Overview

URL kadoshturismo.com.br/wp-content/themes/indexx1.html
IP191.252.105.234
ASN
Location Brazil
Report completed2017-09-22 04:33:46 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-09-22 2 kadoshturismo.com.br/wp-content/themes/indexx1.html Phishing
2017-09-22 2 kadoshturismo.com.br/js/FS.swf Phishing
2017-09-22 2 www.kadoshturismo.com.br/js/FS.swf Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 191.252.105.234

Date UQ / IDS / BL URL IP
2017-11-13 00:16:06 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-admin/user/in (...) 191.252.105.234
2017-11-06 17:18:11 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-content1/intel.htm 191.252.105.234
2017-11-06 08:08:38 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-content1/intel.htm 191.252.105.234
2017-11-06 06:41:48 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-content1/intel.htm 191.252.105.234
2017-11-04 05:35:49 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-content1/intel.htm 191.252.105.234
2017-11-03 18:17:37 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-content1/intel.htm 191.252.105.234
2017-09-28 00:02:05 +0200
0 - 0 - 0 frtrg.co.in/.1/?email=premiumseating@rosebowl (...) 191.252.105.234
2017-09-26 11:32:32 +0200
0 - 0 - 0 https://janku.co.in/L/?email=ux@verint.com 191.252.105.234
2017-09-25 17:21:12 +0200
0 - 0 - 0 https://janku.co.in/L/? 191.252.105.234
2017-09-21 22:54:04 +0200
0 - 0 - 3 https://kadoshturismo.com.br/wp-content/theme (...) 191.252.105.234

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2017-11-25 01:01:42 +0100
0 - 0 - 0 https://www.eventbrite.com/e/live-streaming-m (...) 34.203.126.169
2017-11-25 00:59:36 +0100
0 - 1 - 1 adtrkr9.com/s/1fd3fedf-c495-43e2-ba18-71c62a4 (...) 34.215.74.200
2017-11-25 00:58:35 +0100
3 - 0 - 0 bu5dphwatch.jurig.4pu.com/22/invaders_of_the_ (...) 173.212.192.112
2017-11-25 00:58:20 +0100
0 - 0 - 0 https://www.eventbrite.com/e/live-streaming-h (...) 34.224.9.38
2017-11-25 00:55:34 +0100
0 - 0 - 1 particulier-societegenral.com/Identification/ (...) 209.182.201.247
2017-11-25 00:54:34 +0100
0 - 0 - 0 www.eventbrite.com/e/live-streaming-toronto-r (...) 34.202.46.121
2017-11-25 00:52:09 +0100
0 - 0 - 2 www.qychly.com/news/show/id/129.html 160.202.90.103
2017-11-25 00:52:07 +0100
0 - 0 - 0 https://www.crowdrise.com/o/en/campaign/fullw (...) 52.9.186.20
2017-11-25 00:50:20 +0100
0 - 0 - 0 https://www.eventbrite.com/e/live-streaming-n (...) 34.203.126.169
2017-11-25 00:46:55 +0100
0 - 0 - 0 https://www.eventbrite.com/e/live-streaming-a (...) 34.203.126.169

Last 7 reports on domain: kadoshturismo.com.br

Date UQ / IDS / BL URL IP
2017-11-13 00:16:06 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-admin/user/in (...) 191.252.105.234
2017-11-06 17:18:11 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-content1/intel.htm 191.252.105.234
2017-11-06 08:08:38 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-content1/intel.htm 191.252.105.234
2017-11-06 06:41:48 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-content1/intel.htm 191.252.105.234
2017-11-04 05:35:49 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-content1/intel.htm 191.252.105.234
2017-11-03 18:17:37 +0100
0 - 0 - 1 https://kadoshturismo.com.br/wp-content1/intel.htm 191.252.105.234
2017-09-21 22:54:04 +0200
0 - 0 - 3 https://kadoshturismo.com.br/wp-content/theme (...) 191.252.105.234


JavaScript

Executed Scripts (28)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 270, repeated: 1) - SHA256: 38229b93f51f053c77c2fdb0429fe715e75c46b9424d3c0facad1fc7c959b30a

                                        < embed src = "/js/FS.swf"
width = "0%"
height = "0%"
align = "middle"
id = "FS"
quality = "high"
bgcolor = "#869ca7"
name = "/js/FS"
flashvars = "cn=dp&p=/"
allowScriptAccess = "sameDomain"
pluginspage = "http://www.adobe.com/go/getflashplayer"
type = "application/x-shockwave-flash" > < /embed>
                                    


HTTP Transactions (71)


Request Response
                                        
                                            GET /wp-content/themes/indexx1.html HTTP/1.1 
Host: kadoshturismo.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         191.252.105.234
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 22 Sep 2017 02:33:12 GMT
Server: Apache
Last-Modified: Wed, 06 Sep 2017 08:32:11 GMT
Accept-Ranges: bytes
Content-Length: 19465
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII HTML document text, with very long lines, with CRLF line terminators
Size:   19465
Md5:    9bf5cde1c5bca9464b435269b9d880ab
Sha1:   59420e896698af262ab9cb0270599d9ee0626168
Sha256: 7a8f19165be9ee668abd5b850a7586f46fbda1e7a87d12f8f27e5802d1340185

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Fri, 22 Sep 2017 02:33:13 GMT
Etag: "59c41c9e-1d7"
Expires: Thu, 28 Sep 2017 14:33:13 GMT
Last-Modified: Thu, 21 Sep 2017 20:10:06 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    adb77c0668275d6ebeebef5c4fa7e881
Sha1:   dbb7c585d0733c4355979c5cf1083f846f5a3c85
Sha256: 8c8c31c677eb92f4e4e1b3c195e8564b5b8ad9bb6f8823a1172e91e775ef2d08
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Fri, 22 Sep 2017 02:33:13 GMT
Etag: "59c44e11-1d7"
Expires: Thu, 28 Sep 2017 14:33:13 GMT
Last-Modified: Thu, 21 Sep 2017 23:41:05 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    5e9d52f2bf3591b20b3772d1b5180c04
Sha1:   ca6d5ed42b0f5266c258924f50caeff2bb373ac3
Sha256: 755ccb2c381c495871f16de1dab2606c4e760552162bd0016bc009d26ada9b75
                                        
                                            GET /aoldotcom-releases/sns/sns-login-screen.js HTTP/1.1 
Host: s.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Cache-Control: max-age=365000000, immutable
Date: Fri, 22 Sep 2017 02:33:14 GMT
Etag: "aa7e92105fcb20f079dd23cd77cccf32+gzip"
Last-Modified: Wed, 31 May 2017 18:09:00 GMT
Server: ECAcc (arn/4697)
Vary: Accept-Encoding
x-amz-id-2: FVneLr/tQdre6YAMuIGjmEHVpI8ay/2QUc1gqhGFRo2oUg+WQEpm+hbLTiNko1y41UZw3KLuVlw=
x-amz-request-id: 496FC0399FDA475F
X-Cache: HIT
Content-Length: 4847


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Wed May 31 20:09:00 2017
Size:   4847
Md5:    1e29de3e6bf5513bcc88ee4d21c0c09d
Sha1:   93f89e9b7b47444ef631f1ec6bb60c88c3460b4c
Sha256: f8c4483a33a955b0545cf37e005e9624288183c2634a96549aafbee90c14d782
                                        
                                            GET /os/landingpages/css/multiformat-ad.css HTTP/1.1 
Host: s.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Cache-Control: public, max-age=604800
Date: Fri, 22 Sep 2017 02:33:14 GMT
Etag: "81c787639f0edbdfc31cc3233c820a60+gzip"
Last-Modified: Wed, 29 Mar 2017 00:38:47 GMT
Server: ECAcc (arn/45BA)
Vary: Accept-Encoding
x-amz-id-2: 5CTT9k6vdTueG518YXPNpJQrPGsILtItqENmFDUYYyqtfR8Zv27T27mTdM8dtaWKlZQwvJBfvhg=
x-amz-request-id: E1CFD0B17373F827
X-Cache: HIT
Content-Length: 493


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Wed Mar 29 02:38:47 2017
Size:   493
Md5:    c4100f2a7e0472e8018292a9c10c7d4e
Sha1:   172ad426c09cac2b54ff998efdc0593753b4ab2e
Sha256: 1981cf964da009170cecfc61119c5993463942882136efeda97649f9b6e91e20
                                        
                                            GET /os/landingpages/images/error.gif HTTP/1.1 
Host: s.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
Date: Fri, 22 Sep 2017 02:33:14 GMT
Etag: "0c8daa3780d67dae9aa8a916a83b00e2"
Last-Modified: Wed, 29 Mar 2017 00:41:25 GMT
Server: ECAcc (arn/45B6)
x-amz-id-2: R13hoaI94aahEMg8MJrl3MJcr2FhDRhyJms/wk8UIQGnV7KbI/TlEA0x0LLEgFC8SC/Rm3lWlus=
x-amz-request-id: CE07A759AC45FB5D
X-Cache: HIT
Content-Length: 1021


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16
Size:   1021
Md5:    0c8daa3780d67dae9aa8a916a83b00e2
Sha1:   910892da7315835e91a0a67892ffa4874c94f54f
Sha256: 07981e5b5f4c84246a00de0212f7f4af17cae9e45c4bdf357ced2cad8a1bbc32
                                        
                                            GET /os/landingpages/js/ready.min.js HTTP/1.1 
Host: s.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Cache-Control: public, max-age=604800
Date: Fri, 22 Sep 2017 02:33:14 GMT
Etag: "a2f71869185314d3a8f6729c1dcde337+gzip"
Last-Modified: Wed, 29 Mar 2017 00:42:24 GMT
Server: ECAcc (arn/45D8)
Vary: Accept-Encoding
x-amz-id-2: J3w5t/Gtptf4/FM8rghHKWjziipgHRDNOdG59sTyXpiPoGA4fx1rt2WkbZKDwmr2gD7K58PTYO0=
x-amz-request-id: AC522A1756FDA824
X-Cache: HIT
Content-Length: 329


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Wed Mar 29 02:42:24 2017
Size:   329
Md5:    9b469c143413f5bc0a25d1aaec92f63e
Sha1:   aac4c4dd4ab4d621fae7e31c9b98050874c4caff
Sha256: 518ae1d20835fa11a691841de90da74ea94ba160e8de3af3710cf73f6f5201da
                                        
                                            GET /os/landingpages/js/sns_v11r11_1/snslanding.js HTTP/1.1 
Host: s.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Cache-Control: public, max-age=604800
Date: Fri, 22 Sep 2017 02:33:14 GMT
Etag: "5b4712a5911177ce0445f76dddadb6ef+gzip"
Last-Modified: Wed, 29 Mar 2017 00:42:25 GMT
Server: ECAcc (arn/45CE)
Vary: Accept-Encoding
x-amz-id-2: M6q4kG2YFx5G6vz58ly4XPQaflvF7iScWdRAUx1puaQbwEIZB9xtoZpUPvCzbQcBMGDMH5W/Bl8=
x-amz-request-id: 938829DE9E6B4047
X-Cache: HIT
Content-Length: 701


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Wed Mar 29 02:42:25 2017
Size:   701
Md5:    8e77690c47475e424bcca7f6a6f55834
Sha1:   1a0213767b78704b71a3dc895d3fba550a2c23af
Sha256: 879379195e100e79bd0e717a3400659f9344c84d2b4eaad3b839e0b88c8cfbd5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Fri, 22 Sep 2017 02:33:14 GMT
Etag: "59c3e01d-1d7"
Expires: Thu, 28 Sep 2017 14:33:14 GMT
Last-Modified: Thu, 21 Sep 2017 15:51:57 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    2482d10b5f84c7bd6bc238a33a395f15
Sha1:   065b76e5d4a41e7b55c9d42dfd9e86ce3a65ca07
Sha256: cb852e02f7d5ec0c1940f630f1f3f5151e436b7e9312b8af30686ecf89cafd57
                                        
                                            GET /os/landingpages/css/hdr_err.css HTTP/1.1 
Host: s.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Cache-Control: public, max-age=604800
Date: Fri, 22 Sep 2017 02:33:14 GMT
Etag: "9b1cd1705fcde95140f8e435f8b650a1+gzip"
Last-Modified: Wed, 29 Mar 2017 00:38:43 GMT
Server: ECAcc (arn/45B4)
Vary: Accept-Encoding
x-amz-id-2: TjgxHVQQnVj1gc7PcCTz761EHw226LokWP0oJFvIVwDh5klPMPWiqz6CTXdctsHU6AiUhxtbewA=
x-amz-request-id: 5C86DBA2DAA6C4DD
X-Cache: HIT
Content-Length: 344


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Wed Mar 29 02:38:43 2017
Size:   344
Md5:    e594d887497d1322913ff2f859478e2e
Sha1:   d424221c810b8474ba184cb38408f914e87ebdae
Sha256: 3bbacd403938b441f1cde83bcf2ac489c5ffcad2ef6d8c7c4d03959d638688d7
                                        
                                            GET /os/landingpages/css/sns_v11r11_1/snslanding.css HTTP/1.1 
Host: s.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Cache-Control: public, max-age=604800
Date: Fri, 22 Sep 2017 02:33:14 GMT
Etag: "3611224aacac0b81c06ce6bc75dd684f+gzip"
Last-Modified: Wed, 29 Mar 2017 00:38:51 GMT
Server: ECAcc (arn/45B0)
Vary: Accept-Encoding
x-amz-id-2: qEtkNiTSoVdsxAJzAx6PBnZ3Ns0iGyx36f/h/pGysjpSGrCEmG0J3Asuez7VyTcn+GBTGQZgL5I=
x-amz-request-id: 486704F1A2308871
X-Cache: HIT
Content-Length: 387533


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Wed Mar 29 02:38:51 2017
Size:   387533
Md5:    5f2c21822fcdc7e54cbe077792ab12c6
Sha1:   3f17dde82dfcaea3657135e7cf5857d7bfa71bf8
Sha256: 09d2613d3199ec89bed573b274626d1c7f25204a389d28d09c0d72dcbc88b797
                                        
                                            GET /sns.v17r6/style/lpUiStyles.css HTTP/1.1 
Host: sns-static.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         195.93.85.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Age: 1383656
Date: Wed, 06 Sep 2017 02:14:10 GMT
Expires: Fri, 06 Oct 2017 02:14:11 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: AOL-CACHE
Etag: "KXGELCCNGHKXW"
Server: Auth_Server
Accept-Ranges: bytes
Cteonnt-Length: 11275
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15, max=996
Content-Encoding: gzip
Content-Length: 3433


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3433
Md5:    ad783051a62743fb423eeb218a58a1e5
Sha1:   c48484cd1bc24f745ef16572a5fe5fbe450c221c
Sha256: 7a8358dcd3cb5c697e32cbb1d29255bfa4dbe2cb9157bc7729ccf320eb68849e
                                        
                                            GET /aoldotcom-releases/sns/sns-login-screen.css HTTP/1.1 
Host: s.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
                                        
Content-Encoding: gzip
Cache-Control: max-age=365000000, immutable
Date: Fri, 22 Sep 2017 02:33:14 GMT
Etag: "07e54e34645f70b81d213ae7f0f8e5af+gzip"
Last-Modified: Tue, 18 Apr 2017 17:57:36 GMT
Server: ECAcc (arn/45AD)
Vary: Accept-Encoding
x-amz-id-2: ul1GrFTuei1euCHfUhchDOQ366EWwulw6Q4HeGKKE0EVZ8aHM3cCMEEuz05+U/KMFu7qcD0qCls=
x-amz-request-id: 0F7CEE71BEA80B8A
X-Cache: HIT
Content-Length: 542


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Tue Apr 18 19:57:36 2017
Size:   542
Md5:    45e41501493ae4a546dea47e7336766e
Sha1:   28fa141e62c8f3d6c1fc745ffb2a154292788313
Sha256: 03d01b8ed4270ea5fb756f12d3baa18c51881a3ed3d23d83bf497f983cf47bbe
                                        
                                            GET /sns.v17r6/images/lp-ui-logo-header.svg HTTP/1.1 
Host: sns-static.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         195.93.85.179
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 22 Sep 2017 02:33:14 GMT
Server: Auth_Server
Accept-Ranges: bytes
Content-Length: 1330
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15, max=1000
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text
Size:   1330
Md5:    221797b1861e1edf8158ea77436dac61
Sha1:   65fffa15cfef1df6c4859f6a5423c9bcbaa01783
Sha256: 64cc82939599ae62a09db24a8daaa3c0dd6118fba01a94be9e6ab8c68e3b7352
                                        
                                            GET /sns.v17r6/style/fonts/openSans.css HTTP/1.1 
Host: sns-static.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sns-static.aolcdn.com/sns.v17r6/style/lpUiStyles.css

                                         
                                         195.93.85.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 22 Sep 2017 02:33:14 GMT
Server: Auth_Server
Accept-Ranges: bytes
Cteonnt-Length: 604073
Cache-Control: max-age=2592000
Expires: Sun, 22 Oct 2017 02:33:14 GMT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15, max=1000
Connection: Keep-Alive
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   500269
Md5:    1baf5ebe7b3647cac913b0b196e0001f
Sha1:   8072165bf725fc0f5dea3c97d9d59b63e6dae598
Sha256: 5eb4e397651b2f4dedcd2d8e51f54cefbb351dfc530f731728fe10929067f9fa
                                        
                                            GET /sns.v17r6/js/lpUi.js HTTP/1.1 
Host: sns-static.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         195.93.85.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Age: 1383657
Date: Wed, 06 Sep 2017 02:14:11 GMT
Expires: Fri, 06 Oct 2017 02:14:11 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: AOL-CACHE
Etag: "KXGELCCNGHZWW"
Server: Auth_Server
Accept-Ranges: bytes
Cteonnt-Length: 11058
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15, max=974
Content-Encoding: gzip
Content-Length: 4070


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4070
Md5:    a22211058882586d98d6c91fdb900add
Sha1:   b3fb28fb81aa15d5db53101d29271c24a6091e3b
Sha256: 37c6ede236581d5b08b4219adb5e4e40049d8f803be78c2213ca15f77c84cae6
                                        
                                            GET /sns.v17r6/js/util.js HTTP/1.1 
Host: sns-static.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         195.93.85.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Age: 1383660
Date: Wed, 06 Sep 2017 02:14:09 GMT
Expires: Fri, 06 Oct 2017 02:14:09 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: AOL-CACHE
Etag: "KXGELCCNGHZXW"
Server: Auth_Server
Accept-Ranges: bytes
Cteonnt-Length: 27946
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15, max=981
Content-Encoding: gzip
Content-Length: 10538


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10538
Md5:    c90a96366c7605ca0f2364800fca3faf
Sha1:   ac7b48ae36f69d59442f28d2da8247792ad21a28
Sha256: 86d38ecabbd739327f8d27f6ccd77696ed6f62eb2885a2d17925a6ebb2836079
                                        
                                            GET /sns.v17r6/js/AC_OETags.js HTTP/1.1 
Host: sns-static.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         195.93.85.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Age: 1383657
Date: Wed, 06 Sep 2017 02:14:11 GMT
Expires: Fri, 06 Oct 2017 02:14:11 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: AOL-CACHE
Etag: "KXGELCCNGHSVW"
Server: Auth_Server
Accept-Ranges: bytes
Cteonnt-Length: 4336
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15, max=958
Content-Encoding: gzip
Content-Length: 1744


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1744
Md5:    a2f6c44403f9f4c66e6c8bef93ec56b9
Sha1:   b88470067a0ebf382812ebe7a4f19d41ed721dc4
Sha256: 6dc478175d2e713c6ec0d7d8880de199d4385b8a1942886335512f60cb6fac51
                                        
                                            GET /sns.v17r6/js/fs.js HTTP/1.1 
Host: sns-static.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         195.93.85.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Age: 1383657
Date: Wed, 06 Sep 2017 02:14:11 GMT
Expires: Fri, 06 Oct 2017 02:14:11 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: AOL-CACHE
Etag: "KXGELCCNGHYXW"
Server: Auth_Server
Accept-Ranges: bytes
Cteonnt-Length: 1329
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15, max=980
Content-Encoding: gzip
Content-Length: 796


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   796
Md5:    4321664e0af8b1e9ecdfc3a02100b9cf
Sha1:   3a2a0a873eba81d0f959cc038029400692b81864
Sha256: 1ff02d390523bc712ac33ca8fe1ac9b6fd1f4c737ead34190b0422c7d1775e8a
                                        
                                            GET /sns.v17r6/images/lp-ui-logo-header.svg HTTP/1.1 
Host: sns-static.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         195.93.85.179
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 22 Sep 2017 02:33:16 GMT
Server: Auth_Server
Accept-Ranges: bytes
Content-Length: 1330
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15, max=999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text
Size:   1330
Md5:    221797b1861e1edf8158ea77436dac61
Sha1:   65fffa15cfef1df6c4859f6a5423c9bcbaa01783
Sha256: 64cc82939599ae62a09db24a8daaa3c0dd6118fba01a94be9e6ab8c68e3b7352
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Fri, 22 Sep 2017 02:33:17 GMT
Etag: "59c3c84a-1d7"
Expires: Thu, 28 Sep 2017 14:33:17 GMT
Last-Modified: Thu, 21 Sep 2017 14:10:18 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    6ef42c9e57515260f0fb7cfe85fab81b
Sha1:   d27ebb4c6f165fc01aab7f46b0a51edf5c55aa11
Sha256: 1cad1eb309ebd8a96dcdf6fcd1a90bd839c3bbf5d15c9247348f5abd3d13cbd4
                                        
                                            GET /os/aol/beacon.min.js HTTP/1.1 
Host: o.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Content-Encoding: gzip
Date: Fri, 22 Sep 2017 02:33:19 GMT
Etag: "4807bf87c7358e9228c18c71db9f5678+gzip"
Last-Modified: Thu, 01 Jun 2017 16:56:10 GMT
Server: ECAcc (arn/4593)
Vary: Accept-Encoding
x-amz-id-2: 7TPGsr45LbPaPl85Mmlnra/ivu4aiAlJ+tk/f6Et25SB6YRx5NIKASxUq8MDbaZBauk9HNHxD9U=
x-amz-replication-status: FAILED
x-amz-request-id: D25A5FF94F7E85FE
x-amz-version-id: HlJxAnhCh46EoLj1b.8PWUNiHTnymU4C
X-Cache: HIT
Content-Length: 8971


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Thu Jun 01 18:56:10 2017
Size:   8971
Md5:    9ac85b7d5e3fbb480869d5044f1b1980
Sha1:   57b63bb8609649496d606aeb946e66f81f1f6c62
Sha256: 5048c10551ac4f8952a3c62f71549b7031ea1d81c5c9098d778e4127aa250b4e
                                        
                                            GET /os/aol/omniture.min.js HTTP/1.1 
Host: o.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Content-Encoding: gzip
Date: Fri, 22 Sep 2017 02:33:19 GMT
Etag: "0331fc89ed853115dbf0946b3baba365+gzip"
Last-Modified: Wed, 17 May 2017 17:11:33 GMT
Server: ECAcc (arn/4594)
Vary: Accept-Encoding
x-amz-id-2: z3keE+RMchEvwmKkkthHw9fuFqnm1gI1TcM5bVnoP5yQRe9wk/ysMnuCGv669pkv9JifTNnMJJQ=
x-amz-replication-status: FAILED
x-amz-request-id: C4274FAF8B690FE5
x-amz-version-id: I5RbSbURtQ7raxhUNHHolSqpX.D6C4DN
X-Cache: HIT
Content-Length: 31238


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Wed May 17 19:11:33 2017
Size:   31238
Md5:    285bc8aa3a8b165547870bf837bd4762
Sha1:   c4ace92fd60f89119b307f88836eb57dc163f46c
Sha256: dca7620570f295b82253e7ddb03b43edf0a738a72b868604fa0095dac69a8986
                                        
                                            GET / HTTP/1.1 
Host: sns-login-screen.comet.aol.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         52.21.182.232
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Date: Fri, 22 Sep 2017 02:33:19 GMT
request-id: 654eb66a-9f3e-11e7-89be-06726fd7d2e4
Server: Apache
Vary: Accept-Encoding
Via: kong/0.8.1
X-AOL-HN: i-0ebd07328d1d7d846
X-Content-Type-Options: nosniff
X-Kong-Proxy-Latency: 0
X-Kong-Upstream-Latency: 407
X-XSS-Protection: 1; mode=block
Content-Length: 10450
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10450
Md5:    9d9767e3c10504da3c60ab8bfb8cd9a2
Sha1:   6510452c569f283c28278dce12eebc3514aa4bb5
Sha256: 5245849e0a32270e03336ea6c63fffcfd5d7aecef2d27ef73006198e8b4b608f
                                        
                                            GET /aoldotcom-releases/assets/20170921_1245/stylesheets/sns-grid.css HTTP/1.1 
Host: s.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sns-login-screen.comet.aol.com/

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
                                        
Content-Encoding: gzip
Cache-Control: max-age=365000000, immutable
Date: Fri, 22 Sep 2017 02:33:19 GMT
Etag: "cadc3e220b5b46fa64072aaab51595b0+gzip"
Last-Modified: Thu, 21 Sep 2017 16:45:22 GMT
Server: ECAcc (arn/458F)
Vary: Accept-Encoding
x-amz-id-2: SGm1UJQsnIpSpRwaqmJVkXXh1WXttBZjwCVu26zmfeLgxp1qk3khIfgFxeYvov6XRYZRqMhKylI=
x-amz-request-id: 78DB71361CDFDFD0
X-Cache: HIT
Content-Length: 2087


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Thu Sep 21 18:45:22 2017
Size:   2087
Md5:    66c05cc1a1c142b00036f02db72f8044
Sha1:   e4e09ff4b945d9b43e2faeb12e34e16ca128bfb3
Sha256: f225c06d81bc50d584ea343cee9dbf6be65021c11fd1deed9350873fb9387b40
                                        
                                            GET /ads/adsWrapper.js HTTP/1.1 
Host: o.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sns-login-screen.comet.aol.com/

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Cache-Control: public,max-age=86400
Date: Fri, 22 Sep 2017 02:33:19 GMT
Etag: "f7a9aeab7773ec9d723017979cc431e2+gzip"
Last-Modified: Thu, 21 Sep 2017 18:26:56 GMT
Server: ECAcc (arn/45BE)
Vary: Accept-Encoding
x-amz-expiration: expiry-date="Sat, 27 Oct 2018 00:00:00 GMT", rule-id="aolp-prd-o-and-o-uac"
x-amz-id-2: 0U7Rdf+aGz3JokU2//B3w/rRQUBCyDKyyvR73BN97l21ATIpQF2C6Rqx/F7HwncUVSjqFiaEhFU=
x-amz-request-id: 110FD9E7F5A9E780
x-amz-server-side-encryption: AES256
x-amz-version-id: IiAUMX9FKdukTInQId5Tvgwf2OmiE45T
X-Cache: HIT
Content-Length: 15887


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Thu Sep 21 20:26:56 2017
Size:   15887
Md5:    3c45f2aa947a91e1f79ed5371a52b27f
Sha1:   00861a238c210a1ab3d68334268a67d4be53b930
Sha256: 677fcda58a70b93ad54b2749e9703b33bbb842253240238ee8406427c6e8ca1b
                                        
                                            GET /aoldotcom-releases/site/javascripts/jquery-1.12.0.min.js HTTP/1.1 
Host: s.aolcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sns-login-screen.comet.aol.com/

                                         
                                         192.229.221.24
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Content-Encoding: gzip
Date: Fri, 22 Sep 2017 02:33:19 GMT
Etag: "cbb11b58473b2d672f4ed53abbb67336+gzip"
Last-Modified: Wed, 08 Mar 2017 18:49:44 GMT
Server: ECAcc (arn/45D4)
Vary: Accept-Encoding
x-amz-id-2: +h4b2n60WiHxq4wT26BpuXry0kiiHOGZy8BsKZvpGohNWTve9c4K8F6dSM3fp4tUAD5tHdnd6Cg=
x-amz-request-id: 7D9959A18B39E6ED
X-Cache: HIT
Content-Length: 33878


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Wed Mar 08 19:49:44 2017
Size:   33878
Md5:    15fa693408671b4c99f52611cf3e79b4
Sha1:   4e671553d73fff135fe6711beb0120479b3270cc
Sha256: f07cee5dfd819934fc98ecc8e0434f3057c473e4766bda973fb2e7e6c74e7617
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Fri, 22 Sep 2017 02:33:19 GMT
Etag: "59c3ba4b-1d7"
Expires: Thu, 28 Sep 2017 14:33:19 GMT
Last-Modified: Thu, 21 Sep 2017 13:10:35 GMT
Server: ECS (arn/45E2)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    157ef3615286ca0b8f624d6fc420ea77
Sha1:   c0884252cf010f9da499b401e28d6d07c2b461c4
Sha256: ba1dab918fa0efd7c3966a8394a363d829c390683fc0047d19d50e042c3a1f1c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Fri, 22 Sep 2017 02:33:20 GMT
Etag: "59c45e55-1d7"
Expires: Thu, 28 Sep 2017 14:33:20 GMT
Last-Modified: Fri, 22 Sep 2017 00:50:29 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    ffde588a2e3d90d39b7b7cb7624a027a
Sha1:   b5b0484badeafc35ea60df2fa179e2e54796625f
Sha256: 163436e14951df20759f9cb76b3806d15955e5f47f8b67318f05dfe35fcdb492
                                        
                                            GET /_media/uac/guid.html HTTP/1.1 
Host: cdn.at.atwola.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sns-login-screen.comet.aol.com/

                                         
                                         152.195.39.2
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Cache-Control: public,max-age=86400
Date: Fri, 22 Sep 2017 02:33:20 GMT
Etag: "9587569808fd9acc994ca34d49fb56e3+gzip"
Last-Modified: Tue, 18 Apr 2017 18:51:24 GMT
Server: ECS (arn/467B)
Vary: Accept-Encoding
x-amz-expiration: expiry-date="Thu, 24 May 2018 00:00:00 GMT", rule-id="aolp-prd-o-and-o-uac"
x-amz-id-2: ZPGotkFR0EencOXJbZa4Cnb/F3C1W9X10hQ25wpZhovw0wCabzpl0nu5Go6flvw+/RhF0DCt6T8=
x-amz-request-id: E89D49D50ABA10DC
x-amz-server-side-encryption: AES256
x-amz-version-id: E9ZfsnLOLw5nxvrzAbmYGa0mYdqTTNhV
X-Cache: HIT
Content-Length: 438


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Tue Apr 18 20:51:24 2017
Size:   438
Md5:    0f9eec954b0697363b3c6889b8289d07
Sha1:   1a5a89963b99ac4686b1b9978d0098d1f234a867
Sha256: f6da2c61bf702ab172eee6230188ba15cae8c2401f4b5fa9f9d41f7ae05ccc55
                                        
                                            GET /_media/uac/tcode3.html HTTP/1.1 
Host: cdn.at.atwola.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sns-login-screen.comet.aol.com/

                                         
                                         152.195.39.2
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Cache-Control: public,max-age=86400
Date: Fri, 22 Sep 2017 02:33:20 GMT
Etag: "ca22f2d694325bbcf835f21984573012+gzip"
Last-Modified: Tue, 08 Aug 2017 15:35:11 GMT
Server: ECS (arn/4679)
Vary: Accept-Encoding
x-amz-expiration: expiry-date="Thu, 13 Sep 2018 00:00:00 GMT", rule-id="aolp-prd-o-and-o-uac"
x-amz-id-2: I355gKI8zlcA1F21AMyjTCqN3VH+0uQ8qqjrNViW+CogK0tkG+pCVUZuf8C4eeLT7KFxMkqypjo=
x-amz-request-id: 84E5FB29B1FDFC31
x-amz-server-side-encryption: AES256
x-amz-version-id: UFC2sqgacGsk.CQ3p5PdZ3Zbvd8qcouP
X-Cache: HIT
Content-Length: 2037


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Tue Aug 08 16:03:39 2017
Size:   2037
Md5:    276979aac466629abf459165c50d0daa
Sha1:   8fa8f8f6ad8a43453046aaee795195ec146e679c
Sha256: 6b4a4813328c687bfdbe439e9b22012d5f4eb25892a29816a346486ee74b50e2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 103
Content-Type: application/ocsp-request

                                         
                                         104.123.128.217
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Content-Length: 2111
Last-Modified: Thu, 21 Sep 2017 20:13:57 GMT
Etag: "FFEA957C045C7F4C82E66B6A7EE3977ACC828FAA"
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Fri, 22 Sep 2017 03:33:20 GMT
Date: Fri, 22 Sep 2017 02:33:20 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   2111
Md5:    e71808d56cc696b620a149bd7796150e
Sha1:   b1be93420315ead71b7762547cccf44f7a77bcc1
Sha256: 4b4a0137228d55f6338cfaa2057643558aa89e6a02a6b1af162745f66e453560
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 103
Content-Type: application/ocsp-request

                                         
                                         104.123.128.217
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Content-Length: 2111
Last-Modified: Thu, 21 Sep 2017 20:13:57 GMT
Etag: "D962E5AB3EE0788E8806EB3E99D08C6B2CBA55DC"
Cache-Control: public, no-transform, must-revalidate, max-age=2922
Expires: Fri, 22 Sep 2017 03:22:02 GMT
Date: Fri, 22 Sep 2017 02:33:20 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   2111
Md5:    147ccd89d7652d35a8b1e788003d1cf2
Sha1:   398689805324b4cd20dff2d7ee5e21bb5535e829
Sha256: 7e7bdfadccfd25db4bbef1d93dcdce2ab5df7d598caf880694a516c4fb788080
                                        
                                            GET /916f392e-1af6-43dd-bc12-239421d8b718.js HTTP/1.1 
Host: dtm.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         184.86.48.231
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Last-Modified: Tue, 29 Aug 2017 11:24:09 GMT
Cteonnt-Length: 51499
Content-Encoding: gzip
Content-Length: 7572
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1800, s-maxage=1800
Expires: Fri, 22 Sep 2017 03:03:20 GMT
Date: Fri, 22 Sep 2017 02:33:20 GMT
Connection: keep-alive
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7572
Md5:    abddf72c8d8eb453b79d9a75a3147f62
Sha1:   2d48859e3d0a6f278a57cda10e813dd028ffb4f4
Sha256: f69e79aec0f65574016109d2917eb6a3e4ca27d3252aee98e00036fb46ad582b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Fri, 22 Sep 2017 02:33:20 GMT
Etag: "59c450ad-1d7"
Expires: Thu, 28 Sep 2017 14:33:20 GMT
Last-Modified: Thu, 21 Sep 2017 23:52:13 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e5ec88d11cc4e2537b9a3a2f27c1add8
Sha1:   8cbc0538cefd6d10936cba33e776b6576559a26c
Sha256: 94a02fecc9b81d99c7f8ca3dcf4a0b9cf29181629965952f173132c0ad011f0f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Fri, 22 Sep 2017 02:33:20 GMT
Etag: "59c4110a-1d7"
Expires: Thu, 28 Sep 2017 14:33:20 GMT
Last-Modified: Thu, 21 Sep 2017 19:20:42 GMT
Server: ECS (arn/45E2)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    2264fc886dbc89f3ed1b0313d0af11bc
Sha1:   b88402850b02e5070f8c8f1a8771ab77c35c481e
Sha256: ad1b653ffdbf6ebc469707a7b4e7af3d80e38be6d058f9bd4d6e81f26bfc46c6
                                        
                                            GET /sn_sync.html HTTP/1.1 
Host: asvcs.aol.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         205.251.219.242
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 414
Connection: keep-alive
Date: Sun, 19 Feb 2017 13:41:26 GMT
Last-Modified: Wed, 27 Jan 2016 19:46:08 GMT
Etag: "f81fbb71a64896ccf091a1bc841eb6f0"
Accept-Ranges: bytes
Server: AmazonS3
Age: 84018
X-Cache: Hit from cloudfront
Via: 1.1 6296292885688507e00160ec3af83700.cloudfront.net (CloudFront)
X-Amz-Cf-Id: UqXwACdDkjZ-7t5VeKLdCFhuisxKtX-hdEu655ZQ2tSGHbNudoK03g==


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   414
Md5:    f81fbb71a64896ccf091a1bc841eb6f0
Sha1:   92c998328d8424f6ecbf107731a2bc561d6c0b72
Sha256: c62f98ddd79a10bdacef736a081678e4973e0e7b837680aa7005a445dc7c7342
                                        
                                            POST / HTTP/1.1 
Host: ocsp.trustwave.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         195.159.219.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Fri, 22 Sep 2017 02:33:20 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   638
Md5:    fa5721aedd76ca45b0ce75f7974f18c9
Sha1:   3828c829b95860da6a70a5cb8a26394cf81359ec
Sha256: 22bb926c246c40c303030df6db2e6efc893764b5a0b2ec1be4342bd3106f5026
                                        
                                            POST / HTTP/1.1 
Host: ocsp.trustwave.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         195.159.219.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 1684
Date: Fri, 22 Sep 2017 02:33:20 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1684
Md5:    f9cefef41a2e457a861e08c4ef599371
Sha1:   a87bc1bf4ad1ad724838ac1c3fba8a03fcd0a5f7
Sha256: 162f85e11b39f79858549a1ef1e9ad47acf71dacfbf186719d699a3d746c1f91
                                        
                                            GET /ids/916f392e-1af6-43dd-bc12-239421d8b718?secure=true HTTP/1.1 
Host: dtm.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         184.86.48.231
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Last-Modified: Tue, 29 Aug 2017 11:23:55 GMT
ntCoent-Length: 11728
Content-Encoding: gzip
Content-Length: 4794
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1800, s-maxage=1800
Expires: Fri, 22 Sep 2017 03:03:20 GMT
Date: Fri, 22 Sep 2017 02:33:20 GMT
Connection: keep-alive
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4794
Md5:    5c16982ca03a32fca6b79bcdf5793bcd
Sha1:   134e264480b0079545117da72712cb48fe855146
Sha256: 51e7958c629063e2f07e9320f8f23869a2a074288001addfb5e7fe35e5fa5164
                                        
                                            GET /js/FS.swf HTTP/1.1 
Host: kadoshturismo.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         191.252.105.234
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 22 Sep 2017 02:33:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://www.kadoshturismo.com.br/js/FS.swf
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 22 Sep 2017 02:33:20 GMT
Server: Apache
Last-Modified: Thu, 21 Sep 2017 13:44:55 GMT
Expires: Thu, 28 Sep 2017 13:44:55 GMT
Etag: 1F22D49D629A15B90444FC1340949CF40F1ED52A
Cache-Control: max-age=558094,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp26
Content-Length: 472
Connection: close


--- Additional Info ---
Magic:  data
Size:   472
Md5:    03a7c1ace98409d25e8a8e5552a06c49
Sha1:   1f22d49d629a15b90444fc1340949cf40f1ed52a
Sha256: b3d3f87c155f760d1f5f19523ab87ab6f054bf94a1ffd6e3737f8e987a1bf9d7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 22 Sep 2017 02:33:20 GMT
Server: Apache
Last-Modified: Mon, 18 Sep 2017 21:19:01 GMT
Expires: Mon, 25 Sep 2017 21:19:01 GMT
Etag: 6C5ED2BA04F4F74A6D8E32793D1C687908CCF9F0
Cache-Control: max-age=326140,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp16
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    8f5f8fb2c814f415e3eafdc9216f19ef
Sha1:   6c5ed2ba04f4f74a6d8e32793d1c687908ccf9f0
Sha256: b3753f248615a41174fb876c462dd3758c8f9a2da74cd313e43870795518a176
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 22 Sep 2017 02:33:20 GMT
Server: Apache
Last-Modified: Mon, 18 Sep 2017 21:19:01 GMT
Expires: Mon, 25 Sep 2017 21:19:01 GMT
Etag: 1EA8BD9EC98BACAF761B1F1EBC7650A905009A37
Cache-Control: max-age=326140,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp16
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    6071668a133ec5b2a7bcdda1bc58930a
Sha1:   1ea8bd9ec98bacaf761b1f1ebc7650a905009a37
Sha256: 6f4b9eddb34bbf6701ce28adef63cf9c812206bbe0ae4ad3115249eede49aca1
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.209.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 22 Sep 2017 02:33:20 GMT
Expires: Tue, 26 Sep 2017 02:33:20 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    d4be7e9e5210d412b66a4902ee2c4288
Sha1:   aa2077965b27a86675cb52b30f232c28fc11e721
Sha256: f2464b52e1f9846719a141d5efc4fac00b497d3c3a1778ec961860e5d07799d6
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=342498, public, no-transform, must-revalidate
Last-Modified: Tue, 19 Sep 2017 01:40:26 GMT
Expires: Tue, 26 Sep 2017 01:40:26 GMT
Date: Fri, 22 Sep 2017 02:33:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    e41ac1a93537d154953155b91b648bec
Sha1:   10cf182a89b4948f28dffa10585a94264adaa264
Sha256: 01003a763caf27d02f07463f0600a19064774ee0fc938071f560a0ee6806ff15
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 103
Content-Type: application/ocsp-request

                                         
                                         104.123.128.217
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Content-Length: 2111
Last-Modified: Fri, 22 Sep 2017 01:30:22 GMT
Etag: "FFB469154E21724C6FDC0325F5E54CDC7BB97FE9"
Cache-Control: public, no-transform, must-revalidate, max-age=1036
Expires: Fri, 22 Sep 2017 02:50:37 GMT
Date: Fri, 22 Sep 2017 02:33:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   2111
Md5:    e35332623026aa882e099cf6517c0d52
Sha1:   d47ac53ef669f551d6c3d16f240f55f196ce75a5
Sha256: 0f2925b2c7baeb708b162a3631606ee702dee55741377444f8c7958e972db280
                                        
                                            GET /cfcm.ashx?providerId=1010&extMatch=1&rcode=1 HTTP/1.1 
Host: adt.pxl.ace.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         152.163.50.3
HTTP/1.1 302 Found
                                        
Cache-Control: private, no-cache, max-age=0
Pragma: no-cache
Expires: Fri, 22 Sep 2017 02:33:21 GMT
Location: /cfcm.ashx?providerId=1010&extMatch=1&rcode=1&ctst=1
Server: Microsoft-IIS/7.5
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 22 Sep 2017 02:33:20 GMT
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /mapuser?providerid=1034;getuser=https://pr-bh.ybp.yahoo.com/sync/adtech/$UID?secure=true HTTP/1.1 
Host: ums.adtechus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         152.163.56.2
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Fri, 22 Sep 2017 02:33:20 GMT
Content-Length: 0
Connection: keep-alive
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache
Location: https://ums.adtechus.com/mapuser?providerid=1034;cfp=1;rndc=1506047600;getuser=https://pr-bh.ybp.yahoo.com/sync/adtech/$UID?secure=true
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: CfP=1;domain=adtechus.com;path=/


--- Additional Info ---
                                        
                                            GET /track/cmf/generic?ttd_pid=aoladtech HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         176.34.121.127
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Cache-Control: private,no-cache, must-revalidate
Date: Fri, 22 Sep 2017 02:33:05 GMT
Location: https://match.adsrvr.org/track/cmb/generic?ttd_pid=aoladtech
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pragma: no-cache
Server: Microsoft-IIS/8.5
Set-Cookie: TDID=b69e03ef-4795-4b44-9e86-26951c3bb419; domain=.adsrvr.org; expires=Sat, 22-Sep-2018 02:33:06 GMT; path=/ TDCPM=CAEYBSgCMgsIsKqqzZ_bwDUQBTgB; domain=.adsrvr.org; expires=Sat, 22-Sep-2018 02:33:06 GMT; path=/
X-AspNet-Version: 4.0.30319
Content-Length: 151
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   151
Md5:    f198fec03fbbb3d8ba311a3b79733613
Sha1:   1f96108103fff019f5a9c2ba88b41804c009e74c
Sha256: 54781b2c92e89a7e193558c52ab2c549e89926fe1a82ed660a7ef523515504a8
                                        
                                            GET /pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         216.58.211.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc=
Date: Fri, 22 Sep 2017 02:33:21 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 298
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Fri, 22-Sep-2017 02:48:21 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  HTML document text
Size:   298
Md5:    6629b5d4d055d00196c98a6536602c75
Sha1:   2091b806ef1abe9057d936912aff0af0a4745c01
Sha256: 3a5c7b7449efff7d7033c0c1dbdb1d278e5fd07b3daf7ff3d98955f7e3491c22
                                        
                                            GET /asvcs.aol.com/include/sn_sync-built.js HTTP/1.1 
Host: s.blogsmithmedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://asvcs.aol.com/sn_sync.html

                                         
                                         88.221.73.240
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Wed, 27 Jan 2016 19:47:50 GMT
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Id: vnTgTE2jZzJUEQKV3o4QcTBUd-0fdWJYXfHLfM2IgjgjtrHzIGSqjg==
Content-Length: 8837
Date: Fri, 22 Sep 2017 02:33:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8837
Md5:    4d1036fda2bb8c456e5d2ad92f162e64
Sha1:   3d44a93dc3db8e2c0a8f230348f8b23f5e629dda
Sha256: e87be4548dcc2377babe1afc6a701fc265cbad40cbe344c52a9244df181549a1
                                        
                                            GET /sync?ssp=adaptv HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         35.189.237.203
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Fri, 22 Sep 2017 02:33:21 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=adaptv
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=0becdbe2-554a-4e36-985f-ff6072bb69b9; path=/; expires=Sat, 22-Sep-2018 02:33:21 GMT; domain=.bidswitch.net tuuid_last_update=1506047601; path=/; expires=Sat, 22-Sep-2018 02:33:21 GMT; domain=.bidswitch.net c=1506047601; path=/; expires=Sat, 22-Sep-2018 02:33:21 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.211.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.adap.tv/sync?type=gif&key=invitemedianewyork2&uid=CAESEGjz7cRYPD3FMYr0jkM89eA&google_cver=1
Date: Fri, 22 Sep 2017 02:33:21 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 313
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUnptcNT88xLhsHdmtAEpw5WkXQ2NXjTA0lmDwUYpBEYfPAzh4LdxA; expires=Sun, 22-Sep-2019 02:33:21 GMT; path=/; domain=.doubleclick.net; HttpOnly
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  HTML document text
Size:   313
Md5:    d640d5c30bef5975144d843a81b9a18c
Sha1:   0449f5b34cee020ddae5bc0fd4d22d398d71863d
Sha256: 9d0aea670f399ea0a1cca4a01773dae43446a689fdf908eb602215e754dd13d1
                                        
                                            GET /ul_cb/sync?ssp=adaptv HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html
Cookie: tuuid=0becdbe2-554a-4e36-985f-ff6072bb69b9; tuuid_last_update=1506047601; c=1506047601

                                         
                                         35.189.237.203
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Fri, 22 Sep 2017 02:33:21 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: //sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dadaptv
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=0becdbe2-554a-4e36-985f-ff6072bb69b9; path=/; expires=Sat, 22-Sep-2018 02:33:21 GMT; domain=.bidswitch.net tuuid_last_update=1506047601; path=/; expires=Sat, 22-Sep-2018 02:33:21 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /cfcm.ashx?providerId=1010&extMatch=1&rcode=1&ctst=1 HTTP/1.1 
Host: adt.pxl.ace.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         152.163.50.3
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, no-cache, max-age=0
Pragma: no-cache
Expires: Fri, 22 Sep 2017 02:33:20 GMT
Server: Microsoft-IIS/7.5
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 22 Sep 2017 02:33:20 GMT
Content-Length: 49


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   49
Md5:    56398e76be6355ad5999b262208a17c9
Sha1:   a1fdee122b95748d81cee426d717c05b5174fe96
Sha256: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
                                        
                                            GET /mapuser?providerid=1034;cfp=1;rndc=1506047600;getuser=https://pr-bh.ybp.yahoo.com/sync/adtech/$UID?secure=true HTTP/1.1 
Host: ums.adtechus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html
Cookie: CfP=1

                                         
                                         152.163.56.2
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Fri, 22 Sep 2017 02:33:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache
Location: https://pr-bh.ybp.yahoo.com/sync/adtech/59C46EC16E651A43E0324050F90BD7B8?secure=true
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: JEB2=59C46EC16E651A43E0324050F90BD7B8;expires=Sun, 22 Sep 2019 2:33:21 GMT;domain=adtechus.com;path=/


--- Additional Info ---
                                        
                                            GET /track/cmb/generic?ttd_pid=aoladtech HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html
Cookie: TDID=b69e03ef-4795-4b44-9e86-26951c3bb419; TDCPM=CAEYBSgCMgsIsKqqzZ_bwDUQBTgB

                                         
                                         176.34.121.127
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private,no-cache, must-revalidate
Date: Fri, 22 Sep 2017 02:33:02 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pragma: no-cache
Server: Microsoft-IIS/8.5
Set-Cookie: TDID=b69e03ef-4795-4b44-9e86-26951c3bb419; domain=.adsrvr.org; expires=Sat, 22-Sep-2018 02:33:03 GMT; path=/ TDCPM=CAEYBTgBQgQiAggB; domain=.adsrvr.org; expires=Sat, 22-Sep-2018 02:33:03 GMT; path=/
X-AspNet-Version: 4.0.30319
Content-Length: 70
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   70
Md5:    58a7930cd4577fc33c35828c271eab8f
Sha1:   406e57f86dc101e10f3a57be1e2f7b93c4580474
Sha256: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Fri, 22 Sep 2017 02:33:21 GMT
Etag: "59c42af1-1d7"
Expires: Thu, 28 Sep 2017 14:33:21 GMT
Last-Modified: Thu, 21 Sep 2017 21:11:13 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c4a995e99f650fdc3734ee5856c0dd50
Sha1:   3fc667338ce857a06cead033ccfd3727ef2945ba
Sha256: a8528b20870d05028470c195155aafea2aeb92855fe4a26ef1dd1ffabc2d008a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Fri, 22 Sep 2017 02:33:21 GMT
Etag: "59c43db5-1d7"
Expires: Thu, 28 Sep 2017 14:33:21 GMT
Last-Modified: Thu, 21 Sep 2017 22:31:17 GMT
Server: ECS (arn/45E2)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    22dc2d39fe1957906125b0e578ebe5d4
Sha1:   92d70c091dd6bb1e3a853c1fdaea2f6f1c1656f2
Sha256: cb83acf7fb7cb4f0c16beea5117273cdd525bfdc9e441481a986239384af1d11
                                        
                                            GET /sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dadaptv HTTP/1.1 
Host: sync.mathtag.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         185.29.133.199
HTTP/1.1 302 Moved Temporarily
Content-Type: image/gif
                                        
Date: Fri, 22 Sep 2017 02:33:21 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
Set-Cookie: uuid=478d59c4-61c6-4d00-bc7d-0210c9703a65; domain=.mathtag.com; path=/; expires=Sat, 20-Oct-2018 02:33:21 GMT
Location: https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dadaptv&mm_bnc&mm_bct
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1.15.15.2 6e278e6 master zrh-pixel-x10
Expires: Fri, 22 Sep 2017 02:33:20 GMT


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         104.123.128.217
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Content-Length: 2123
Last-Modified: Fri, 22 Sep 2017 01:30:22 GMT
Etag: "66C4ED31F96A80C06307D9CA14713D0723BC128A"
Cache-Control: public, no-transform, must-revalidate, max-age=1588
Expires: Fri, 22 Sep 2017 02:59:49 GMT
Date: Fri, 22 Sep 2017 02:33:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   2123
Md5:    a96bcbcc1d574a22d191a5a59735b136
Sha1:   390a8d69bdc315ec8a729dff5f7fa9998120030e
Sha256: 888ee7fa8523be591325949e1f903973d70fee7ef3da1afcb2d7e946469d566f
                                        
                                            GET /sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dadaptv&mm_bnc&mm_bct HTTP/1.1 
Host: sync.mathtag.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html
Cookie: uuid=478d59c4-61c6-4d00-bc7d-0210c9703a65

                                         
                                         185.29.133.199
HTTP/1.1 302 Moved Temporarily
Content-Type: image/gif
                                        
Date: Fri, 22 Sep 2017 02:33:21 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
Location: https://x.bidswitch.net/sync?dsp_id=80&user_id=478d59c4-61c6-4d00-bc7d-0210c9703a65&expires=30&ssp=adaptv
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1.15.15.2 6e278e6 master zrh-pixel-x4
Set-Cookie: uuidc=HkaWmgnjCPb5s73PrZT4gLyythvW+SsGB2UEhAUQ9uAGoMsCt3rvkuATDn29VWEg2aaEiYCLASsFriydgJyhPtuQwDeD07lXA65No1zCejQ=; Expires=Sat, 20-Oct-18 02:33:21 GMT; Domain=.mathtag.com; Path=/
Expires: Fri, 22 Sep 2017 02:33:20 GMT


--- Additional Info ---
                                        
                                            GET /sync?dsp_id=80&user_id=478d59c4-61c6-4d00-bc7d-0210c9703a65&expires=30&ssp=adaptv HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html
Cookie: tuuid=0becdbe2-554a-4e36-985f-ff6072bb69b9; tuuid_last_update=1506047601; c=1506047601

                                         
                                         35.189.237.203
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Fri, 22 Sep 2017 02:33:21 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: //sync.adaptv.advertising.com/sync?type=gif&key=iponweb&uid=0becdbe2-554a-4e36-985f-ff6072bb69b9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"


--- Additional Info ---
                                        
                                            GET /sync/adtech/59C46EC16E651A43E0324050F90BD7B8?secure=true HTTP/1.1 
Host: pr-bh.ybp.yahoo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         77.238.185.35
HTTP/1.1 302 Found
                                        
Set-Cookie: B=176994pcs8tjh&b=3&s=s7;Path=/;Domain=.yahoo.com;Expires=Sun, 22-Sep-2019 02:33:21 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://ums.adtechus.com/mapuser?providerid=1034;userid=8973257909937256092
Content-Length: 0
Date: Fri, 22 Sep 2017 02:33:21 GMT
Age: 0
Connection: keep-alive
Server: ATS


--- Additional Info ---
                                        
                                            GET /mapuser?providerid=1034;userid=8973257909937256092 HTTP/1.1 
Host: ums.adtechus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html
Cookie: CfP=1; JEB2=59C46EC16E651A43E0324050F90BD7B8

                                         
                                         152.163.56.2
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 22 Sep 2017 02:33:22 GMT
Content-Length: 43
Connection: keep-alive
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /sync?type=gif&key=invitemedianewyork2&uid=CAESEGjz7cRYPD3FMYr0jkM89eA&google_cver=1 HTTP/1.1 
Host: sync.adap.tv
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         52.4.84.54
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Location: //sync.adaptv.advertising.com/sync?type=gif&key=invitemedianewyork2&uid=CAESEGjz7cRYPD3FMYr0jkM89eA&google_cver=1
Server: ribs2.0
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /sync?type=gif&key=iponweb&uid=0becdbe2-554a-4e36-985f-ff6072bb69b9 HTTP/1.1 
Host: sync.adaptv.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         52.4.78.167
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: ribs2.0
Set-Cookie: rtbData0="key=iponweb:value=0becdbe2-554a-4e36-985f-ff6072bb69b9:expiresAt=1508639602,ver=2";Path=/;Domain=.adaptv.advertising.com;Expires=Sun, 22-Sep-2019 02:33:22 GMT APID=VB66d5f7a0-9f3e-11e7-a65c-0a42b995c487; Max-Age=31622400; Expires=Sun, 23-Sep-2018 02:33:22 GMT; Domain=.advertising.com; Path=/; Version=1
Content-Length: 42
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /sync?type=gif&key=invitemedianewyork2&uid=CAESEGjz7cRYPD3FMYr0jkM89eA&google_cver=1 HTTP/1.1 
Host: sync.adaptv.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cdn.at.atwola.com/_media/uac/tcode3.html

                                         
                                         52.4.78.167
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: ribs2.0
Set-Cookie: rtbData0="key=invitemedianewyork2:value=CAESEGjz7cRYPD3FMYr0jkM89eA:expiresAt=1513823602,ver=2";Path=/;Domain=.adaptv.advertising.com;Expires=Sun, 22-Sep-2019 02:33:22 GMT APID=VB671e6ac6-9f3e-11e7-97de-0a54c6e7ad81; Max-Age=31622400; Expires=Sun, 23-Sep-2018 02:33:22 GMT; Domain=.advertising.com; Path=/; Version=1
Content-Length: 42
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /vanity/?ts=1506047599165&h=kadoshturismo.com.br&v=60&r=&l=0&k=1&m=1176x885&bd=1159x754&tz=-120&ms=18&da_pr=undefined&da_ar=null&t=AOL.com%20-%20Welcome%20to%20AOL&dL_ch=us.snssignin&dL_dpt=ssologin&fv=10.0&dL_abp=0&omniTimeOut=1&dL_hnu=1&pgid=kadoshturismo.com.br9da823ff7dfce1814ba82b09a93d1cac558c180f HTTP/1.1 
Host: b.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /js/FS.swf HTTP/1.1 
Host: www.kadoshturismo.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kadoshturismo.com.br/wp-content/themes/indexx1.html
Cookie: _vdl=1

                                         
                                         191.252.105.234
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 22 Sep 2017 02:33:21 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.kadoshturismo.com.br/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing