Overview

URL bc.vc/oYEWFr
IP104.28.31.81
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2018-05-29 14:05:32 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-05-29 2 bc.vc/oYEWFr Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.28.31.81

Date UQ / IDS / BL URL IP
2018-11-03 06:49:06 +0100
0 - 0 - 0 https://desenepenet.xyz/Actiune/traffik-2018 104.28.31.81
2018-08-04 16:28:24 +0200
0 - 0 - 0 https://desenepenet.xyz/groaza/the-tag-along- (...) 104.28.31.81
2018-05-30 18:57:53 +0200
0 - 0 - 1 bc.vc/F0745I 104.28.31.81
2018-05-22 19:08:35 +0200
0 - 0 - 0 bc.vc 104.28.31.81
2018-04-06 22:39:11 +0200
0 - 0 - 0 bc.vc/Na7Tv8L 104.28.31.81
2018-03-20 22:46:24 +0100
0 - 0 - 1 bc.vc/9B4XFbR 104.28.31.81
2018-03-14 17:47:14 +0100
0 - 0 - 0 bc.vc/rLMebiP 104.28.31.81
2018-03-02 02:30:48 +0100
0 - 0 - 0 bc.vc/5haWN10 104.28.31.81
2018-01-11 02:03:40 +0100
0 - 0 - 1 bc.vc/fqekAU 104.28.31.81
2018-01-11 01:39:32 +0100
0 - 0 - 1 bc.vc/L42fhx 104.28.31.81

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2018-11-16 11:14:45 +0100
0 - 1 - 14 soapcrone.top/ 104.27.144.35
2018-11-16 11:09:02 +0100
0 - 1 - 0 https://n-a-s-p-d.pw/e29481e9-a792-46a8-bbf0- (...) 104.31.64.120
2018-11-16 11:07:58 +0100
0 - 0 - 0 https://www.theknot.com/us/italy-vs-australia (...) 104.16.208.249
2018-11-16 11:02:39 +0100
0 - 0 - 1 www.kernsafe.com/product/totalmounter.aspx 104.24.29.20
2018-11-16 10:42:29 +0100
0 - 0 - 0 burt.ns.cloudflare.com/ 173.245.59.79
2018-11-16 10:39:37 +0100
0 - 0 - 0 ocsp.globalsign.com 104.18.21.226
2018-11-16 10:38:57 +0100
0 - 0 - 0 https://www.theknot.com/us/france-vs-argentin (...) 104.16.208.249
2018-11-16 10:30:27 +0100
0 - 0 - 0 nina.ns.cloudflare.com/ 173.245.58.136
2018-11-16 10:29:25 +0100
0 - 2 - 0 https://etodoro.ga/mypush1/index-redir3-adult (...) 104.18.41.212
2018-11-16 10:27:26 +0100
0 - 0 - 1 https://tinyurl.com/ybwnw4to 104.20.218.42

Last 10 reports on domain: bc.vc

Date UQ / IDS / BL URL IP
2018-11-08 21:21:16 +0100
0 - 0 - 0 bc.vc/fly/ajax.php?wds=50f1cfb53414785befcbe0 (...) 172.64.202.12
2018-10-05 07:41:48 +0200
0 - 0 - 1 bc.vc/Na7Tv8L 104.18.42.124
2018-08-15 16:29:44 +0200
0 - 0 - 0 bc.vc/82Vtjs1 172.64.161.8
2018-08-02 18:10:46 +0200
0 - 0 - 0 bc.vc/82Vtjs1 104.27.129.229
2018-07-26 08:22:19 +0200
0 - 0 - 1 bc.vc/qlZN0E 172.64.136.7
2018-06-27 18:07:31 +0200
2 - 0 - 0 bc.vc/JfF1m3P 104.27.170.229
2018-06-08 16:57:01 +0200
0 - 0 - 0 bc.vc/ucyfJTW 104.28.30.81
2018-05-31 00:14:24 +0200
0 - 0 - 1 bc.vc/4847/http:/turbobit.net/edmsu3xrx5wo/id (...) 104.28.30.81
2018-05-30 18:57:53 +0200
0 - 0 - 1 bc.vc/F0745I 104.28.31.81
2018-05-29 22:47:15 +0200
0 - 0 - 1 bc.vc/YLS5c7 104.28.30.81


JavaScript

Executed Scripts (15)


Executed Evals (5)

#1 JavaScript::Eval (size: 265, repeated: 1) - SHA256: fdd2120c37da9ce7a58d96be9ef6cb106c1040561b6801c70718faf6fc342e8c

                                        ({
    'bg': [-50, -50, 50, 115],
    '0': [-135, -147, 20, 14],
    '1': [-135, -135, 20, 9],
    '2': [-135, -117, 20, 13],
    '3': [-135, -100, 20, 14],
    '4': [-135, -84, 20, 15],
    '5': [-135, -70, 20, 13],
    '6': [-135, -53, 20, 15],
    '7': [-135, -38, 20, 14],
    '8': [-135, -23, 20, 14],
    '9': [-135, -7, 20, 15],
    ',': [-135, 0, 23, 7]
})
                                    

#2 JavaScript::Eval (size: 264, repeated: 1) - SHA256: 39579f75bcf62085fff19d2e37ddf70e9cf240fdb343e46ee527e3521ab5bb7c

                                        ({
    'bg': [0, -50, 50, 115],
    '0': [-115, 0, 20, 14],
    '1': [-115, -17, 20, 9],
    '2': [-115, -31, 20, 13],
    '3': [-115, -47, 20, 13],
    '4': [-115, -62, 20, 15],
    '5': [-115, -78, 20, 13],
    '6': [-115, -93, 20, 15],
    '7': [-115, -109, 20, 14],
    '8': [-115, -124, 20, 14],
    '9': [-115, -139, 20, 15],
    ',': [-112, -154, 23, 7]
})
                                    

#3 JavaScript::Eval (size: 262, repeated: 1) - SHA256: ff0504e3bd7c9ca7030953a039cc9622891cd31e22cedc2c9d33f8bbb607c74f

                                        ({
    'bg': [0, 0, 115, 50],
    '0': [0, -165, 14, 20],
    '1': [-17, -165, 9, 20],
    '2': [-31, -165, 14, 20],
    '3': [-47, -165, 13, 20],
    '4': [-62, -165, 15, 20],
    '5': [-78, -165, 13, 20],
    '6': [-93, -165, 15, 20],
    '7': [-109, -165, 14, 20],
    '8': [-124, -165, 14, 20],
    '9': [-139, -165, 15, 20],
    ',': [-102, -131, 7, 23]
})
                                    

#4 JavaScript::Eval (size: 5258, repeated: 1) - SHA256: 847f6a895681edae9f59251c842a9184de97150e61648bfc22fff5bf6b869622

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_SAH').value = d.SAH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_CW').value = d.CW
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
    try {
        document.getElementById('ci_NW').value = d.NW
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.SAH = window.screen.availHeight
} catch (e) {
    QC.SAH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.CW = document.documentElement.clientWidth
} catch (e) {
    QC.CW = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = window.callPhantom !== undefined || window._phantom !== undefined ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof navigator.sendBeacon === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = navigator.geolocation !== undefined ? 1 : 0
} catch (e) {
    QC.NG = -1
}
try {
    QC.NW = 'webdriver' in navigator ? 1 : 0
} catch (e) {
    QC.NW = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

#5 JavaScript::Eval (size: 20, repeated: 1) - SHA256: e9776e2e5c0dc6ace2f77bc3e2447b8e591fe28648279c789e2e93c8f0e6dd15

                                        wid.style. = '-50px'
                                    

Executed Writes (0)



HTTP Transactions (28)


Request Response
                                        
                                            GET /oYEWFr HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.28.31.81
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d0620fb99c6b5894183c1f0e8de85c6461527595500; expires=Wed, 29-May-19 12:05:00 GMT; path=/; domain=.bc.vc; HttpOnly _kei_=1; expires=Tue, 29-May-2018 21:00:00 GMT; Max-Age=32331; path=/
X-Powered-By: PHP/5.6.30-0+deb8u1
X-Frame-Options: allowall
Server: cloudflare
CF-RAY: 4228d3a8a3f14285-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2470
Md5:    1809808c35ac8fd97342e92ce6c13ce3
Sha1:   e51e87a5fc0eb2de85f3fc572d576aed81033efc
Sha256: 33fe161ef809c35d741c83a7240ce196ce37c7c3f1b8dd8b879171fdfc08d0d1

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /css/style.css HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr
Cookie: __cfduid=d0620fb99c6b5894183c1f0e8de85c6461527595500; _kei_=1

                                         
                                         104.28.31.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 11 Jun 2017 22:21:04 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 29 May 2018 16:05:01 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 4228d3ab046a4285-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3507
Md5:    8d13d760c79cb30c922dad80630de0b1
Sha1:   b60fbdc05b6a65d27ea4b15661c4465bf5bed53b
Sha256: f710dd2a34b844c40038729c023bfdd9d10c591dfb89ca9d763c403267444335
                                        
                                            GET /css/kfk.css HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr
Cookie: __cfduid=d0620fb99c6b5894183c1f0e8de85c6461527595500; _kei_=1

                                         
                                         104.28.31.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 May 2017 09:18:39 GMT
Etag: W/"59084eef-cd"
X-Frame-Options: allowall
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 29 May 2018 16:05:01 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 4228d3ab010142a3-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   167
Md5:    934d36587f2ff7e50eb47d5b51ee9217
Sha1:   e5ff1e021825f7f4b36d0006f7a348390b4bac8d
Sha256: 1abc04c11016d45b3c780663a0dd98c94d55292342ccbee810867afea87c1058
                                        
                                            GET /js/jquery.libs.js HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr
Cookie: __cfduid=d0620fb99c6b5894183c1f0e8de85c6461527595500; _kei_=1

                                         
                                         104.28.31.81
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 May 2017 09:18:43 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 29 May 2018 16:05:01 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 4228d3ab34714285-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7762
Md5:    ce6b43a7f57270c599e099be45bf3245
Sha1:   c2bc745de2cf74200520055a5239317c75d4598e
Sha256: f7f89ed1f05306ab4809fca0260e61303efa3451de8b24951795531d47ce78a1
                                        
                                            GET /js/app.v5.js HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr
Cookie: __cfduid=d0620fb99c6b5894183c1f0e8de85c6461527595500; _kei_=1

                                         
                                         104.28.31.81
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 07 Aug 2017 14:31:23 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 29 May 2018 16:05:01 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 4228d3ab310a42a3-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   655
Md5:    f8665607f296ec743e9c5a379725d125
Sha1:   beda4bf37aba5bec796ff1a6a7eff356522cb0b1
Sha256: ff841edc0e86149dfb92734a63866405293f89e95252eccd6d52a813b5fd00c5
                                        
                                            GET /css/bottom.css HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr
Cookie: __cfduid=d0620fb99c6b5894183c1f0e8de85c6461527595500; _kei_=1

                                         
                                         104.28.31.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 May 2017 09:18:39 GMT
Etag: W/"59084eef-be"
X-Frame-Options: allowall
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 29 May 2018 16:05:01 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 4228d3ab237442b5-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   164
Md5:    d18b8a7db9c4102ece48efa83e2325d4
Sha1:   b14fa13bf0dad94da67b86dca4527626764bd489
Sha256: 98ca1375c7d3c455d1f1a59140ae975c42f5fb55af305821e80a63215cfce659
                                        
                                            GET /js/jquery.min.js HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr
Cookie: __cfduid=d0620fb99c6b5894183c1f0e8de85c6461527595500; _kei_=1

                                         
                                         104.28.31.81
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 May 2017 09:18:43 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 29 May 2018 16:05:01 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 4228d3ab337c42c1-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   27176
Md5:    b9ce259ec1665a1caa6e1fadd5d7358a
Sha1:   f930485641cff5f09af81a791786700dee43d726
Sha256: 810ddeea370d274695632e621706b196fdf13f5ca47a9413cc7a47060321dce7
                                        
                                            GET /js/po_v7.min.js?v=1 HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr
Cookie: __cfduid=d0620fb99c6b5894183c1f0e8de85c6461527595500; _kei_=1

                                         
                                         104.28.31.81
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 May 2018 13:49:45 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 29 May 2018 16:05:01 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 4228d3ab477242a9-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1824
Md5:    d7afe926642793b9edfedb2fadebc7cc
Sha1:   0404457ddcb67cb3b82ac22adc36d293556f2714
Sha256: 196d7dc12f4cef3e935229f011bfc00373de1ed70561c56c2613b355de336245
                                        
                                            GET /images/logo.png HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/css/style.css
Cookie: __cfduid=d0620fb99c6b5894183c1f0e8de85c6461527595500; _kei_=1

                                         
                                         104.28.31.81
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Content-Length: 5014
Connection: keep-alive
Last-Modified: Tue, 02 May 2017 09:18:39 GMT
Etag: "59084eef-1396"
X-Frame-Options: allowall
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 29 May 2018 16:05:01 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 4228d3ac94b44285-OSL


--- Additional Info ---
Magic:  PNG image, 60 x 60, 8-bit/color RGBA, non-interlaced
Size:   5014
Md5:    e0c1cd9701213beacca580cc6b3d515a
Sha1:   9adb002d674195be592b175c7509cab21d24d666
Sha256: d218dfcf6f36270ee2eb138d72c747e83aecf95421c9f72fcbd1d4b466f91bea
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 29 May 2018 11:00:24 GMT
Expires: Tue, 29 May 2018 13:00:24 GMT
Last-Modified: Fri, 18 May 2018 01:10:24 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14386
Age: 3877
Cache-Control: public, max-age=7200


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14386
Md5:    b3de885583a477d4e31568948d6bebd7
Sha1:   2ce8d853244dde551c41d5207d6f71c567bde8c6
Sha256: e1bb5aa555a0d875e2a67884ceaa0629e08994a8aabadc2fac5b6915793dbf75
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    055db7f9b6f0f84636198b9b0e81211a
Sha1:   7d9ba2c1e4be44e0d7fed05d609b1ecc9fcd859e
Sha256: 4b2b26eae297fed846f198cadf5486fd675a2ab061dc629d417566c9994e83b2
                                        
                                            GET /tab.js HTTP/1.1 
Host: widgets.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr

                                         
                                         185.225.208.133
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 29 May 2018 12:05:01 GMT
Last-Modified: Sun, 27 May 2018 23:27:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5b0b3ef4-6eea"
Expires: Wed, 30 May 2018 12:05:01 GMT
Cache-Control: max-age=86400, private
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   18876
Md5:    a7f70d987282781428eb52616d4b422c
Sha1:   b43215746aca03ac7b78d1913c8877e5c3eb0809
Sha256: 41dc86e65466ed91e6fb165a8fe4a8179dde847f02e0824cc305b4eb5f098ce2
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 May 2018 12:05:02 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            GET /pingjs/?k=s7popkb7yn2l&t=Zippyshare.com%20-%20Sleeping%20With%20Sirens%20-%20Feel%20-%202013.rar&c=t&y=&a=0&d=0&v=22&r=9539 HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr

                                         
                                         67.202.94.86
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 29 May 2018 12:05:02 GMT
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   53
Md5:    c592d00dadc9d803efaf84a6652d5b31
Sha1:   65a3bfd05bef82ab21164518c7ecda6e8005da53
Sha256: 56ce180ef75d51eed64ad226d9c051fa022babef7262f1211e48f2c20fdab6ad
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 28 May 2018 14:05:53 GMT
Etag: B5E11B99D7F73F92FB01B303F04C53072E09FF25
X-OCSP-Responder-ID: rmdccaocsp9
Content-Length: 280
Cache-Control: public, no-transform, must-revalidate, max-age=1800
Expires: Tue, 29 May 2018 12:35:02 GMT
Date: Tue, 29 May 2018 12:05:02 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   280
Md5:    2e420c0011b383f06bb8378c85a17b1f
Sha1:   b5e11b99d7f73f92fb01b303f04c53072e09ff25
Sha256: 7d1f635ce9c885eb7e68359ac1d026dd896b5e800b0d3827585b33a257e40650
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Fri, 25 May 2018 21:10:02 GMT
Etag: A030DE25D5A97F3659D4F1FFCF561205C717BCB2
X-OCSP-Responder-ID: rmdccaocsp12
Content-Length: 313
Cache-Control: public, no-transform, must-revalidate, max-age=1091
Expires: Tue, 29 May 2018 12:23:13 GMT
Date: Tue, 29 May 2018 12:05:02 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   313
Md5:    1fe9f2237da5c8555ceddd33d3002bed
Sha1:   a030de25d5a97f3659d4f1ffcf561205c717bcb2
Sha256: 032c50c246b23c366afab4c4141b068a420eb51b4b0f4d400d3504bebc9d6077
                                        
                                            GET /gtag/js?id=UA-12855174-12 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr

                                         
                                         216.58.211.8
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Access-Control-Allow-Origin: http://www.googletagmanager.com
Access-Control-Allow-Headers: Cache-Control
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Tue, 29 May 2018 12:05:02 GMT
Expires: Tue, 29 May 2018 12:05:02 GMT
Cache-Control: private, max-age=900
Server: Google Tag Manager (scaffolding)
X-XSS-Protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   22858
Md5:    bb42b409f15978f07a7065092bc08948
Sha1:   3d730c88624c2b71742038c8ba71a08660465f55
Sha256: 62d8d3a27cc3b414b6fb21187ba53ddf527f9340aae22853cf35cd26d369f3c4
                                        
                                            POST /j/collect?v=1&_v=j68&a=1264366474&t=pageview&_s=1&dl=http%3A%2F%2Fbc.vc%2FoYEWFr&ul=en-us&de=UTF-8&dt=Zippyshare.com%20-%20Sleeping%20With%20Sirens%20-%20Feel%20-%202013.rar&sd=24-bit&sr=1176x885&vp=1176x775&je=1&fl=10.0%20r45&_u=IEBAAMQAAAAAAC~&jid=410204040&gjid=2125045806&cid=1103100749.1527595502&tid=UA-12855174-12&_gid=60493075.1527595502&_r=1&cd2=3534&z=1008463669 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Referer: http://bc.vc/oYEWFr
Content-Length: 0
Origin: http://bc.vc
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Access-Control-Allow-Origin: http://bc.vc
Date: Tue, 29 May 2018 12:05:02 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 1
Alt-Svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /r/collect?v=1&_v=j68&a=1264366474&t=pageview&_s=1&dl=http%3A%2F%2Fbc.vc%2FoYEWFr&ul=en-us&de=UTF-8&dt=Zippyshare.com%20-%20Sleeping%20With%20Sirens%20-%20Feel%20-%202013.rar&sd=24-bit&sr=1176x885&vp=1176x775&je=1&fl=10.0%20r45&_u=aEDAAcQAAAAAAC~&jid=718134152&gjid=863019585&cid=1103100749.1527595502&tid=UA-12855174-12&_gid=60493075.1527595502&_r=1&gtm=u4s&z=907135918 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 29 May 2018 12:05:02 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 29 May 2018 11:01:33 GMT
Expires: Tue, 29 May 2018 13:01:33 GMT
Last-Modified: Fri, 18 May 2018 01:10:24 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14386
Cache-Control: public, max-age=7200
Age: 3809
Alt-Svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14386
Md5:    b3de885583a477d4e31568948d6bebd7
Sha1:   2ce8d853244dde551c41d5207d6f71c567bde8c6
Sha256: e1bb5aa555a0d875e2a67884ceaa0629e08994a8aabadc2fac5b6915793dbf75
                                        
                                            GET /earn.php?z=3&oid=3534&subid=3534&title=Zippyshare.com%20-%20Sleeping%20With%20Sirens%20-%20Feel%20-%202013.rar HTTP/1.1 
Host: bcvcrdr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/oYEWFr

                                         
                                         104.28.11.186
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 29 May 2018 12:05:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d1507e43ce94a05215403e32a94fde4dd1527595502; expires=Wed, 29-May-19 12:05:02 GMT; path=/; domain=.bcvcrdr.xyz; HttpOnly; Secure PHPSESSID=kejncvrhglvmjnbkn0aggfibg3; path=/
X-Powered-By: PHP/5.6.30-0+deb8u1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: allowall
Access-Control-Allow-Origin: *
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 4228d3b4aa5042af-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   116
Md5:    c44ff1327dc7f58afd19e38637c798c6
Sha1:   8318f5f7cfba7a792a015dd41433cd8414521dca
Sha256: 762c817fd0aefc4668ec5f9935fb5eaf8a5d8a4e4c3eafb96e6ed0daa6ac4a78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "94EBAA9083C68DF483C6CE761066304DE945BBAF1C3DD7DED7E991ACC8450372"
Last-Modified: Sun, 27 May 2018 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=39065
Expires: Tue, 29 May 2018 22:56:08 GMT
Date: Tue, 29 May 2018 12:05:03 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    441fa36a24a558610b033f6c14afc2e2
Sha1:   2d445b13f8a924ed87c372957462e4c1b9a426ab
Sha256: 94ebaa9083c68df483c6ce761066304de945bbaf1c3dd7ded7e991acc8450372
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.122
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Sun, 27 May 2018 08:07:03 GMT
Etag: "e7dfc1026df9aab76f36c3834cc1ad092724b99e"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=31222
Expires: Tue, 29 May 2018 20:45:25 GMT
Date: Tue, 29 May 2018 12:05:03 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    89d343c0699bee671584a66c8c9b90ae
Sha1:   e7dfc1026df9aab76f36c3834cc1ad092724b99e
Sha256: 826fafded951f93f8afde8c3ca7a9d7f7a7545fe0914a2f5f582f9531d7860d9
                                        
                                            GET /4/13821/ HTTP/1.1 
Host: rotumal.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         188.72.213.220
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 May 2018 12:05:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Wed, 30-May-2018 12:05:03 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; expires=Wed, 30-May-2018 12:05:03 GMT; Max-Age=86400; path=/ oaidts=1527595503; expires=Wed, 29-May-2019 12:05:03 GMT; Max-Age=31536000; path=/ OAID=86d11e73076fb0d05b6712a99ef57c63; expires=Wed, 29-May-2019 12:05:03 GMT; Max-Age=31536000; path=/ OAID=86d11e73076fb0d05b6712a99ef57c63; expires=Wed, 29-May-2019 12:05:03 GMT; Max-Age=31536000; path=/ exsdsf=1527595503 pbk3=bc9ba2c4034b1d7e7aac7d766233ef306560972728150784708; expires=Tue, 29-May-2018 12:15:03 GMT; Max-Age=600 ltm_afu=1; expires=Wed, 30-May-2018 12:05:03 GMT; Max-Age=86400; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
X-Used-AdExchange: 1
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4166
Md5:    5287b12d18560e2f30a26cf3ec552124
Sha1:   98ae84f1bdbc5c382d7f8f946b08d848a0251d05
Sha256: fce1026aadebc00302739a66a8574cc4916812218e888047fcfe3836232e3d73
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d0620fb99c6b5894183c1f0e8de85c6461527595500; _kei_=1; _ga=GA1.2.1103100749.1527595502; _gid=GA1.2.60493075.1527595502; _gat=1; _gat_gtag_UA_12855174_12=1

                                         
                                         104.28.31.81
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 29 May 2018 12:05:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Jul 2017 08:55:16 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Expires: Tue, 05 Jun 2018 12:05:03 GMT
Cache-Control: public, max-age=604800
Server: cloudflare
CF-RAY: 4228d3b5e32942a3-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5425
Md5:    ee9e411232f516ba2571ea044f7c242b
Sha1:   f937da91770cf4e94b1b4ff3f0ede9bc812c0bac
Sha256: 0fb8c80c3ee1f5e65ce733aa2d0196011c104204a621ac69e2f35f9830518be9
                                        
                                            GET /?r=%2Fmb%2Fhan&zoneid=13821&pbk3=bc9ba2c4034b1d7e7aac7d766233ef306560972728150784708&empty=0&auction_id=ccb40f54-b688-48a1-985c-12f59b65ebb7&uuid=0747ff1b-c9fb-4ed5-8999-e2463a9a17e2&ad_scheme=1&rotation_type=2&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=1393&adparams=bm9qcz0w&ip=f3d5bb63c9dbdcfb475795d659c65a4e&sw=1176&sh=885&sah=855&wx=-4&wy=-4&ww=1184&wh=863&cw=1176&wiw=1176&wih=661&wfc=1&pl=https%3A%2F%2Frotumal.com%2F4%2F13821%2F&drf=&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&nw=0&id=e94b442f3a6ac96217bf9c723dcc6ad6&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=1&fs=1&timeout=0 HTTP/1.1 
Host: rotumal.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://rotumal.com/4/13821/
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; oaidts=1527595503; OAID=86d11e73076fb0d05b6712a99ef57c63; ltm_afu=1

                                         
                                         188.72.213.220
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 May 2018 12:05:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=7VEL93nTMPfnV-q4eMSqkbr2y3aGCF_7naLzA9zw6ls; expires=Tue, 05-Jun-2018 12:05:03 GMT; Max-Age=604800 OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; expires=Wed, 30-May-2018 12:05:03 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Wed, 30-May-2018 12:05:03 GMT; Max-Age=86400; path=/ ppucntstart=1527595503; expires=Wed, 30-May-2018 12:05:03 GMT; Max-Age=86400; path=/ allcnt=1; expires=Wed, 29-May-2019 12:05:03 GMT; Max-Age=31536000; path=/ OAID=86d11e73076fb0d05b6712a99ef57c63; expires=Wed, 29-May-2019 12:05:03 GMT; Max-Age=31536000; path=/ _OACCAP[1192937]=1; expires=Wed, 29-May-2019 12:05:03 GMT; Max-Age=31536000; path=/ _OACBLOCK[1192937]=1527595503; expires=Thu, 28-Jun-2018 12:05:03 GMT; Max-Age=2592000; path=/ _OXCCLK[1192937]=1; expires=Wed, 29-May-2019 12:05:03 GMT; Max-Age=31536000; path=/ _OXPCLK[123533]=1; expires=Wed, 29-May-2019 12:05:03 GMT; Max-Age=31536000; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://adserving.unibet.com/redirect.aspx?pid=2871013&bid=27311&sref=FAST&FAST=13821
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            GET /redirect.aspx?pid=2871013&bid=27311&sref=FAST&FAST=13821 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         85.184.96.10
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Tue, 29 May 2018 12:05:03 GMT
Content-Length: 178
Connection: keep-alive
Location: https://adserving.unibet.com/redirect.aspx?pid=2871013&bid=27311&sref=FAST&FAST=13821
Server: kindred-loadbalancer
X-host-DD: inf5284
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /redirect.aspx?pid=2871013&bid=27311&sref=FAST&FAST=13821 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         0.0.0.0
                                        


--- Additional Info ---