Overview

URL bc.vc/82Vtjs1
IP172.64.161.8
ASN
Location United States
Report completed2018-08-15 16:29:44 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 172.64.161.8

Date UQ / IDS / BL URL IP
2018-08-11 22:02:56 +0200
0 - 1 - 0 https://ipornovideos.xxx/nos-cojemos-miranda- (...) 172.64.161.8
2018-08-11 17:53:26 +0200
0 - 1 - 0 https://ipornovideos.xxx/peliculas-porno/ 172.64.161.8

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2018-11-16 11:16:52 +0100
0 - 0 - 3 tool.justshopping.xyz/creatives/html/ee077615 (...) 143.204.47.56
2018-11-16 11:15:37 +0100
0 - 3 - 0 _.tesi.tk/ 173.212.244.211
2018-11-16 11:14:55 +0100
0 - 0 - 1 cdn-mxpnl.com 172.64.203.23
2018-11-16 11:13:06 +0100
0 - 0 - 0 www.microsoftpoll.com/wix/ 148.62.50.92
2018-11-16 11:12:48 +0100
0 - 0 - 1 www.wathspap.com/rc/55a4a7f95c?affclick=07202 (...) 172.64.195.17
2018-11-16 11:12:24 +0100
0 - 0 - 0 https://oercommons.s3.amazonaws.com/media/cou (...) 52.216.165.91
2018-11-16 11:10:59 +0100
0 - 0 - 2 golipro.com/za/146/MundialNews_za_wifi/?refer (...) 147.135.254.158
2018-11-16 11:10:27 +0100
0 - 0 - 2 cejustrob.host/dfhojspfkhmspdfhfh/es_es.lacai (...) 91.235.136.198
2018-11-16 11:08:48 +0100
0 - 1 - 0 https://new-appsad-cellular-dev.pw/e29481e9-a (...) 172.64.160.6
2018-11-16 11:08:28 +0100
0 - 1 - 0 https://new-appsad-cellular-dev.pw/46c09975-0 (...) 172.64.161.6

Last 10 reports on domain: bc.vc

Date UQ / IDS / BL URL IP
2018-11-08 21:21:16 +0100
0 - 0 - 0 bc.vc/fly/ajax.php?wds=50f1cfb53414785befcbe0 (...) 172.64.202.12
2018-10-05 07:41:48 +0200
0 - 0 - 1 bc.vc/Na7Tv8L 104.18.42.124
2018-08-02 18:10:46 +0200
0 - 0 - 0 bc.vc/82Vtjs1 104.27.129.229
2018-07-26 08:22:19 +0200
0 - 0 - 1 bc.vc/qlZN0E 172.64.136.7
2018-06-27 18:07:31 +0200
2 - 0 - 0 bc.vc/JfF1m3P 104.27.170.229
2018-06-08 16:57:01 +0200
0 - 0 - 0 bc.vc/ucyfJTW 104.28.30.81
2018-05-31 00:14:24 +0200
0 - 0 - 1 bc.vc/4847/http:/turbobit.net/edmsu3xrx5wo/id (...) 104.28.30.81
2018-05-30 18:57:53 +0200
0 - 0 - 1 bc.vc/F0745I 104.28.31.81
2018-05-29 22:47:15 +0200
0 - 0 - 1 bc.vc/YLS5c7 104.28.30.81
2018-05-29 14:05:32 +0200
0 - 0 - 1 bc.vc/oYEWFr 104.28.31.81


JavaScript

Executed Scripts (21)


Executed Evals (5)

#1 JavaScript::Eval (size: 265, repeated: 1) - SHA256: fdd2120c37da9ce7a58d96be9ef6cb106c1040561b6801c70718faf6fc342e8c

                                        ({
    'bg': [-50, -50, 50, 115],
    '0': [-135, -147, 20, 14],
    '1': [-135, -135, 20, 9],
    '2': [-135, -117, 20, 13],
    '3': [-135, -100, 20, 14],
    '4': [-135, -84, 20, 15],
    '5': [-135, -70, 20, 13],
    '6': [-135, -53, 20, 15],
    '7': [-135, -38, 20, 14],
    '8': [-135, -23, 20, 14],
    '9': [-135, -7, 20, 15],
    ',': [-135, 0, 23, 7]
})
                                    

#2 JavaScript::Eval (size: 264, repeated: 1) - SHA256: 39579f75bcf62085fff19d2e37ddf70e9cf240fdb343e46ee527e3521ab5bb7c

                                        ({
    'bg': [0, -50, 50, 115],
    '0': [-115, 0, 20, 14],
    '1': [-115, -17, 20, 9],
    '2': [-115, -31, 20, 13],
    '3': [-115, -47, 20, 13],
    '4': [-115, -62, 20, 15],
    '5': [-115, -78, 20, 13],
    '6': [-115, -93, 20, 15],
    '7': [-115, -109, 20, 14],
    '8': [-115, -124, 20, 14],
    '9': [-115, -139, 20, 15],
    ',': [-112, -154, 23, 7]
})
                                    

#3 JavaScript::Eval (size: 262, repeated: 1) - SHA256: ff0504e3bd7c9ca7030953a039cc9622891cd31e22cedc2c9d33f8bbb607c74f

                                        ({
    'bg': [0, 0, 115, 50],
    '0': [0, -165, 14, 20],
    '1': [-17, -165, 9, 20],
    '2': [-31, -165, 14, 20],
    '3': [-47, -165, 13, 20],
    '4': [-62, -165, 15, 20],
    '5': [-78, -165, 13, 20],
    '6': [-93, -165, 15, 20],
    '7': [-109, -165, 14, 20],
    '8': [-124, -165, 14, 20],
    '9': [-139, -165, 15, 20],
    ',': [-102, -131, 7, 23]
})
                                    

#4 JavaScript::Eval (size: 5318, repeated: 1) - SHA256: a6a76a343c867c0e8b0ef6339c7fec48580bc2c1e6c0ce80cd805151f90ad6f4

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_SAH').value = d.SAH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_CW').value = d.CW
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
    try {
        document.getElementById('ci_NW').value = d.NW
    } catch (e) {}
    try {
        document.getElementById('ci_HIL').value = d.HIL
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.SAH = window.screen.availHeight
} catch (e) {
    QC.SAH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.CW = document.documentElement.clientWidth
} catch (e) {
    QC.CW = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = window.callPhantom !== undefined || window._phantom !== undefined ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof navigator.sendBeacon === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = navigator.geolocation !== undefined ? 1 : 0
} catch (e) {
    QC.NG = -1
}
try {
    QC.NW = 'webdriver' in navigator ? 1 : 0
} catch (e) {
    QC.NW = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

#5 JavaScript::Eval (size: 20, repeated: 1) - SHA256: e9776e2e5c0dc6ace2f77bc3e2447b8e591fe28648279c789e2e93c8f0e6dd15

                                        wid.style. = '-50px'
                                    

Executed Writes (0)



HTTP Transactions (33)


Request Response
                                        
                                            GET /82Vtjs1 HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.64.160.8
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 15 Aug 2018 14:28:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=db947f3ba8bc94afb0f7a74fbc627f1651534343335; expires=Thu, 15-Aug-19 14:28:55 GMT; path=/; domain=.bc.vc; HttpOnly _kei_=1; expires=Wed, 15-Aug-2018 21:00:00 GMT; Max-Age=23746; path=/
X-Powered-By: PHP/5.6.30-0+deb8u1
X-Frame-Options: allowall
Server: cloudflare
CF-RAY: 44ac59b8643f868b-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2454
Md5:    c8545bfa9782a02040faeb1e433ffb04
Sha1:   503cd5f761bcd44a387a57d1db3173bc33096c86
Sha256: 3f2721a06fc7e38a0e7997de96cdcca07088b5ec57d375341495c80e2f43a3df
                                        
                                            GET /css/style.css HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1
Cookie: __cfduid=db947f3ba8bc94afb0f7a74fbc627f1651534343335; _kei_=1

                                         
                                         172.64.160.8
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 15 Aug 2018 14:28:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 11 Jun 2017 22:21:04 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 15 Aug 2018 18:28:55 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 44ac59b9646b868b-ARN


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3507
Md5:    8d13d760c79cb30c922dad80630de0b1
Sha1:   b60fbdc05b6a65d27ea4b15661c4465bf5bed53b
Sha256: f710dd2a34b844c40038729c023bfdd9d10c591dfb89ca9d763c403267444335
                                        
                                            GET /css/bottom.css HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1
Cookie: __cfduid=db947f3ba8bc94afb0f7a74fbc627f1651534343335; _kei_=1

                                         
                                         172.64.160.8
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 15 Aug 2018 14:28:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 May 2017 09:18:39 GMT
Etag: W/"59084eef-be"
X-Frame-Options: allowall
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 15 Aug 2018 18:28:55 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 44ac59b9735f867f-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   164
Md5:    d18b8a7db9c4102ece48efa83e2325d4
Sha1:   b14fa13bf0dad94da67b86dca4527626764bd489
Sha256: 98ca1375c7d3c455d1f1a59140ae975c42f5fb55af305821e80a63215cfce659
                                        
                                            GET /js/po_v7.min.js?v=1 HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1
Cookie: __cfduid=db947f3ba8bc94afb0f7a74fbc627f1651534343335; _kei_=1

                                         
                                         172.64.160.8
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 15 Aug 2018 14:28:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 May 2018 13:49:45 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 15 Aug 2018 18:28:55 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 44ac59b9846e868b-ARN


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1824
Md5:    d7afe926642793b9edfedb2fadebc7cc
Sha1:   0404457ddcb67cb3b82ac22adc36d293556f2714
Sha256: 196d7dc12f4cef3e935229f011bfc00373de1ed70561c56c2613b355de336245
                                        
                                            GET /css/kfk.css HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1
Cookie: __cfduid=db947f3ba8bc94afb0f7a74fbc627f1651534343335; _kei_=1

                                         
                                         172.64.160.8
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 15 Aug 2018 14:28:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 May 2017 09:18:39 GMT
Etag: W/"59084eef-cd"
X-Frame-Options: allowall
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 15 Aug 2018 18:28:55 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 44ac59b981ba8697-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   167
Md5:    934d36587f2ff7e50eb47d5b51ee9217
Sha1:   e5ff1e021825f7f4b36d0006f7a348390b4bac8d
Sha256: 1abc04c11016d45b3c780663a0dd98c94d55292342ccbee810867afea87c1058
                                        
                                            GET /js/jquery.libs.js HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1
Cookie: __cfduid=db947f3ba8bc94afb0f7a74fbc627f1651534343335; _kei_=1

                                         
                                         172.64.160.8
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 15 Aug 2018 14:28:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 May 2017 09:18:43 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 15 Aug 2018 18:28:55 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 44ac59b993138691-ARN


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7762
Md5:    ce6b43a7f57270c599e099be45bf3245
Sha1:   c2bc745de2cf74200520055a5239317c75d4598e
Sha256: f7f89ed1f05306ab4809fca0260e61303efa3451de8b24951795531d47ce78a1
                                        
                                            GET /js/app.v5.js HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1
Cookie: __cfduid=db947f3ba8bc94afb0f7a74fbc627f1651534343335; _kei_=1

                                         
                                         172.64.160.8
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 15 Aug 2018 14:28:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 07 Aug 2017 14:31:23 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 15 Aug 2018 18:28:55 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 44ac59b996e58685-ARN


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   655
Md5:    f8665607f296ec743e9c5a379725d125
Sha1:   beda4bf37aba5bec796ff1a6a7eff356522cb0b1
Sha256: ff841edc0e86149dfb92734a63866405293f89e95252eccd6d52a813b5fd00c5
                                        
                                            GET /js/jquery.min.js HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1
Cookie: __cfduid=db947f3ba8bc94afb0f7a74fbc627f1651534343335; _kei_=1

                                         
                                         172.64.160.8
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 15 Aug 2018 14:28:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 May 2017 09:18:43 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 15 Aug 2018 18:28:55 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 44ac59b983b8869d-ARN


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   27176
Md5:    b9ce259ec1665a1caa6e1fadd5d7358a
Sha1:   f930485641cff5f09af81a791786700dee43d726
Sha256: 810ddeea370d274695632e621706b196fdf13f5ca47a9413cc7a47060321dce7
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 15 Aug 2018 14:28:56 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    7737ff6365f6be2eaece03cf133794f2
Sha1:   9fe65cde597dcb727f4ddeb71259fb5aece69811
Sha256: 168556d2805b90f08e74a80347b74bf04e80433b6a590b45ac4b5ea70f839262
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1
If-Modified-Since: Fri, 03 Oct 2014 00:48:42 GMT

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Wed, 15 Aug 2018 13:32:27 GMT
Expires: Wed, 15 Aug 2018 15:32:27 GMT
Last-Modified: Fri, 18 May 2018 01:10:24 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14386
Cache-Control: public, max-age=7200
Age: 3389


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14386
Md5:    b3de885583a477d4e31568948d6bebd7
Sha1:   2ce8d853244dde551c41d5207d6f71c567bde8c6
Sha256: e1bb5aa555a0d875e2a67884ceaa0629e08994a8aabadc2fac5b6915793dbf75
                                        
                                            GET /images/logo.png HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/css/style.css
Cookie: __cfduid=db947f3ba8bc94afb0f7a74fbc627f1651534343335; _kei_=1

                                         
                                         172.64.160.8
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 15 Aug 2018 14:28:56 GMT
Content-Length: 5014
Connection: keep-alive
Last-Modified: Tue, 02 May 2017 09:18:39 GMT
Etag: "59084eef-1396"
X-Frame-Options: allowall
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 15 Aug 2018 18:28:56 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 44ac59bb53a5867f-ARN


--- Additional Info ---
Magic:  PNG image, 60 x 60, 8-bit/color RGBA, non-interlaced
Size:   5014
Md5:    e0c1cd9701213beacca580cc6b3d515a
Sha1:   9adb002d674195be592b175c7509cab21d24d666
Sha256: d218dfcf6f36270ee2eb138d72c747e83aecf95421c9f72fcbd1d4b466f91bea
                                        
                                            GET /tab.js HTTP/1.1 
Host: widgets.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1

                                         
                                         185.225.208.133
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Wed, 15 Aug 2018 14:28:56 GMT
Last-Modified: Tue, 17 Jul 2018 21:46:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5b4e63b9-6e99"
Expires: Thu, 16 Aug 2018 14:28:56 GMT
Cache-Control: max-age=86400, private
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   18848
Md5:    9fe4bda5e4fe9d390148f7fdb2156fd7
Sha1:   a9fa3ba34685a53c02198c5784d3e6fbda3c00ee
Sha256: ba7ccd634b560d814ca847d108e3d689fafcea6ad57629e6585cff34ed9c9ca5
                                        
                                            GET /r/collect?v=1&_v=j68&a=1739417987&t=pageview&_s=1&dl=http%3A%2F%2Fbc.vc%2F82Vtjs1&ul=en-us&de=UTF-8&dt=BCVC%20Shortener&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAEQ~&jid=810013163&gjid=2023649107&cid=1102819172.1534343337&tid=UA-12855174-12&_gid=232105607.1534343337&_r=1&cd2=179222&z=1250877648 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Wed, 15 Aug 2018 14:28:56 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 15 Aug 2018 14:28:56 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 13 Aug 2018 10:35:17 GMT
Etag: 34B2229B1C42FAE07026576B89CBB235DCB6DBA7
X-OCSP-Responder-ID: rmdccaocsp29
Content-Length: 280
Cache-Control: public, no-transform, must-revalidate, max-age=417325
Expires: Mon, 20 Aug 2018 10:24:22 GMT
Date: Wed, 15 Aug 2018 14:28:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   280
Md5:    2ca207762013a0293b732dec68a6c9b3
Sha1:   34b2229b1c42fae07026576b89cbb235dcb6dba7
Sha256: a89b69dcd4398df2732aca49bef3e2bd20af2c03a3db48ae18533f0c04b45ac1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 09 Aug 2018 10:51:21 GMT
Etag: 886A0C302119CE358E3C902A117EA1DCC679201D
X-OCSP-Responder-ID: rmdccaocsp17
Content-Length: 312
Cache-Control: public, no-transform, must-revalidate, max-age=72721
Expires: Thu, 16 Aug 2018 10:40:58 GMT
Date: Wed, 15 Aug 2018 14:28:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   312
Md5:    f34e075936901c21f573b59cc35f3fc5
Sha1:   886a0c302119ce358e3c902a117ea1dcc679201d
Sha256: fbc2a10f26dec51042ee0772a1bd652170f712e54f41a8389cc804cb7cc8ae7d
                                        
                                            GET /pingjs/?k=s7popkb7yn2l&t=BCVC%20Shortener&c=t&y=&a=0&d=0&v=22&r=4265 HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1

                                         
                                         67.202.94.94
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Wed, 15 Aug 2018 14:28:57 GMT
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   53
Md5:    e7d3797a0311fde43be3619837bf6373
Sha1:   f63a4a14ca9423681e4c0ecbe55925e45b1df554
Sha256: a00bea6723a5407dcb35d8a69fe1830d874371c91aedce988ccadbd10b5994b6
                                        
                                            GET /gtag/js?id=UA-12855174-12 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1

                                         
                                         216.58.211.8
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Access-Control-Allow-Origin: http://www.googletagmanager.com
Access-Control-Allow-Headers: Cache-Control
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Wed, 15 Aug 2018 14:28:57 GMT
Expires: Wed, 15 Aug 2018 14:28:57 GMT
Cache-Control: private, max-age=900
Server: Google Tag Manager (scaffolding)
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   25690
Md5:    293334476fb51f594de8321ef4be52ce
Sha1:   f7bc65fd6b963dcbcfaaf9661d1ca75e4a8524ff
Sha256: 932f4e4d045de45a468ff6eeaf373a7e8c3a97eb5d0df6d19e6309cb404243d8
                                        
                                            GET /r/collect?v=1&_v=j68&a=1739417987&t=pageview&_s=1&dl=http%3A%2F%2Fbc.vc%2F82Vtjs1&ul=en-us&de=UTF-8&dt=BCVC%20Shortener&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=aEDAAUQ~&jid=299125548&gjid=1460132629&cid=1102819172.1534343337&tid=UA-12855174-12&_gid=232105607.1534343337&_r=1&gtm=u86&z=1694069485 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Wed, 15 Aug 2018 14:28:57 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Wed, 15 Aug 2018 13:22:10 GMT
Expires: Wed, 15 Aug 2018 15:22:10 GMT
Last-Modified: Fri, 18 May 2018 01:10:24 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14386
Cache-Control: public, max-age=7200
Age: 4007
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14386
Md5:    b3de885583a477d4e31568948d6bebd7
Sha1:   2ce8d853244dde551c41d5207d6f71c567bde8c6
Sha256: e1bb5aa555a0d875e2a67884ceaa0629e08994a8aabadc2fac5b6915793dbf75
                                        
                                            GET /earn.php?z=3&oid=179222&subid=179222&title=BCVC%20Shortener HTTP/1.1 
Host: bcvcrdr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bc.vc/82Vtjs1

                                         
                                         104.28.11.186
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 15 Aug 2018 14:28:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d6225c18f2e2eface9d70b0fb1f31d5521534343337; expires=Thu, 15-Aug-19 14:28:57 GMT; path=/; domain=.bcvcrdr.xyz; HttpOnly; Secure PHPSESSID=f8987l8lsf0d6jvm3sdp2ijaf3; path=/
X-Powered-By: PHP/5.6.30-0+deb8u1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: allowall
Access-Control-Allow-Origin: *
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 44ac59c28af6427f-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   116
Md5:    c44ff1327dc7f58afd19e38637c798c6
Sha1:   8318f5f7cfba7a792a015dd41433cd8414521dca
Sha256: 762c817fd0aefc4668ec5f9935fb5eaf8a5d8a4e4c3eafb96e6ed0daa6ac4a78
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bc.vc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=db947f3ba8bc94afb0f7a74fbc627f1651534343335; _kei_=1; _ga=GA1.2.1102819172.1534343337; _gid=GA1.2.232105607.1534343337; _gat=1; _gat_gtag_UA_12855174_12=1

                                         
                                         172.64.160.8
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Wed, 15 Aug 2018 14:28:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Jul 2017 08:55:16 GMT
X-Frame-Options: allowall
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 22 Aug 2018 14:28:59 GMT
Cache-Control: public, max-age=604800
Server: cloudflare
CF-RAY: 44ac59cec767868b-ARN


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5425
Md5:    ee9e411232f516ba2571ea044f7c242b
Sha1:   f937da91770cf4e94b1b4ff3f0ede9bc812c0bac
Sha256: 0fb8c80c3ee1f5e65ce733aa2d0196011c104204a621ac69e2f35f9830518be9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "B638AF06BB111D28E7DE2BDAD346FDDD6F3796D7B844E42F9417BBCD45D7347B"
Last-Modified: Tue, 14 Aug 2018 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=24903
Expires: Wed, 15 Aug 2018 21:24:02 GMT
Date: Wed, 15 Aug 2018 14:28:59 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    9b966c9afdc26717196b2b0ba881d35b
Sha1:   a0362642f15e8012bc832f4f72cc8c416ca497c6
Sha256: b638af06bb111d28e7de2bdad346fddd6f3796d7b844e42f9417bbcd45d7347b
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Sat, 11 Aug 2018 23:51:53 GMT
Etag: "a93f38b792163f548a5585c2f75490814f7738a8"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=10348
Expires: Wed, 15 Aug 2018 17:21:27 GMT
Date: Wed, 15 Aug 2018 14:28:59 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    da5e5cb6cbd063d1a701c6503527d5ce
Sha1:   a93f38b792163f548a5585c2f75490814f7738a8
Sha256: 96fc51d905a88711c40708711cca13fa8541fee6de838ba88fed231489bce9ab
                                        
                                            GET /4/13821/ HTTP/1.1 
Host: rotumal.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         188.72.213.221
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 15 Aug 2018 14:28:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
Pragma: no-cache, no-cache
Cache-Control: private, max-age=0, no-cache, no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Thu, 16-Aug-2018 14:28:59 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Thu, 16-Aug-2018 14:28:59 GMT; Max-Age=86400; path=/ oaidts=1534343339; expires=Thu, 15-Aug-2019 14:28:59 GMT; Max-Age=31536000; path=/ OAID=ca948ff93607666719c3a78536622709; expires=Thu, 15-Aug-2019 14:28:59 GMT; Max-Age=31536000; path=/ OAID=ca948ff93607666719c3a78536622709; expires=Thu, 15-Aug-2019 14:28:59 GMT; Max-Age=31536000; path=/ exsdsf=1534343339 pbk3=76f1b0c981ca3ce803574b74ce2a4c476589954462973395361; expires=Wed, 15-Aug-2018 14:38:59 GMT; Max-Age=600 ltm_afu=1; expires=Thu, 16-Aug-2018 14:28:59 GMT; Max-Age=86400; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
X-Used-AdExchange: 1
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4410
Md5:    22e00c7b339e84e6aded2a9a53c37398
Sha1:   bda3e28ef694418801e91e32d67eee1487e79840
Sha256: 0c3926687549f1821a98ab627064d721eafad7377221e0548faea5fc7444c710
                                        
                                            GET /?r=%2Fmb%2Fhan&zoneid=13821&pbk3=76f1b0c981ca3ce803574b74ce2a4c476589954462973395361&empty=0&auction_id=e84600e1-109a-4af2-87cd-1363dcf8cff6&uuid=ea0285f5-0dc3-4625-ada1-aea70cef387c&ad_scheme=1&rotation_type=2&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=1393&adparams=bm9qcz0w&ip=f3d5bb63c9dbdcfb475795d659c65a4e&sw=1176&sh=885&sah=855&wx=-4&wy=-4&ww=1184&wh=863&cw=1176&wiw=1176&wih=640&wfc=1&pl=https%3A%2F%2Frotumal.com%2F4%2F13821%2F&drf=&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&nw=0&hil=undefined&id=301b2f8705893f588440347e57aa5e02&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=1&fs=1&timeout=0 HTTP/1.1 
Host: rotumal.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://rotumal.com/4/13821/
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1534343339; OAID=ca948ff93607666719c3a78536622709; ltm_afu=1

                                         
                                         188.72.213.221
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 15 Aug 2018 14:28:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=2IO0SwA5XBeNgTVX2JIqNio8K2syrZdOnC-WV_T4KOs; expires=Wed, 22-Aug-2018 14:28:59 GMT; Max-Age=604800 OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Thu, 16-Aug-2018 14:28:59 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Thu, 16-Aug-2018 14:28:59 GMT; Max-Age=86400; path=/ ppucntstart=1534343339; expires=Thu, 16-Aug-2018 14:28:59 GMT; Max-Age=86400; path=/ allcnt=1; expires=Thu, 15-Aug-2019 14:28:59 GMT; Max-Age=31536000; path=/ OAID=ca948ff93607666719c3a78536622709; expires=Thu, 15-Aug-2019 14:28:59 GMT; Max-Age=31536000; path=/ _OACCAP[1241828]=1; expires=Thu, 15-Aug-2019 14:28:59 GMT; Max-Age=31536000; path=/ _OACBLOCK[1241828]=1534343339; expires=Fri, 14-Sep-2018 14:28:59 GMT; Max-Age=2592000; path=/ _OXCCLK[1241828]=1; expires=Thu, 15-Aug-2019 14:28:59 GMT; Max-Age=31536000; path=/ _OXPCLK[102397]=1; expires=Thu, 15-Aug-2019 14:28:59 GMT; Max-Age=31536000; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://girrrly.com/visit.php?c=4881&k=c0c18d9e5740717736e3665183198b72&cost=0.0008568&bannerid=1941960&campaignid=1241828&browser=firefox&zoneid=13821&connection.type=XDSL&carrier=%3F&browserversion=3&os=windows&isp=BROADNET+AS&useragent=Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%3A1.9.2.13%29+Gecko%2F20101203+Firefox%2F3.6.13&device=desktop&country=NO&osversion=6.1&language=en&zoneid=13821
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            GET /visit.php?c=4881&k=c0c18d9e5740717736e3665183198b72&cost=0.0008568&bannerid=1941960&campaignid=1241828&browser=firefox&zoneid=13821&connection.type=XDSL&carrier=%3F&browserversion=3&os=windows&isp=BROADNET+AS&useragent=Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%3A1.9.2.13%29+Gecko%2F20101203+Firefox%2F3.6.13&device=desktop&country=NO&osversion=6.1&language=en&zoneid=13821 HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         78.31.67.23
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 15 Aug 2018 14:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: fc_t_4881=1534343340_1534343340_1534343340_1534343340_1534343340; expires=Sat, 15-Sep-2018 14:29:00 GMT; Max-Age=2678400; path=/ fc_n_4881=1_1_1_1_1; expires=Sat, 15-Sep-2018 14:29:00 GMT; Max-Age=2678400; path=/ c=3ygz9he7zgkz1; expires=Fri, 14-Sep-2018 14:29:00 GMT; Max-Age=2592000; path=/ k=63cf97d566f0ffe38b6fb3343f2d779d; expires=Fri, 14-Sep-2018 14:29:00 GMT; Max-Age=2592000; path=/
Cache-Control: no-cache
Location: http://girrrly.com/sex/multi/maingame/sexbadoo/sexbadoo_n64w2?c=3ygz9he7zgkz1&k=63cf97d566f0ffe38b6fb3343f2d779d&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech Information Systems AS&lang=en&ref_domain=&os=Windows 7&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1941960&t2=1241828&t3=firefox&t4=13821&t5=XDSL&t6=?&t7=3&t8=windows&t9=BROADNET AS&t10=Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13&t11=desktop&t12=NO&t13=6.1&t14=en&t15=13821&et1=&et2=&et3=&et4=&et5=
Expires: Wed, 15 Aug 2018 14:28:59 GMT


--- Additional Info ---
                                        
                                            GET /sex/multi/maingame/sexbadoo/sexbadoo_n64w2?c=3ygz9he7zgkz1&k=63cf97d566f0ffe38b6fb3343f2d779d&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1941960&t2=1241828&t3=firefox&t4=13821&t5=XDSL&t6=?&t7=3&t8=windows&t9=BROADNET%20AS&t10=Mozilla/5.0%20(Windows;%20U;%20Windows%20NT%206.1;%20en-US;%20rv:1.9.2.13)%20Gecko/20101203%20Firefox/3.6.13&t11=desktop&t12=NO&t13=6.1&t14=en&t15=13821&et1=&et2=&et3=&et4=&et5= HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: fc_t_4881=1534343340_1534343340_1534343340_1534343340_1534343340; fc_n_4881=1_1_1_1_1; c=3ygz9he7zgkz1; k=63cf97d566f0ffe38b6fb3343f2d779d

                                         
                                         78.31.67.23
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 15 Aug 2018 14:29:00 GMT
Content-Length: 178
Location: http://girrrly.com/sex/multi/maingame/sexbadoo/sexbadoo_n64w2/?c=3ygz9he7zgkz1&k=63cf97d566f0ffe38b6fb3343f2d779d&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1941960&t2=1241828&t3=firefox&t4=13821&t5=XDSL&t6=?&t7=3&t8=windows&t9=BROADNET%20AS&t10=Mozilla/5.0%20(Windows;%20U;%20Windows%20NT%206.1;%20en-US;%20rv:1.9.2.13)%20Gecko/20101203%20Firefox/3.6.13&t11=desktop&t12=NO&t13=6.1&t14=en&t15=13821&et1=&et2=&et3=&et4=&et5=
Connection: keep-alive
Expires: Wed, 15 Aug 2018 14:28:59 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /ctrack.php?c=3ygz9he7zgkz1&k=63cf97d566f0ffe38b6fb3343f2d779d&sr=1176_885&t=0.0748687657549365 HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/sexbadoo/sexbadoo_n64w2/?c=3ygz9he7zgkz1&k=63cf97d566f0ffe38b6fb3343f2d779d&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1941960&t2=1241828&t3=firefox&t4=13821&t5=XDSL&t6=?&t7=3&t8=windows&t9=BROADNET%20AS&t10=Mozilla/5.0%20(Windows;%20U;%20Windows%20NT%206.1;%20en-US;%20rv:1.9.2.13)%20Gecko/20101203%20Firefox/3.6.13&t11=desktop&t12=NO&t13=6.1&t14=en&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4881=1534343340_1534343340_1534343340_1534343340_1534343340; fc_n_4881=1_1_1_1_1; c=3ygz9he7zgkz1; k=63cf97d566f0ffe38b6fb3343f2d779d; lfc_t_580_4881=1534343340_1534343340_1534343340_1534343340_1534343340; lfc_n_580_4881=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 15 Aug 2018 14:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Expires: Wed, 15 Aug 2018 14:28:59 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ffce86e7c036f733c99e4aac1951d1f0
Sha1:   9d27322a607424247d05b3aa22ed8a9bbf3977ca
Sha256: adc1673711c18a8770805224a7c110405cb60a6e933d56f47a7b36585fe37fcc
                                        
                                            GET /sex/multi/maingame/sexbadoo/sexbadoo_n64w2/?c=3ygz9he7zgkz1&k=63cf97d566f0ffe38b6fb3343f2d779d&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1941960&t2=1241828&t3=firefox&t4=13821&t5=XDSL&t6=?&t7=3&t8=windows&t9=BROADNET%20AS&t10=Mozilla/5.0%20(Windows;%20U;%20Windows%20NT%206.1;%20en-US;%20rv:1.9.2.13)%20Gecko/20101203%20Firefox/3.6.13&t11=desktop&t12=NO&t13=6.1&t14=en&t15=13821&et1=&et2=&et3=&et4=&et5= HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: fc_t_4881=1534343340_1534343340_1534343340_1534343340_1534343340; fc_n_4881=1_1_1_1_1; c=3ygz9he7zgkz1; k=63cf97d566f0ffe38b6fb3343f2d779d

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 15 Aug 2018 14:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: lfc_t_580_4881=1534343340_1534343340_1534343340_1534343340_1534343340; expires=Sat, 15-Sep-2018 14:29:00 GMT; Max-Age=2678400; path=/ lfc_n_580_4881=1_1_1_1_1; expires=Sat, 15-Sep-2018 14:29:00 GMT; Max-Age=2678400; path=/
Expires: Wed, 15 Aug 2018 14:28:59 GMT
Cache-Control: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   113615
Md5:    645061ea3bd83e31e925b2ca6e082cbb
Sha1:   86fed32fef9d923b62ee03f3a8f4e4d66f595839
Sha256: 84e25b514939b35e1d60a5f948893680ac70c59db0a632ce84d3c8666ad38e56
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 15 Aug 2018 14:29:00 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    e62434f6aafabc4b4c5a2bdb980d0188
Sha1:   b8b06a23f05f45fbf8fa65ef6929c5391a6511e4
Sha256: ce46f23ba12e115a31e4a5bb02800777d35ed9f129e2e621646665489efca247
                                        
                                            GET /ajax/libs/jquery/3.1.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/sexbadoo/sexbadoo_n64w2/?c=3ygz9he7zgkz1&k=63cf97d566f0ffe38b6fb3343f2d779d&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1941960&t2=1241828&t3=firefox&t4=13821&t5=XDSL&t6=?&t7=3&t8=windows&t9=BROADNET%20AS&t10=Mozilla/5.0%20(Windows;%20U;%20Windows%20NT%206.1;%20en-US;%20rv:1.9.2.13)%20Gecko/20101203%20Firefox/3.6.13&t11=desktop&t12=NO&t13=6.1&t14=en&t15=13821&et1=&et2=&et3=&et4=&et5=

                                         
                                         172.217.20.42
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 30211
Date: Mon, 13 Aug 2018 09:46:02 GMT
Expires: Tue, 13 Aug 2019 09:46:02 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 189778
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   30211
Md5:    fbe55d62ddbb07d455db91c42719fa95
Sha1:   45b95c6f258886c2c52463472f93a00eeda53ea9
Sha256: f578c28becf81938d728f30836a507879e448d27461a2db119d7fb6d456f2fd1
                                        
                                            GET /lib/ajax/lp_timing.php?c=3ygz9he7zgkz1&k=63cf97d566f0ffe38b6fb3343f2d779d&d=758_0&t=0.4659530586140258 HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/sexbadoo/sexbadoo_n64w2/?c=3ygz9he7zgkz1&k=63cf97d566f0ffe38b6fb3343f2d779d&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1941960&t2=1241828&t3=firefox&t4=13821&t5=XDSL&t6=?&t7=3&t8=windows&t9=BROADNET%20AS&t10=Mozilla/5.0%20(Windows;%20U;%20Windows%20NT%206.1;%20en-US;%20rv:1.9.2.13)%20Gecko/20101203%20Firefox/3.6.13&t11=desktop&t12=NO&t13=6.1&t14=en&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4881=1534343340_1534343340_1534343340_1534343340_1534343340; fc_n_4881=1_1_1_1_1; c=3ygz9he7zgkz1; k=63cf97d566f0ffe38b6fb3343f2d779d; lfc_t_580_4881=1534343340_1534343340_1534343340_1534343340_1534343340; lfc_n_580_4881=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 15 Aug 2018 14:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 15 Aug 2018 14:28:59 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ffce86e7c036f733c99e4aac1951d1f0
Sha1:   9d27322a607424247d05b3aa22ed8a9bbf3977ca
Sha256: adc1673711c18a8770805224a7c110405cb60a6e933d56f47a7b36585fe37fcc