https://canaloiu.desi/auth/?email=mpomianek@w (...) 210.16.102.101
2018-11-14 23:49:46 +0100
0 - 0 - 1 sentirrelat.tk/ 145.239.22.80
2018-11-14 23:48:55 +0100
2 - 2 - 1 www.armasteamcsfr.be 51.38.235.105
2018-11-14 23:48:33 +0100
0 - 1 - 0 hidlltu.stream/ 198.54.117.200
2018-11-14 23:46:49 +0100
0 - 0 - 1 epointsmarketing.com/._@_@@@@/.@@@/cmd-login= (...) 108.167.172.159
2018-11-14 23:45:39 +0100
0 - 2 - 0 ketovibes.net/ 34.235.78.102
2018-11-14 23:45:23 +0100
0 - 3 - 2 hotmedicalmarket.su/ 185.225.16.244

No other reports on domain: rustam.party



JavaScript

Executed Scripts (5)


Executed Evals (2)

#1 JavaScript::Eval (size: 5318, repeated: 1) - SHA256: a6a76a343c867c0e8b0ef6339c7fec48580bc2c1e6c0ce80cd805151f90ad6f4

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_SAH').value = d.SAH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_CW').value = d.CW
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
    try {
        document.getElementById('ci_NW').value = d.NW
    } catch (e) {}
    try {
        document.getElementById('ci_HIL').value = d.HIL
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.SAH = window.screen.availHeight
} catch (e) {
    QC.SAH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.CW = document.documentElement.clientWidth
} catch (e) {
    QC.CW = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = window.callPhantom !== undefined || window._phantom !== undefined ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof navigator.sendBeacon === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = navigator.geolocation !== undefined ? 1 : 0
} catch (e) {
    QC.NG = -1
}
try {
    QC.NW = 'webdriver' in navigator ? 1 : 0
} catch (e) {
    QC.NW = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

#2 JavaScript::Eval (size: 613, repeated: 1) - SHA256: 7d79d7f17504a461320f713188b82fa5a1fdfd154969db17892e75294035c861

                                        var a;
var b;
var ix;
if (typeof window.innerWidth != 'undefined') {
    a = window.innerWidth;
    b = window.innerHeight
} else if (typeof document.documentElement != 'undefined' && typeof document.documentElement.clientWidth != 'undefined' && document.documentElement.clientWidth != 0) {
    a = document.documentElement.clientWidth;
    b = document.documentElement.clientHeight
} else {
    a = document.getElementsByTagName('body')[0].clientWidth;
    b = document.getElementsByTagName('body')[0].clientHeight
}
try {
    ix = window.self !== window.top ? 1 : 0
} catch (e) {
    ix = 2
}
document.getElementById('a').value = a;
document.getElementById('b').value = b;
document.getElementById('ix').value = ix;
                                    

Executed Writes (0)



HTTP Transactions (23)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: rustam.party
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         35.156.135.59
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:34 GMT
Content-Length: 174
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: http://a07y2.bemobtrk.com/go/627f6696-3a36-4359-9b06-b54a69438d2e
Vary: Accept
X-Response-Time: 1.153ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   174
Md5:    b92b0844bbfcdd6cc9de92c89dc2b908
Sha1:   b4989fd42bbbee4fa1b23dfc22197f92d17eb25b
Sha256: ec2c55e4838760c2c323acc74d41d26e7700542782a4148c152edf21b6632e33
                                        
                                            GET /go/627f6696-3a36-4359-9b06-b54a69438d2e HTTP/1.1 
Host: a07y2.bemobtrk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         35.156.135.59
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:34 GMT
Content-Length: 256
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: bemob-uniq-visit:627f6696-3a36-4359-9b06-b54a69438d2e=1; Domain=a07y2.bemobtrk.com; Path=/; Expires=Sat, 10 Nov 2018 13:57:34 GMT; HttpOnly bemob-click-id=DuUirv6ZW2bREPfiaqE3m3; Domain=a07y2.bemobtrk.com; Path=/; Expires=Sat, 10 Nov 2018 13:57:34 GMT; HttpOnly
Location: https://a07y2.bemobtrk.com/go/75f38136-b41c-4c0e-b9aa-627a90e104da?cid=DuUirv6ZW2bREPfiaqE3m3&custom1=
Vary: Accept
X-Response-Time: 6.025ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   256
Md5:    868f8372075f9526b251355dfeda5e02
Sha1:   74ce6d6124911a33a51ce3eb9a06bf1aecc4fc1b
Sha256: f158c2a2f9b9aa81f171cbb9582965995bbafb9441b5e08e679d74467d8a49a4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         80.239.159.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 06 Nov 2018 01:23:29 GMT
Etag: 9AC8498B4240052B042AA97D05930B26B9B673BE
X-OCSP-Responder-ID: rmdccaocsp26
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=299789
Expires: Tue, 13 Nov 2018 01:14:03 GMT
Date: Fri, 09 Nov 2018 13:57:34 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    cc9f73ab5439761aec4790feeee7a03f
Sha1:   9ac8498b4240052b042aa97d05930b26b9b673be
Sha256: c93f5f9d8c9c9ab79dff5f7864d0461430580f88da9cc182c677679c675470e3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.159.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 05 Nov 2018 09:27:34 GMT
Etag: DDF3290C7B7E2A2C4325D99E8AE5AFB7DF4F76D6
X-OCSP-Responder-ID: rmdccaocsp23
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=242356
Expires: Mon, 12 Nov 2018 09:16:50 GMT
Date: Fri, 09 Nov 2018 13:57:34 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    77c748838b09ae9cfd392334f9e1f009
Sha1:   ddf3290c7b7e2a2c4325d99e8ae5afb7df4f76d6
Sha256: 456d7b7b2412ac6704faf92634bd6bf91cb4ef84f4f4c5b206d9617732818350
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.159.56
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 05 Nov 2018 09:27:34 GMT
Etag: E996CA4E8F395CBDD143B7F450F12B5C2577A315
X-OCSP-Responder-ID: rmdccaocsp18
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=242366
Expires: Mon, 12 Nov 2018 09:17:00 GMT
Date: Fri, 09 Nov 2018 13:57:34 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    d5ad0cdca1daf4ee01f26fac9656846a
Sha1:   e996ca4e8f395cbdd143b7f450f12b5c2577a315
Sha256: 122ba43fb270c723f54d40877fa7bde5bbe7ae02fccda8f0295f7984bd457a21
                                        
                                            GET /go/75f38136-b41c-4c0e-b9aa-627a90e104da?cid=DuUirv6ZW2bREPfiaqE3m3&custom1= HTTP/1.1 
Host: a07y2.bemobtrk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: bemob-uniq-visit:627f6696-3a36-4359-9b06-b54a69438d2e=1; bemob-click-id=DuUirv6ZW2bREPfiaqE3m3

                                         
                                         35.156.135.59
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:34 GMT
Content-Length: 294
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: bemob-uniq-visit:75f38136-b41c-4c0e-b9aa-627a90e104da=1; Domain=a07y2.bemobtrk.com; Path=/; Expires=Sat, 10 Nov 2018 13:57:34 GMT; HttpOnly bemob-track-url=https%3A%2F%2Flp3.september17.website%2F%3Fbemobdata%3Dc%253D75f38136-b41c-4c0e-b9aa-627a90e104da..a%253D0..b%253D0..e%253DDuUirv6ZW2bREPfiaqE3m3; Domain=a07y2.bemobtrk.com; Path=/; Expires=Sat, 10 Nov 2018 13:57:34 GMT; HttpOnly
Location: https://lp3.september17.website/?bemobdata=c%3D75f38136-b41c-4c0e-b9aa-627a90e104da..a%3D0..b%3D0..e%3DDuUirv6ZW2bREPfiaqE3m3
Vary: Accept
X-Response-Time: 7.800ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubDomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   294
Md5:    699ce2194ab70e73389c5b965fcb862a
Sha1:   584fb65fd0034adba1393818fc0d6fefdbb8fe4f
Sha256: 0fff082cc205b784c955536ee770d416d11f865a71bcb48f6226aff69ccb978d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         80.239.159.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "A6AF246EF13787B54F9A7B192742DE2270FED9C1F935176BD94677C088E677D8"
Last-Modified: Wed, 07 Nov 2018 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43192
Expires: Sat, 10 Nov 2018 01:57:27 GMT
Date: Fri, 09 Nov 2018 13:57:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    858118faf0e101f4b900d0480971c65d
Sha1:   13fd0c40b6e3f45b085dbdfa82bedffb6547b3b7
Sha256: a6af246ef13787b54f9a7b192742de2270fed9c1f935176bd94677c088e677d8
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.159.17
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 08 Nov 2018 22:02:15 GMT
Etag: "1700102a10e2e1328fa48e8130e999f48e997e90"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=10405
Expires: Fri, 09 Nov 2018 16:51:00 GMT
Date: Fri, 09 Nov 2018 13:57:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    ccf490a79ed77b65e6474e309ad84595
Sha1:   1700102a10e2e1328fa48e8130e999f48e997e90
Sha256: d9ead7afef5b2180411b6688639084a3c3615107ccd897ed1519cf986ad72606
                                        
                                            GET /?bemobdata=c%3D75f38136-b41c-4c0e-b9aa-627a90e104da..a%3D0..b%3D0..e%3DDuUirv6ZW2bREPfiaqE3m3 HTTP/1.1 
Host: lp3.september17.website
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         138.197.13.183
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 01 Nov 2018 13:47:29 GMT
Etag: W/"33c9-5799aa8e41e40"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7277
Md5:    6395c39e2cdf4776cba407ec664ea74b
Sha1:   44b389abb4e942da21b90aa731193ca111fb1580
Sha256: 8a0ca31cef847f1c95b194b1b1249e15c54e9637d0a7285eec9bc5b563e9e799
                                        
                                            POST / HTTP/1.1 
Host: status.rapidssl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=145928
Date: Fri, 09 Nov 2018 13:57:35 GMT
Etag: "5be4e7c8-1d7"
Expires: Sun, 11 Nov 2018 06:29:43 GMT
Last-Modified: Fri, 09 Nov 2018 01:50:00 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    ce5458d63812fd6c1fc7a912d3536ae9
Sha1:   c8929c241b5a9d737a3ee6d428a0de9aceb420f8
Sha256: 8543820b90db7f5236995f03770ece4e9a80225c58ef43f2ae8caf1b3ee39ccf
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=111657
Date: Fri, 09 Nov 2018 13:57:35 GMT
Etag: "5be48c67-1d7"
Expires: Sat, 10 Nov 2018 20:58:32 GMT
Last-Modified: Thu, 08 Nov 2018 19:20:07 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    fe8fc7a6be8c4bb25d7f6d9a4f24733f
Sha1:   1600bcdaeb616365621392bccccb8db99c0f9495
Sha256: 39a237fdebecd2474442cc2ccde463159676ca457117b5d088aafd2c02842eda
                                        
                                            GET /ntfc.php?p=1685525 HTTP/1.1 
Host: basepush.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lp3.september17.website/?bemobdata=c%3D75f38136-b41c-4c0e-b9aa-627a90e104da..a%3D0..b%3D0..e%3DDuUirv6ZW2bREPfiaqE3m3

                                         
                                         188.72.202.124
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: SeenToday=1; expires=Sat, 10-Nov-2018 13:57:35 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Sat, 10-Nov-2018 13:57:35 GMT; Max-Age=86400; path=/ oaidts=1541771855; expires=Sat, 09-Nov-2019 13:57:35 GMT; Max-Age=31536000; path=/ OAID=b1ee79f04135d4b32587d37a33561472; expires=Sat, 09-Nov-2019 13:57:35 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4260
Md5:    9559f67031ea0a9c0991f4f1e6eb7c8e
Sha1:   666879f29f4845193c35daddc30e62e2dd580268
Sha256: b45a3589221b22be7dc54ca52598c588415c63769291815d8cdd5df1b8d8001e

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: lp3.september17.website
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         138.197.13.183
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   290
Md5:    ea90ef5beb6f362a7380690d91aaca46
Sha1:   76b104415e1f85cd6d23451acec9e8283d520750
Sha256: 0a093b21c0e482b2a802b83a961b38e2d14d25826187c2edaa577846827d1dbe
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: lp3.september17.website
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         138.197.13.183
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   290
Md5:    ea90ef5beb6f362a7380690d91aaca46
Sha1:   76b104415e1f85cd6d23451acec9e8283d520750
Sha256: 0a093b21c0e482b2a802b83a961b38e2d14d25826187c2edaa577846827d1dbe
                                        
                                            POST / HTTP/1.1 
Host: status.rapidssl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=143898
Date: Fri, 09 Nov 2018 13:57:50 GMT
Etag: "5be49819-1d7"
Expires: Sun, 11 Nov 2018 05:56:08 GMT
Last-Modified: Thu, 08 Nov 2018 20:10:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    834a9ea3c7b56f009e7c11bc85114ebc
Sha1:   cd92dea720f5e1857a2eced29febb94faacdd904
Sha256: 8ed5a987734e785a99199373aaad832a5a3d92a505b61e496bc977fdac785109
                                        
                                            GET /afu.php?zoneid=1671343&var=%7Bcustom1%7D HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lp3.september17.website/?bemobdata=c%3D75f38136-b41c-4c0e-b9aa-627a90e104da..a%3D0..b%3D0..e%3DDuUirv6ZW2bREPfiaqE3m3

                                         
                                         188.42.162.193
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Sat, 10-Nov-2018 13:57:50 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Sat, 10-Nov-2018 13:57:50 GMT; Max-Age=86400; path=/ oaidts=1541771870; expires=Sat, 09-Nov-2019 13:57:50 GMT; Max-Age=31536000; path=/ OAID=c3967c2c9c955fc2c3bdc38ca20c6e85; expires=Sat, 09-Nov-2019 13:57:50 GMT; Max-Age=31536000; path=/ OXVAR=%7Bcustom1%7D; expires=Sat, 10-Nov-2018 13:57:50 GMT; Max-Age=86400; path=/ OAID=c3967c2c9c955fc2c3bdc38ca20c6e85; expires=Sat, 09-Nov-2019 13:57:50 GMT; Max-Age=31536000; path=/ exsdsf=1541771870 pbk3=d5717a3fd0ceb9d7d9f833512cdcf6196621859760623799131; expires=Fri, 09-Nov-2018 14:07:50 GMT; Max-Age=600 ltm_afu=1; expires=Sat, 10-Nov-2018 13:57:50 GMT; Max-Age=86400; path=/
X-Frame-Options: DENY
P3P: CP="CUR ADM OUR NOR STA NID"
X-Used-AdExchange: 1
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4866
Md5:    b44e396b8d5f7680b3556a8243e902f6
Sha1:   9dc8d1b76ed17a059fb84fc386fd468a24c02f03
Sha256: 41c1fdf5229f5253c5388d8d51a837ef1616dcc15c6d95a5158b0f4ece2c87fe
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1541771870; OAID=c3967c2c9c955fc2c3bdc38ca20c6e85; OXVAR=%7Bcustom1%7D; exsdsf=1541771870; pbk3=d5717a3fd0ceb9d7d9f833512cdcf6196621859760623799131; ltm_afu=1

                                         
                                         188.42.162.193
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:51 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /?r=%2Fmb%2Fhan&pbk3=d5717a3fd0ceb9d7d9f833512cdcf6196621859760623799131&empty=0&auction_id=c740f22f-98fb-4415-a3de-a31f7db58a86&var=%7Bcustom1%7D&uuid=4b63d64c-a8d8-44d7-b0df-e8d6c378eec4&ad_scheme=1&rotation_type=2&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=2186&adparams=bm9qcz0wJnNhdmVkX3JlZmVyZXI9aHR0cHMlM0ElMkYlMkZscDMuc2VwdGVtYmVyMTcud2Vic2l0ZSUyRiUzRmJlbW9iZGF0YSUzRGMlMjUzRDc1ZjM4MTM2LWI0MWMtNGMwZS1iOWFhLTYyN2E5MGUxMDRkYS4uYSUyNTNEMC4uYiUyNTNEMC4uZSUyNTNERHVVaXJ2NlpXMmJSRVBmaWFxRTNtMw%3D%3D&ip=f3d5bb63c9dbdcfb475795d659c65a4e&zoneid=1671343&x=1176&y=727&sw=1176&sh=885&sah=855&wx=-4&wy=-4&ww=1184&wh=863&cw=1176&wiw=1176&wih=727&wfc=0&pl=https%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1671343%26var%3D%257Bcustom1%257D&drf=https%3A%2F%2Flp3.september17.website%2F%3Fbemobdata%3Dc%253D75f38136-b41c-4c0e-b9aa-627a90e104da..a%253D0..b%253D0..e%253DDuUirv6ZW2bREPfiaqE3m3&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&nw=0&hil=undefined&id=f7ca6e27b34265d2206f26ed2db80cef&co=1&rf=1&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=1&sf_type=1&timeout=0 HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://bestadbid.com/afu.php?zoneid=1671343&var=%7Bcustom1%7D
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1541771870; OAID=c3967c2c9c955fc2c3bdc38ca20c6e85; OXVAR=%7Bcustom1%7D; exsdsf=1541771870; pbk3=d5717a3fd0ceb9d7d9f833512cdcf6196621859760623799131; ltm_afu=1

                                         
                                         188.42.162.193
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=RPQWQs7C-73Kr2Q8JPjiMNahgzhnlkNwFsCTsQ9LSR4; expires=Fri, 16-Nov-2018 13:57:51 GMT; Max-Age=604800 OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Sat, 10-Nov-2018 13:57:51 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Sat, 10-Nov-2018 13:57:51 GMT; Max-Age=86400; path=/ ppucntstart=1541771871; expires=Sat, 10-Nov-2018 13:57:51 GMT; Max-Age=86400; path=/ allcnt=1; expires=Sat, 09-Nov-2019 13:57:51 GMT; Max-Age=31536000; path=/ OAID=c3967c2c9c955fc2c3bdc38ca20c6e85; expires=Sat, 09-Nov-2019 13:57:51 GMT; Max-Age=31536000; path=/ _OACCAP[1239734]=1; expires=Sat, 09-Nov-2019 13:57:51 GMT; Max-Age=31536000; path=/ _OACBLOCK[1239734]=1541771871; expires=Sun, 09-Dec-2018 13:57:51 GMT; Max-Age=2592000; path=/ _OXCCLK[1239734]=1; expires=Sat, 09-Nov-2019 13:57:51 GMT; Max-Age=31536000; path=/ _OXPCLK[130455]=1; expires=Sat, 09-Nov-2019 13:57:51 GMT; Max-Age=31536000; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://speednetwork14.adk2x.com/imp?p=70553109&ct=html&ap=1303&iss=0&f=0&psid=1671343
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            GET /imp?p=70553109&ct=html&ap=1303&iss=0&f=0&psid=1671343 HTTP/1.1 
Host: speednetwork14.adk2x.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         130.211.54.133
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Fri, 09 Nov 2018 13:57:52 GMT
Location: http://speednetwork14.adk2x.com/ul_cb/imp?p=70553109&ct=html&ap=1303&iss=0&f=0&psid=1671343
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: xuuid=5a78d395-ff65-4cb1-995f-44ea81d6e2f4; path=/; expires=Sun, 08-Nov-2020 13:57:52 GMT; domain=.adk2x.com xuuid_lu=1541771872; path=/; expires=Sun, 08-Nov-2020 13:57:52 GMT; domain=.adk2x.com


--- Additional Info ---
                                        
                                            GET /ul_cb/imp?p=70553109&ct=html&ap=1303&iss=0&f=0&psid=1671343 HTTP/1.1 
Host: speednetwork14.adk2x.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: xuuid=5a78d395-ff65-4cb1-995f-44ea81d6e2f4; xuuid_lu=1541771872

                                         
                                         130.211.54.133
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Fri, 09 Nov 2018 13:57:52 GMT
Location: http://adserving.unibet.com/redirect.aspx?bid=23705&pid=2100956&sref=MTM&MTM=82032423
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: xuuid=5a78d395-ff65-4cb1-995f-44ea81d6e2f4; path=/; expires=Sun, 08-Nov-2020 13:57:52 GMT; domain=.adk2x.com xuuid_lu=1541771872; path=/; expires=Sun, 08-Nov-2020 13:57:52 GMT; domain=.adk2x.com ih=!82032423,311014672; path=/; expires=Sun, 08-Nov-2020 13:57:52 GMT; domain=.adk2x.com dh=!81574724,311014672; path=/; expires=Sun, 08-Nov-2020 13:57:52 GMT; domain=.adk2x.com lcri5m=!82032424,1,311014672; path=/; expires=Sun, 08-Nov-2020 13:57:52 GMT; domain=.adk2x.com lcai9h=!70556276,1,311014672; path=/; expires=Sun, 08-Nov-2020 13:57:52 GMT; domain=.adk2x.com


--- Additional Info ---
                                        
                                            GET /redirect.aspx?bid=23705&pid=2100956&sref=MTM&MTM=82032423 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         85.184.96.10
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Fri, 09 Nov 2018 13:57:52 GMT
Content-Length: 162
Connection: keep-alive
Location: https://adserving.unibet.com/redirect.aspx?bid=23705&pid=2100956&sref=MTM&MTM=82032423
Server: kindred-loadbalancer
Strict-Transport-Security: max-age=63072000; preload
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
X-DD-Host: inf5285


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1541771870; OAID=c3967c2c9c955fc2c3bdc38ca20c6e85; OXVAR=%7Bcustom1%7D; exsdsf=1541771870; pbk3=d5717a3fd0ceb9d7d9f833512cdcf6196621859760623799131; ltm_afu=1; f3d5bb63c9dbdcfb475795d659c65a4e=RPQWQs7C-73Kr2Q8JPjiMNahgzhnlkNwFsCTsQ9LSR4; ppucnt=1; ppucntstart=1541771871; allcnt=1; _OACCAP[1239734]=1; _OACBLOCK[1239734]=1541771871; _OXCCLK[1239734]=1; _OXPCLK[130455]=1

                                         
                                         188.42.162.193
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 09 Nov 2018 13:57:54 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /redirect.aspx?bid=23705&pid=2100956&sref=MTM&MTM=82032423 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         0.0.0.0
                                        


--- Additional Info ---