Overview

URL www32.speedyshare.com/fpJQk/0374ad5a/download/avataria.rar
IP98.124.199.64
ASNAS21740 eNom, Incorporated
Location United States
Report completed2018-10-12 05:22:59 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-10-12 2 www32.speedyshare.com/fpJQk/0374ad5a/download/avataria.rar Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 98.124.199.64

Date UQ / IDS / BL URL IP
2019-05-28 18:33:37 +0200
0 - 0 - 1 www.speedyshare.com/94EA7/MassRt-FavsNew.rar 98.124.199.64
2019-05-28 17:36:40 +0200
0 - 0 - 1 www.speedyshare.com/94EA7/MassRt-FavsNew.rar 98.124.199.64
2019-05-15 08:38:55 +0200
0 - 0 - 0 www11.speedyshare.com 98.124.199.64
2019-02-15 14:51:14 +0100
0 - 0 - 1 www.speedyshare.com/files/21248355/AutoSetup_ (...) 98.124.199.64
2019-01-28 23:01:05 +0100
0 - 0 - 1 www.speedyshare.com/files/29612954/Dla_MPC_pr (...) 98.124.199.64
2018-12-09 13:52:27 +0100
0 - 0 - 1 www.speedyshare.com/files/21070654/download/s (...) 98.124.199.64
2018-10-11 15:28:54 +0200
0 - 0 - 1 www30.speedyshare.com/5SJbc/5f98e64a/download (...) 98.124.199.64
2018-10-11 09:43:22 +0200
0 - 0 - 1 www33.speedyshare.com/HneXA/11e09b10/download (...) 98.124.199.64
2018-10-08 23:03:43 +0200
0 - 0 - 2 www.speedyshare.com/files/29391140/E0000A6BC7 (...) 98.124.199.64
2018-10-08 18:45:21 +0200
0 - 0 - 1 www30.speedyshare.com/QszVp/8f2b3605/download (...) 98.124.199.64

Last 10 reports on ASN: AS21740 eNom, Incorporated

Date UQ / IDS / BL URL IP
2019-06-10 15:52:06 +0200
0 - 0 - 1 jerkybuy.com/transacciones/83.58.109.913516/c (...) 98.124.199.46
2019-06-09 14:21:22 +0200
0 - 0 - 1 englishgarden.net/index.php 98.124.199.107
2019-06-09 13:37:25 +0200
0 - 0 - 1 pipersoperahouse.net/cast/bookmark 98.124.199.102
2019-06-09 11:26:35 +0200
0 - 0 - 3 weldmaster.com/zyq/bigtyme/nD 98.124.199.24
2019-06-09 11:23:21 +0200
0 - 0 - 3 weldmaster.com/gp 98.124.199.24
2019-06-07 08:05:50 +0200
0 - 0 - 4 kelownatownhomes.com/g76ub76 98.124.199.89
2019-06-05 08:06:09 +0200
0 - 0 - 6 suncoastot.com/webpage/forms/SCHOOLAGE_CHECKL (...) 98.124.252.176
2019-06-04 14:10:51 +0200
0 - 0 - 1 hal9000.ehost-services142.com/n53s3pog/hyimeh7.exe 69.64.156.54
2019-06-03 00:43:35 +0200
0 - 0 - 1 zkaoo.com/download/update/update.exe 98.124.199.125
2019-06-02 19:58:16 +0200
0 - 1 - 0 ncdrive.com/wow.exe 98.124.199.68

No other reports on domain: speedyshare.com



JavaScript

Executed Scripts (25)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 759, repeated: 1) - SHA256: d948679c1815a70142b32c2568b39c06b46b9ffe841f11807de6c97a0949b7af

                                        < img height = "1"
width = "1"
border = "0"
alt = ""
src = "https://www.googleadservices.com/pagead/conversion/1038302480/?random=1539314546575&cv=9&fst=1539314546575&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair"
style = "display:none" / >
                                    


HTTP Transactions (55)


Request Response
                                        
                                            GET /fpJQk/0374ad5a/download/avataria.rar HTTP/1.1 
Host: www32.speedyshare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         98.124.199.64
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Date: Fri, 12 Oct 2018 03:22:24 GMT
Transfer-Encoding: chunked
Connection: close
Location: http://ce6yo.5355156.com/fpJQk/0374ad5a/download/avataria.rar
Server: Redirector/1.0
Cache-Control: private


--- Additional Info ---
Magic:  HTML document text
Size:   182
Md5:    f184a06e48ed31aa356161da9c92e98a
Sha1:   fd6c394ff897b5b3b359b87ec7ca8c9e0e0afb38
Sha256: 302bae824f94ea9ba43701febf26fbb495b78b86e56df846f19053eb1b8f6b4a

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /fpJQk/0374ad5a/download/avataria.rar HTTP/1.1 
Host: ce6yo.5355156.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         191.101.34.10
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 12 Oct 2018 03:22:25 GMT
Transfer-Encoding: chunked
X-ImpID: 0a4ca99c-cdce-11e8-a358-4e4e3e1c4387
Location: http://www.reimageplus.com/includes/router_land.php?tracking=YTZ2&lpx=slm&banner=ALF&%3F%3Fgroup_id=483&group_id=483&cntrl=00000&pid=14497&redid=49184&gsid=483&campaign_id=12&p_id=14497&id=XNSX.-r49184-t483&impid=0a4ca99c-cdce-11e8-a358-4e4e3e1c4387


--- Additional Info ---
                                        
                                            GET /includes/router_land.php?tracking=YTZ2&lpx=slm&banner=ALF&%3F%3Fgroup_id=483&group_id=483&cntrl=00000&pid=14497&redid=49184&gsid=483&campaign_id=12&p_id=14497&id=XNSX.-r49184-t483&impid=0a4ca99c-cdce-11e8-a358-4e4e3e1c4387 HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Date: Fri, 12 Oct 2018 03:20:30 GMT
Location: http://www.reimageplus.com/land/sqi/index.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Connection: Keep-Alive
Set-Cookie: X-Mapping-fjhppofk=302F129A1ED4F39364C5F98DD2A88FE4; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D0a4ca99c-cdce-11e8-a358-4e4e3e1c4387; expires=Tue, 11-Dec-2018 03:20:30 GMT; path=/ _testcookie=test; expires=Fri, 12-Oct-2018 03:26:30 GMT; path=/ one_time_package=true; expires=Tue, 16-Oct-2018 03:20:30 GMT; path=/; domain=reimageplus.com _master_srcid_ytz2_alf=364; expires=Tue, 16-Oct-2018 03:20:30 GMT; path=/; domain=reimageplus.com _srcid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=reimageplus.com _srcid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ reward_ab=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=reimageplus.com reward_ab=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ rmo=true; expires=Mon, 26-Nov-2018 03:20:30 GMT; path=/; domain=reimageplus.com marketnetwork_subid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=reimageplus.com
Content-Length: 22


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    a0501a98ab1b294fd669c2ecd1b8c027
Sha1:   ecd8ceda437c617578af895ce922b9497f20938b
Sha256: cada81a8faf83daa504d843d0795ec58a6f77bd94a28345385cdb54cef383832
                                        
                                            GET /land/sqi/index.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=302F129A1ED4F39364C5F98DD2A88FE4; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D0a4ca99c-cdce-11e8-a358-4e4e3e1c4387; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Content-Security-Policy: script-src 'self' 'nonce-b3976c2010b780f587c97301daf9d459' *.reimage.com *.reimageplus.com *.websecurity.norton.com *.googleapis.com *.doubleclick.net *.ywxi.net *.inspectlet.com *.googleadservices.com privacy-policy.truste.com;object-src 'self' *.reimage.com *.reimageplus.com ;frame-src 'self' *.reimage.com *.reimageplus.com *.mcafeesecure.com;img-src 'self' data: *.reimage.com *.reimageplus.com *.websecurity.norton.com *.scanalert.com *.googleadservices.com *.doubleclick.net *.ywxi.net *.google.com *.google.co.il privacy-policy.truste.com; cookie-scope reimageplus.com;
Content-Encoding: gzip
Content-Security-Policy: script-src 'self' 'nonce-b3976c2010b780f587c97301daf9d459' *.reimage.com *.reimageplus.com *.websecurity.norton.com *.googleapis.com *.doubleclick.net *.ywxi.net *.inspectlet.com *.googleadservices.com privacy-policy.truste.com;object-src 'self' *.reimage.com *.reimageplus.com ;frame-src 'self' *.reimage.com *.reimageplus.com *.mcafeesecure.com;img-src 'self' data: *.reimage.com *.reimageplus.com *.websecurity.norton.com *.scanalert.com *.googleadservices.com *.doubleclick.net *.ywxi.net *.google.com *.google.co.il privacy-policy.truste.com; cookie-scope reimageplus.com;
Date: Fri, 12 Oct 2018 03:20:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: Keep-Alive
Set-Cookie: PHPSESSID=in58ktpj8o351n2966l1asd106; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _testcookie=test; expires=Fri, 12-Oct-2018 03:26:30 GMT; path=/
X-Webkit-CSP: script-src 'self' 'nonce-b3976c2010b780f587c97301daf9d459' *.reimage.com *.reimageplus.com *.websecurity.norton.com *.googleapis.com *.doubleclick.net *.ywxi.net *.inspectlet.com *.googleadservices.com privacy-policy.truste.com;object-src 'self' *.reimage.com *.reimageplus.com ;frame-src 'self' *.reimage.com *.reimageplus.com *.mcafeesecure.com;img-src 'self' data: *.reimage.com *.reimageplus.com *.websecurity.norton.com *.scanalert.com *.googleadservices.com *.doubleclick.net *.ywxi.net *.google.com *.google.co.il privacy-policy.truste.com; cookie-scope reimageplus.com;
Content-Length: 3963


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3963
Md5:    46e2f070057f1b486aa2603cb4ac2291
Sha1:   31585c4d2857204fc6c80814193b774e1da5e682
Sha256: c53d1fc65e8509915976b9130dd4aa31b03ec9ea3d7178a31c502b329669bd45
                                        
                                            GET /ajax/libs/jquery/1.5.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         172.217.20.42
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 29839
Date: Thu, 20 Sep 2018 11:28:47 GMT
Expires: Fri, 20 Sep 2019 11:28:47 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 1871619


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29839
Md5:    9a9b2acb8c0cf46985e07996f688b43d
Sha1:   341c927be8f8344f30afb46d49ce6b5e3da62c7d
Sha256: 0b1e12a7712d7b092fd5e1b2724d6e248670ff82620ec75e24105b6b127e3ca8
                                        
                                            GET /land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: X-Mapping-fjhppofk=302F129A1ED4F39364C5F98DD2A88FE4; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D0a4ca99c-cdce-11e8-a358-4e4e3e1c4387; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=in58ktpj8o351n2966l1asd106

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Content-Security-Policy: script-src 'self' 'nonce-8a7c379694da41f721ffb8e2b9823879' *.reimage.com *.reimageplus.com *.websecurity.norton.com *.googleapis.com *.doubleclick.net *.ywxi.net *.inspectlet.com *.googleadservices.com privacy-policy.truste.com;object-src 'self' *.reimage.com *.reimageplus.com ;frame-src 'self' *.reimage.com *.reimageplus.com *.mcafeesecure.com;img-src 'self' data: *.reimage.com *.reimageplus.com *.websecurity.norton.com *.scanalert.com *.googleadservices.com *.doubleclick.net *.ywxi.net *.google.com *.google.co.il privacy-policy.truste.com; cookie-scope reimageplus.com;
Content-Encoding: gzip
Content-Security-Policy: script-src 'self' 'nonce-8a7c379694da41f721ffb8e2b9823879' *.reimage.com *.reimageplus.com *.websecurity.norton.com *.googleapis.com *.doubleclick.net *.ywxi.net *.inspectlet.com *.googleadservices.com privacy-policy.truste.com;object-src 'self' *.reimage.com *.reimageplus.com ;frame-src 'self' *.reimage.com *.reimageplus.com *.mcafeesecure.com;img-src 'self' data: *.reimage.com *.reimageplus.com *.websecurity.norton.com *.scanalert.com *.googleadservices.com *.doubleclick.net *.ywxi.net *.google.com *.google.co.il privacy-policy.truste.com; cookie-scope reimageplus.com;
Date: Fri, 12 Oct 2018 03:20:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: Keep-Alive
Set-Cookie: _refcook=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm; expires=Tue, 11-Dec-2018 03:20:30 GMT; path=/ _testcookie=test; expires=Fri, 12-Oct-2018 03:26:30 GMT; path=/
X-Webkit-CSP: script-src 'self' 'nonce-8a7c379694da41f721ffb8e2b9823879' *.reimage.com *.reimageplus.com *.websecurity.norton.com *.googleapis.com *.doubleclick.net *.ywxi.net *.inspectlet.com *.googleadservices.com privacy-policy.truste.com;object-src 'self' *.reimage.com *.reimageplus.com ;frame-src 'self' *.reimage.com *.reimageplus.com *.mcafeesecure.com;img-src 'self' data: *.reimage.com *.reimageplus.com *.websecurity.norton.com *.scanalert.com *.googleadservices.com *.doubleclick.net *.ywxi.net *.google.com *.google.co.il privacy-policy.truste.com; cookie-scope reimageplus.com;
Content-Length: 7902


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7902
Md5:    9cd46108590a4d973698180f062df1b9
Sha1:   4e415d10f4c3a55af0b3ccd0beaaa442f656c234
Sha256: b0f854f5ac15379109efd0c64672ab55bead6cab48406652e928bba676ab00ea
                                        
                                            GET /land/sqi/css/style.css HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: X-Mapping-fjhppofk=302F129A1ED4F39364C5F98DD2A88FE4; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D0a4ca99c-cdce-11e8-a358-4e4e3e1c4387; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=in58ktpj8o351n2966l1asd106; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 Oct 2018 03:20:31 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Connection: Keep-Alive
Content-Length: 2365


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2365
Md5:    71eb0211abaa9316304cff6d05713e35
Sha1:   a5d3eb2e686930a97206360bee8dd78e5ed1f63e
Sha256: 24393c321dda7fc83f943387a482bbfd97947eebdf89d002f5749cce2ea9b9b2
                                        
                                            GET /meter/www.reimageplus.com/23.gif HTTP/1.1 
Host: images.scanalert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         143.204.192.62
HTTP/1.1 200 OK
Content-Type: image/png; charset=UTF-8
                                        
Content-Length: 3005
Connection: keep-alive
Date: Fri, 12 Oct 2018 02:32:07 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: public
Expires: Fri, 12 Oct 2018 03:32:07 GMT
Content-Encoding: gzip
Age: 3019
X-Cache: Hit from cloudfront
Via: 1.1 82bacd1af934cd2afa8b1ccc8f096b22.cloudfront.net (CloudFront)
X-Amz-Cf-Id: s09iVqdka4J7kzy2t5vxC0pIk9zZsJal4EbYKe1J4uJOQqUrW2DkHw==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   3005
Md5:    102539419ea49058a5fd78365f742469
Sha1:   e4e891e5dc0d2c41eabf5dd8b497c191c287560a
Sha256: 7d59d63d95e75cf20757455fb4c3cc5333a2aacbf0424fc92a7a01ad3b694370
                                        
                                            GET /pagead/conversion.js HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Fri, 12 Oct 2018 03:22:26 GMT
Expires: Fri, 12 Oct 2018 03:22:26 GMT
Cache-Control: private, max-age=3600
Etag: 7748410203021009012
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 8644
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   8644
Md5:    40b73269a2f69f2becd7b9bafc3f5024
Sha1:   5353dd9f5b2cbeec6c3ba7d5232904323242c9eb
Sha256: c6b978082b2452c13b6d3171b8c1e30a61002057f1bf262be1f48e3a44359ba0
                                        
                                            GET /website/newwebsite/lp/sys/reimage-repair-software-screen.en.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1390487880"
Cache-Control: max-age=86400
Content-Length: 38615
Last-Modified: Thu, 23 Jan 2014 14:38:00 GMT
X-HW: 1539314546.dop014.sk1.t,1539314546.cds055.sk1.c


--- Additional Info ---
Magic:  PNG image, 270 x 194, 8-bit/color RGB, non-interlaced
Size:   38615
Md5:    bee784d55ec18bbbb78d9cf551c0105f
Sha1:   e1b6cf0968e124fdc1089668a97c619c1a3ae0da
Sha256: ce64b3df68854a7dd3bc367bcd76ead89fec756099f139e8098597abc9172d8e
                                        
                                            GET /website/newwebsite/lp/sqh/Win7.gif HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783273"
Cache-Control: max-age=86400
Content-Length: 3059
Last-Modified: Wed, 01 Jun 2016 12:14:33 GMT
X-HW: 1539314546.dop015.sk1.t,1539314546.cds006.sk1.c


--- Additional Info ---
Magic:  GIF image data, version 89a, 60 x 62
Size:   3059
Md5:    72edefcd39d81e6d207b19834e6941ef
Sha1:   03e824da65cf1fbb8849c06df5fee4f753d3d8ce
Sha256: 41e53e6880391a2ffdcecfc04969e62ade0e3383c54aed8c281a3c5c122a5f3c
                                        
                                            GET /website/newwebsite/lp/sqh/box-bg.gif HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783236"
Cache-Control: max-age=86400
Content-Length: 1854
Last-Modified: Wed, 01 Jun 2016 12:13:56 GMT
X-HW: 1539314546.dop014.sk1.t,1539314546.cds047.sk1.c


--- Additional Info ---
Magic:  GIF image data, version 89a, 5 x 187
Size:   1854
Md5:    8ff2fa6eb2a493a50bd5d1e62ca65aab
Sha1:   a417692e32fd2191007dbe0d720bd47f3944f5f5
Sha256: 29bb9c83e89d0bc33f498d269d352e39d2685903a1edf1f01b2b48f6830b10c8
                                        
                                            GET /website/newwebsite/lp/sqh/step-bg.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783269"
Cache-Control: max-age=86400
Content-Length: 18292
Last-Modified: Wed, 01 Jun 2016 12:14:29 GMT
X-HW: 1539314546.dop015.sk1.t,1539314546.cds028.sk1.c


--- Additional Info ---
Magic:  PNG image, 275 x 61, 8-bit/color RGB, non-interlaced
Size:   18292
Md5:    7b6e60e77c3654a847d5081395960cf5
Sha1:   c796375204359b947c6b62ebfbaccaaa7680b8b8
Sha256: 33c28e008ac3729e9b12dbc10be193b77e16a41a6c3693d4082858d3cba92e59
                                        
                                            GET /website/newwebsite/lp/sqh/step1-bg-trans.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783266"
Cache-Control: max-age=86400
Content-Length: 3300
Last-Modified: Wed, 01 Jun 2016 12:14:26 GMT
X-HW: 1539314546.dop014.sk1.t,1539314546.cds028.sk1.c


--- Additional Info ---
Magic:  PNG image, 58 x 90, 8-bit/color RGBA, non-interlaced
Size:   3300
Md5:    1d15fb682fe3dff47991aa9751a875b9
Sha1:   8eb2b2cf19fe82e7188aeee5ce0e9b9da1906103
Sha256: b8755dc875e0a34693d2a5d357d9bff4d5f19d7c2a2d5134dc628a3f61caf000
                                        
                                            GET /website/newwebsite/lp/sqh/step2-bg-trans.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783268"
Cache-Control: max-age=86400
Content-Length: 7025
Last-Modified: Wed, 01 Jun 2016 12:14:28 GMT
X-HW: 1539314546.dop015.sk1.t,1539314546.cds019.sk1.c


--- Additional Info ---
Magic:  PNG image, 138 x 122, 8-bit/color RGBA, non-interlaced
Size:   7025
Md5:    d5ee2f43e2a023082f436ecbd1bdc481
Sha1:   fba3f6e488539af100ab96bac877064732320921
Sha256: 11d91f55b1674e173ddfe06eb57ae85fa33a6cff7af1302f507ac242d07a80d8
                                        
                                            GET /website/newwebsite/lp/sqh/patent.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783261"
Cache-Control: max-age=86400
Content-Length: 9406
Last-Modified: Wed, 01 Jun 2016 12:14:21 GMT
X-HW: 1539314546.dop012.sk1.t,1539314546.cds029.sk1.c


--- Additional Info ---
Magic:  PNG image, 95 x 43, 8-bit/color RGBA, interlaced
Size:   9406
Md5:    a325c56ac5095d3459a31023cbddaad8
Sha1:   77d2ce1eaa9775d901dc79a329d324c5f20f0e75
Sha256: 2e7c88199f79f7ee899df4333e85ea8959c6b156c1ea96dc0f0a1d3fe7d48f0e
                                        
                                            GET /website/newwebsite/lp/sqh/left-line1.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783252"
Cache-Control: max-age=86400
Content-Length: 1408
Last-Modified: Wed, 01 Jun 2016 12:14:12 GMT
X-HW: 1539314546.dop014.sk1.t,1539314546.cds033.sk1.c


--- Additional Info ---
Magic:  PNG image, 19 x 18, 8-bit/color RGB, non-interlaced
Size:   1408
Md5:    51e96eb80b3315a78a3c263128863f80
Sha1:   298c6e6342d078787d2faed5a9c72fbb52b69608
Sha256: b331acc4c4aa2a03b8285ea5c5713d0fc0a1b8afab057511942b984af3a94c33
                                        
                                            GET /website/newwebsite/lp/sqh/green_v.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783247"
Cache-Control: max-age=86400
Content-Length: 1600
Last-Modified: Wed, 01 Jun 2016 12:14:07 GMT
X-HW: 1539314546.dop011.sk1.t,1539314546.cds033.sk1.c


--- Additional Info ---
Magic:  PNG image, 17 x 18, 8-bit/color RGB, non-interlaced
Size:   1600
Md5:    2008cbae40db2b500152c7dafd984d93
Sha1:   b96943808ebecacadb2854638340c44ed81f5131
Sha256: 9d67b141e9910fc9573bb40f0da15b37a07f321f364b49d248dd04b051b94cfe
                                        
                                            GET /website/newwebsite/lp/sqh/button_download_anim.gif HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783237"
Cache-Control: max-age=86400
Content-Length: 13233
Last-Modified: Wed, 01 Jun 2016 12:13:57 GMT
X-HW: 1539314546.dop013.sk1.t,1539314546.cds056.sk1.c


--- Additional Info ---
Magic:  GIF image data, version 89a, 266 x 64
Size:   13233
Md5:    a415393521909e0c856acf0e00116630
Sha1:   6210356d1cd38ecf31de48c746a650418e41a520
Sha256: 031e1fb30c05d97c39bd6db7a4c99b4fd96fcfad71c9f2ffdffc8cd19e4012fe
                                        
                                            GET /website/newwebsite/lp/sqh/left-line2.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783253"
Cache-Control: max-age=86400
Content-Length: 1769
Last-Modified: Wed, 01 Jun 2016 12:14:13 GMT
X-HW: 1539314546.dop015.sk1.t,1539314546.cds010.sk1.c


--- Additional Info ---
Magic:  PNG image, 20 x 20, 8-bit/color RGB, non-interlaced
Size:   1769
Md5:    f0cbc1f1348e5a7dd71117fff276b24c
Sha1:   2727805dff980bd62185470382b842811d4318fb
Sha256: b0eed672ea60ec55d4d9cf2d35704334217a77c07b6dcaadc8c5e6aa67cfedfd
                                        
                                            GET /website/newwebsite/lp/sqh/left-line3.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783254"
Cache-Control: max-age=86400
Content-Length: 1674
Last-Modified: Wed, 01 Jun 2016 12:14:14 GMT
X-HW: 1539314546.dop012.sk1.t,1539314546.cds028.sk1.c


--- Additional Info ---
Magic:  PNG image, 19 x 20, 8-bit/color RGB, non-interlaced
Size:   1674
Md5:    39494baf3c541996c3b3bb06283fdb46
Sha1:   62ff085ad2b7373d5f11b5b069cd7a583d3e863f
Sha256: 4e23b54f1144c274b359d7ef5c60d49a82bd6e060896e6b5816a779fe0eb6cb1
                                        
                                            GET /website/newwebsite/lp/sqh/left-line4.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783255"
Cache-Control: max-age=86400
Content-Length: 1694
Last-Modified: Wed, 01 Jun 2016 12:14:15 GMT
X-HW: 1539314546.dop014.sk1.t,1539314546.cds036.sk1.c


--- Additional Info ---
Magic:  PNG image, 21 x 21, 8-bit/color RGB, non-interlaced
Size:   1694
Md5:    5e66342138a9e7fe493159cd1d022c7f
Sha1:   4644e410677f717a372309dcaec4e0040e0869f5
Sha256: 6ef1d9b7114972450bc65ef971b9f1b6bcda9a14dfdacd0d2eef5982ab13bbd6
                                        
                                            GET /website/newwebsite/lp/sqh/repair-win.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783264"
Cache-Control: max-age=86400
Content-Length: 2179
Last-Modified: Wed, 01 Jun 2016 12:14:24 GMT
X-HW: 1539314546.dop015.sk1.t,1539314546.cds014.sk1.c


--- Additional Info ---
Magic:  PNG image, 27 x 28, 8-bit/color RGB, non-interlaced
Size:   2179
Md5:    5851745de354765e2125f096e27ae2a2
Sha1:   c894df89fada34d309a6774ddc9babf725934ed6
Sha256: e51e18fcf47fa9b6b5bf724f6a9655c25a05d215afba827f205aaeb47642d87a
                                        
                                            GET /website/newwebsite/lp/sqh/left-line5.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783256"
Cache-Control: max-age=86400
Content-Length: 1491
Last-Modified: Wed, 01 Jun 2016 12:14:16 GMT
X-HW: 1539314546.dop011.sk1.t,1539314546.cds041.sk1.c


--- Additional Info ---
Magic:  PNG image, 18 x 17, 8-bit/color RGB, non-interlaced
Size:   1491
Md5:    a59e741ab3d51d4e1e5ba30b0a7b29a8
Sha1:   8ceb645eaf53da45d0308de878c665ab9b2c6359
Sha256: 79c1403f2c097fe69db72c4a7f7200093781ee005dfd6c6cb2b4c6d6f10e389a
                                        
                                            GET /website/newwebsite/lp/sqh/cloud.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783238"
Cache-Control: max-age=86400
Content-Length: 2816
Last-Modified: Wed, 01 Jun 2016 12:13:58 GMT
X-HW: 1539314546.dop014.sk1.t,1539314546.cds036.sk1.c


--- Additional Info ---
Magic:  PNG image, 46 x 38, 8-bit/color RGB, non-interlaced
Size:   2816
Md5:    37b3f2641ececb4eda59252b1a621eb7
Sha1:   5911bfd3a30a6b3b2d83ac8e9ffe631c0c4e5039
Sha256: c2ebc7735534bd0e5708bfae2406b4cfcdbdc7f6ab7bf8838aba82023383269c
                                        
                                            GET /website/newwebsite/lp/sqh/improve-pc.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783249"
Cache-Control: max-age=86400
Content-Length: 1390
Last-Modified: Wed, 01 Jun 2016 12:14:09 GMT
X-HW: 1539314546.dop012.sk1.t,1539314546.cds019.sk1.c


--- Additional Info ---
Magic:  PNG image, 25 x 25, 8-bit/color RGB, non-interlaced
Size:   1390
Md5:    a33103966c40c7af0394283801707874
Sha1:   e49748cd9d3b4966984dc25acd8a688828210390
Sha256: da2871c4669d112fb708df1920f01a6aefdd5f257ef87cdfd3b424fc8eb2be59
                                        
                                            GET /assets/scripts/cookie-note.js HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: X-Mapping-fjhppofk=302F129A1ED4F39364C5F98DD2A88FE4; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D0a4ca99c-cdce-11e8-a358-4e4e3e1c4387; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=in58ktpj8o351n2966l1asd106; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Apache/2.2.15 (CentOS)
Date: Fri, 12 Oct 2018 03:20:31 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Thu, 11 Oct 2018 10:09:19 GMT
Content-Length: 684


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   684
Md5:    31a26a241ed14defc5417202d0ec5362
Sha1:   4071ec8b0f05942d1debfc17f04e14a24c890c76
Sha256: 6348d80a177746d0a346fb0c8aba8b73d2ddee827506a31abc054a60b77b6168
                                        
                                            GET /assets/styles/jquery.fancybox/jquery.fancybox-2.css HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: X-Mapping-fjhppofk=302F129A1ED4F39364C5F98DD2A88FE4; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D0a4ca99c-cdce-11e8-a358-4e4e3e1c4387; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=in58ktpj8o351n2966l1asd106; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 Oct 2018 03:20:31 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Connection: Keep-Alive
Content-Length: 1606


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1606
Md5:    39c87544233ef0fafef3816c7dc083d1
Sha1:   b5a214c16e29bb922d7dd247c8cd4ab32a48ec15
Sha256: e39857dbe26db2b9569d4ee2d3246135a51f76684c0caa76a4b7ba1d63f0b8ea
                                        
                                            GET /dc.js HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         64.233.162.154
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Fri, 12 Oct 2018 02:52:02 GMT
Expires: Fri, 12 Oct 2018 04:52:02 GMT
Last-Modified: Thu, 11 Oct 2018 19:41:26 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17093
Cache-Control: public, max-age=7200
Age: 1824


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17093
Md5:    5f65521f6c6223e1e18cb161832bea2a
Sha1:   f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
Sha256: 787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
                                        
                                            GET /website/newwebsite/lp/sqh/free-scan.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783246"
Cache-Control: max-age=86400
Content-Length: 2049
Last-Modified: Wed, 01 Jun 2016 12:14:06 GMT
X-HW: 1539314546.dop013.sk1.t,1539314546.cds043.sk1.c


--- Additional Info ---
Magic:  PNG image, 30 x 24, 8-bit/color RGB, non-interlaced
Size:   2049
Md5:    8c7d05b98e6f2d5fbf1c60adffeea4f2
Sha1:   6149378a53addf1878bfaeab1b0e89c0c8db3b83
Sha256: 158bdf06a0618d1484c272c35bf6eeed158a9440ae9b12ac74dd66c7ba435dd8
                                        
                                            GET /assets/scripts/jquery.fancybox/jquery.fancybox-2.js HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: X-Mapping-fjhppofk=302F129A1ED4F39364C5F98DD2A88FE4; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D0a4ca99c-cdce-11e8-a358-4e4e3e1c4387; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=in58ktpj8o351n2966l1asd106; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Apache/2.2.15 (CentOS)
Date: Fri, 12 Oct 2018 03:20:31 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Sun, 07 Jun 2015 06:06:18 GMT
Content-Length: 48716


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   48716
Md5:    932c065e6c0658681ca19a34d45981f4
Sha1:   7e10f6aba5d7bc1b21e0c62ba107ac5593c039d8
Sha256: 1a2da275a2f66503da340a4b38a064c5329d8b3f03eb057dee553786482c4874
                                        
                                            GET /website/newwebsite/lp/sqh/page-header.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 12 Oct 2018 03:22:26 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783260"
Cache-Control: max-age=86400
Content-Length: 28164
Last-Modified: Wed, 01 Jun 2016 12:14:20 GMT
X-HW: 1539314546.dop005.sk1.t,1539314546.cds036.sk1.c


--- Additional Info ---
Magic:  PNG image, 1484 x 34, 8-bit/color RGB, non-interlaced
Size:   28164
Md5:    72eb11363a557a2d01e4fc9e453e0d93
Sha1:   0bc01fa850199e45985fc2c05036c2daaea1cc19
Sha256: 104c8b1b981bed8968301cd28d4daf83d09dbc23b51a862ab6ebb9e59cc0f785
                                        
                                            GET /r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1064972608&utmhn=www.reimageplus.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Reimage%20Repair&utmhid=1281177899&utmr=0&utmp=%2Fland%2Fsqi%2Findex_src.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&utmht=1539314547331&utmac=UA-24411584-1&utmcc=__utma%3D141870001.1093707885.1539314547.1539314547.1539314547.1%3B%2B__utmz%3D141870001.1539314547.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1228427477&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         64.233.162.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Fri, 12 Oct 2018 03:22:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 12 Oct 2018 03:22:27 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    a4464bec42f352a42fe380c54d68c43a
Sha1:   5a2bd40b93526253991f289edd0b925a9c68c1e8
Sha256: 66425958751d8fccfedb10cfc778d77abe9b57740ce7bba7dac2d2666606ac73
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 12 Oct 2018 03:22:27 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /js/1.js HTTP/1.1 
Host: cdn.ywxi.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         143.204.192.98
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Content-Length: 2829
Connection: keep-alive
Date: Fri, 12 Oct 2018 02:59:21 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expires: Fri, 12 Oct 2018 03:59:21 GMT
Content-Encoding: gzip
Age: 1386
X-Cache: Hit from cloudfront
Via: 1.1 6958f3c7b188d7db406f45d2a6612b53.cloudfront.net (CloudFront)
X-Amz-Cf-Id: dvuz9Q3Wxcxw7F79uin2jO3NTgIOOW2lw_J_1RAHfP4dcigyF-AFfA==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   2829
Md5:    e2f006b9cb97e3af3672505fe23c4660
Sha1:   dd1283a182f72a9dfe0b0e397dc2cf3ed16f2ca5
Sha256: 278cdee696684a6d8b3344cc99e1f92869d3a8a03764f790414c0731e8c42dfa
                                        
                                            GET /pagead/conversion/1038302480/?random=1539314546575&cv=9&fst=1539314546575&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         216.58.207.226
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Fri, 12 Oct 2018 03:22:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038302480/?random=1698055573&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cxPAW_bZJ4eW6wTArZOQDQ&crd=CKrPGwjX0Rs&gtd=
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 12 Oct 2018 03:22:27 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    6d5ae400004166fb32be3dfc46f9f331
Sha1:   acbf0b31f66edb467ee7d051c9400f167f7d49a1
Sha256: bcad988d468741d0bb037894b88c9bc9e76ada8f318cd8e58b9960ac93b18290
                                        
                                            GET /pagead/viewthroughconversion/1038302480/?random=1698055573&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cxPAW_bZJ4eW6wTArZOQDQ&crd=CKrPGwjX0Rs&gtd= HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         172.217.21.162
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Fri, 12 Oct 2018 03:22:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: https://www.google.com/pagead/1p-user-list/1038302480/?random=1698055573&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&eid=659255991&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGwjX0RsIhNAb&cdct=2&is_vtc=1&random=4027926665&resp=GooglemKTybQhCsO
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Fri, 12-Oct-2018 03:37:27 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 12 Oct 2018 03:22:27 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    9b0fc322918e453cc5c2e693fd7e3203
Sha1:   94ad48ff9f6fd46f120aab09ca2b5ce0748e34ba
Sha256: b2d9c0ab3d271125ed55c25ea5a4c17bdf76dc2c5cf63859d109943b4bf35ae4
                                        
                                            GET /pagead/1p-user-list/1038302480/?random=1698055573&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&eid=659255991&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGwjX0RsIhNAb&cdct=2&is_vtc=1&random=4027926665&resp=GooglemKTybQhCsO HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         172.217.22.164
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Fri, 12 Oct 2018 03:22:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Location: https://www.google.no/pagead/1p-user-list/1038302480/?random=1698055573&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&eid=659255991&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGwjX0RsIhNAb&cdct=2&is_vtc=1&random=4027926665&resp=GooglemKTybQhCsO&ipr=y
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 12 Oct 2018 03:22:27 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    fa38482a594ef17c0e37d393eace9cdb
Sha1:   a850cf85e9398528267f98c90da17fd746f89e78
Sha256: 90b0fcc8f1185d3577214340c1f59b51efc1d3f16415ad0527903578139b4587
                                        
                                            GET /mfesecure-public/host/reimageplus.com/client.json HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Origin: http://www.reimageplus.com

                                         
                                         52.218.244.32
HTTP/1.1 200 OK
Content-Type: application/json
                                        
x-amz-id-2: 2MkdtSS89bTFoH2naVDqBz8GK+Yn7yPlZrCYWyINX9OBHOwdUfCHdUeu0/BmQkmCMnnAP3j9X/0=
x-amz-request-id: AF36AFB6C5115D9B
Date: Fri, 12 Oct 2018 03:22:28 GMT
Access-Control-Allow-Origin: http://www.reimageplus.com
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 60
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 10 Oct 2018 17:46:53 GMT
Etag: "86a8d89e3d194b9bfdc41f1c04a76272"
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: U7zRyZLUIajq8lYDVCXGtMa.YSXi5.hz
Accept-Ranges: bytes
Content-Length: 144
Server: AmazonS3


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   144
Md5:    86a8d89e3d194b9bfdc41f1c04a76272
Sha1:   9dc4ae4f8f88b438b68f235d050407372d090ab2
Sha256: c9307911e3455085ca9581366c6fff5bac901cf192bb37d8fcaf75f491d67eb3
                                        
                                            GET /pagead/1p-user-list/1038302480/?random=1698055573&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&eid=659255991&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/land/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGwjX0RsIhNAb&cdct=2&is_vtc=1&random=4027926665&resp=GooglemKTybQhCsO&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Fri, 12 Oct 2018 03:22:28 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /static/img/tm-float.png HTTP/1.1 
Host: cdn.ywxi.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         143.204.192.98
HTTP/1.1 200 OK
Content-Type: image/png; charset=UTF-8
                                        
Content-Length: 9330
Connection: keep-alive
Date: Fri, 27 Apr 2018 01:07:47 GMT
Expires: Sat, 28 Apr 2018 01:07:47 GMT
Cache-Control: public, max-age=86400
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Etag: "HioVbLUyInv"
Last-Modified: Thu, 26 Apr 2018 22:02:54 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Age: 7855
X-Cache: Hit from cloudfront
Via: 1.1 6958f3c7b188d7db406f45d2a6612b53.cloudfront.net (CloudFront)
X-Amz-Cf-Id: dnsEJgF07rWNZ3-b3mBDPWfvMCfXVLaHL3jZl1Y8JJlgd74L0sx5Rg==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   9330
Md5:    c4c9391d05918c1a7045dff82c1391b2
Sha1:   be2ec6556d902ae0d78fa62cf2cb2751f357e8c0
Sha256: ec706c9c38eb71c40deb0d3deb2abe51058dc256910bfde4ef76d2a2bae24f61
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         143.204.194.210
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156861
Date: Fri, 12 Oct 2018 03:22:28 GMT
Etag: "5bbfca41-1d7"
Expires: Sat, 13 Oct 2018 22:56:49 GMT
Last-Modified: Thu, 11 Oct 2018 22:10:09 GMT
Server: ECS (dca/24CE)
X-Cache: Miss from cloudfront
Via: 1.1 a4ec4286876b8f2d9edb0dca00a1a9b4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: d719zUf9Jfm9Ya2RiDtcqCJmcjnjUD5bsBaNvfmno0iE8YMz418uPQ==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    050610318c9a6170182cca127258269d
Sha1:   69c211859406c1cea2ed0a475b8545a0acc71cea
Sha256: 930562f28ec96c396aa758dabb00dea2fc0cb130ca6cf9d0801d3bdf6857fa39
                                        
                                            POST / HTTP/1.1 
Host: ocsp.rootca1.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         143.204.194.44
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1426
Connection: keep-alive
Date: Fri, 12 Oct 2018 03:22:28 GMT
Server: WEBrick/1.3.1 (Ruby/2.3.7/2018-03-28)
X-Cache: Miss from cloudfront
Via: 1.1 9a5c4712d591c80fa6eb5cd925d9b817.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ZddRYWu1fq8cl9A7zmyhe_HxhblE4O9F2qOcXqpReUAQzS5Jb5niUg==


--- Additional Info ---
Magic:  data
Size:   1426
Md5:    3ab72f7343f9d5cbee3a31d1ee1ce596
Sha1:   fa6709696e0d1970a294f89c6caad22e367908f1
Sha256: 029c3ababd1ceaa9f9bb4f8bbbe173ee4e41add3f4a60180ea7e5232905fee0b
                                        
                                            GET /js/1.js HTTP/1.1 
Host: cdn.trustedsite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         143.204.192.69
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Content-Length: 1872
Connection: keep-alive
Date: Fri, 12 Oct 2018 02:37:07 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expires: Fri, 12 Oct 2018 03:37:07 GMT
Content-Encoding: gzip
Age: 2721
X-Cache: Hit from cloudfront
Via: 1.1 3f56e5a29b3064d9dd8459f92ae9357d.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 7HPOrL75fXVfshbti4F2NBSanzHnqE5qfliOrksflNvpZZpJiPdHqw==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   1872
Md5:    68dc342c1d27074362709798cc24d63e
Sha1:   cee55e0da80266c231acd65ebd386a563cca4e1c
Sha256: 5d4eda3ee64d69b769c026a13f4d30022c7af252a378acd0198943e917a9dbae
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         143.204.194.210
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161653
Date: Fri, 12 Oct 2018 03:22:28 GMT
Etag: "5bbf65ad-1d7"
Expires: Sun, 14 Oct 2018 00:16:41 GMT
Last-Modified: Thu, 11 Oct 2018 15:01:01 GMT
Server: ECS (dca/24D1)
X-Cache: Miss from cloudfront
Via: 1.1 a4ec4286876b8f2d9edb0dca00a1a9b4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: cTBwBKwy_awjWPnbuRck9g5sOH4XMux_5fSoNmXcDfrQQkLBfefp5g==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    a6bf4ab35ec65e68c722f9efc32d5e5c
Sha1:   bd9a08dea5ac342bef9262586ed642622fc91a20
Sha256: 01f634ff54407aa61ee4c9e4fa350ec0b7dd44bae1a0a5cbb232053baaf7b402
                                        
                                            GET /trustedsite-public/host/reimageplus.com/client.js HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         52.218.244.32
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: keoUHbDopiJajID/p35bNBWYCfH9oPOeYbro0BgDX0bnmSh9s5OGLJbxMb/Z4k9c4BlDEmWgIiQ=
x-amz-request-id: 0D91DB4283C594E1
Date: Fri, 12 Oct 2018 03:22:29 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 04 Jul 2018 23:05:38 GMT
Etag: "99a45cba3096b08317048a968af70cbd"
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: Otnbc0GHkBiRt7w2FfDBHNevvLnNWi3E
Accept-Ranges: bytes
Content-Length: 148
Server: AmazonS3


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   148
Md5:    99a45cba3096b08317048a968af70cbd
Sha1:   cdb50d86e5f776a679bd516f54f9b87eaee8938d
Sha256: bb45e632cbf9940c1180c70ff511fcd962b7fd2bc9c107f36a1c05850ca40582
                                        
                                            GET /rpc/ajax?do=tmjs-visit&host=reimageplus.com&rand=1539314547979 HTTP/1.1 
Host: www.mcafeesecure.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         35.166.16.223
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Date: Fri, 12 Oct 2018 03:22:29 GMT
Content-Length: 40
Connection: keep-alive
Set-Cookie: AWSALB=YEtOHe1bUvbR8ayvG+QmtYwlcMGEXJiJXt0gVugf5f0WdzZCiS+s2x7t0dtVrcRb7Brj28wO8k1MOKyDYM5qkusLBzgprBFr8tF8Jtj4trYAc7sJKEsVwUCSPGy+; Expires=Fri, 19 Oct 2018 03:22:29 GMT; Path=/
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   40
Md5:    12fe229ade6210ed62f31703e69defc0
Sha1:   8c603c7278def4c66bbb8af8ca3a600980e189a0
Sha256: 89e91522444c30570412ba6b636204d4ed5e05e767503e0423a1c0eb9db38312
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=302F129A1ED4F39364C5F98DD2A88FE4; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D0a4ca99c-cdce-11e8-a358-4e4e3e1c4387; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=in58ktpj8o351n2966l1asd106; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm; __utma=141870001.1093707885.1539314547.1539314547.1539314547.1; __utmb=141870001.1.10.1539314547; __utmc=141870001; __utmz=141870001.1539314547.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 Oct 2018 03:20:34 GMT
Location: http://www.reimageplus.com/images/reimage.ico
Connection: Keep-Alive
Content-Length: 253


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   253
Md5:    89fbda29cd4758e3ab1f35468df805c2
Sha1:   337a11ad7f3201d716eafe475be4744c14579cb1
Sha256: aa3c8a7d131750c62a273230a83039796256fc9b9f7cb160de4b7e97a39af71d
                                        
                                            GET /images/reimage.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=302F129A1ED4F39364C5F98DD2A88FE4; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D0a4ca99c-cdce-11e8-a358-4e4e3e1c4387; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=in58ktpj8o351n2966l1asd106; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm; __utma=141870001.1093707885.1539314547.1539314547.1539314547.1; __utmb=141870001.1.10.1539314547; __utmc=141870001; __utmz=141870001.1539314547.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: Apache/2.2.15 (CentOS)
Date: Fri, 12 Oct 2018 03:20:34 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Mon, 30 Apr 2012 13:14:46 GMT
Content-Length: 894


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   894
Md5:    d0c2bd29933d303826e58db070e10832
Sha1:   1a6f18c55c3cd9ea9ff9485afc30c213a6aeefef
Sha256: 3af4842e79f2e783c9a73e19493a10164df5cf27e7e2fb67fb51b2f99d3b4d84
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=302F129A1ED4F39364C5F98DD2A88FE4; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D0a4ca99c-cdce-11e8-a358-4e4e3e1c4387; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=in58ktpj8o351n2966l1asd106; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Fland%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm; __utma=141870001.1093707885.1539314547.1539314547.1539314547.1; __utmb=141870001.1.10.1539314547; __utmc=141870001; __utmz=141870001.1539314547.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 Oct 2018 03:20:37 GMT
Location: http://www.reimageplus.com/images/reimage.ico
Connection: Keep-Alive
Content-Length: 253


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   253
Md5:    89fbda29cd4758e3ab1f35468df805c2
Sha1:   337a11ad7f3201d716eafe475be4744c14579cb1
Sha256: aa3c8a7d131750c62a273230a83039796256fc9b9f7cb160de4b7e97a39af71d
                                        
                                            GET /getseal?host_name=www.reimageplus.com&size=S&use_flash=NO&use_transparent=NO&lang=en HTTP/1.1 
Host: seal.websecurity.norton.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/land/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         0.0.0.0
                                        


--- Additional Info ---