Overview

URL 66.228.55.240
IP66.228.55.240
ASNAS36351 SoftLayer Technologies Inc.
Location United States
Report completed2018-05-28 08:34:22 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-05-28 08:33:49 CEST 1 Client IP  66.228.55.240 ET CNC Feodo Tracker Reported CnC Server group 18


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 66.228.55.240

Date UQ / IDS / BL URL IP
2018-09-09 18:11:07 +0200
0 - 1 - 0 www.cardinalsurveying.com 66.228.55.240
2018-09-09 18:10:30 +0200
0 - 1 - 0 https://www.cardinalsurveying.com 66.228.55.240
2018-09-09 18:08:12 +0200
0 - 1 - 0 CARDINALSURVEYING.COM 66.228.55.240
2018-08-07 21:25:27 +0200
0 - 1 - 0 https://66.228.55.240 66.228.55.240
2018-08-06 21:06:39 +0200
0 - 0 - 0 https://www.starrco.com 66.228.55.240
2018-06-20 20:31:30 +0200
0 - 1 - 0 66.228.55.240 66.228.55.240
2018-06-07 23:52:51 +0200
0 - 1 - 0 https://www.cardinalsurveying.com 66.228.55.240
2018-05-23 21:24:22 +0200
0 - 0 - 0 www.gemtransportation.com 66.228.55.240
2018-05-21 20:54:30 +0200
0 - 0 - 0 lifecounselingcenters.com 66.228.55.240
2018-05-18 14:37:39 +0200
0 - 1 - 0 https://www.starrco.com 66.228.55.240

Last 10 reports on ASN: AS36351 SoftLayer Technologies Inc.

Date UQ / IDS / BL URL IP
2018-09-21 20:29:08 +0200
0 - 0 - 0 https://khitaopzzoai-nemathecial-tenure.eu-gb (...) 5.10.124.141
2018-09-21 20:26:02 +0200
0 - 1 - 1 i.funmoods.com/fm/wbst/wr/ie/Setup.exe 174.127.102.229
2018-09-21 20:21:50 +0200
0 - 1 - 0 maxysoft.com/files/7art_dc_love_heart_clock.exe 50.97.207.122
2018-09-21 20:16:11 +0200
0 - 1 - 1 download.tuneup360.com/cbs_down/tuneup360_ful (...) 50.23.237.185
2018-09-21 20:07:48 +0200
0 - 1 - 0 www.shopoklife.com/cooltoolbar/Cool_TB.exe 198.144.26.201
2018-09-21 20:05:39 +0200
0 - 1 - 1 i.funmoods.com/fm/fsy/wr/Setup.exe 50.23.103.21
2018-09-21 19:57:47 +0200
0 - 0 - 2 dubairu.com/xmlrpc/includes/modules/atom.jar 159.8.40.54
2018-09-21 19:38:02 +0200
0 - 2 - 0 downloaderfile.brothersoft.com/file/AVG_Toolb (...) 75.126.190.110
2018-09-21 19:24:14 +0200
0 - 1 - 0 jpfiles.brothersoft.com/cate_system/backup/al (...) 75.126.20.75
2018-09-21 19:17:12 +0200
0 - 0 - 2 download.qweas.com/unlocker1.8.8.exe 50.23.199.174

No other reports on domain: 66.228.55.240.



JavaScript

Executed Scripts (12)


Executed Evals (0)


Executed Writes (4)

#1 JavaScript::Write (size: 633, repeated: 1) - SHA256: 0d0036c04264d165748792ce7d901faf6a1a3d277377c5c79a482f4e0a2f1dea

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-2323449035321033"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20180521/r20180525/zrt_lookup.html#" > < /iframe><script>google_pub_vars=window.parent['google_sv_map']['aswift_0'];google_iframe_start_time=new Date().getTime();google_async_iframe_id="aswift_0";</script > < script > window.google_process_slots = function() {
    window.google_sa_impl({
        iframeWin: window,
        pubWin: window.parent
    });
}; < /script><script src="https:/ / pagead2.googlesyndication.com / pagead / js / r20180521 / r20180525 / show_ads_impl.js "></script></body></html>
                                    

#2 JavaScript::Write (size: 429, repeated: 1) - SHA256: 94058966c13e84900d7ed50f284c1c19cd3247a02b7c83a9c9b54c556c53ca78

                                        < !doctype html > < html > < body > < script > google_pub_vars = window.parent['google_sv_map']['aswift_1'];
google_iframe_start_time = new Date().getTime();
google_async_iframe_id = "aswift_1"; < /script><script>window.google_process_slots=function(){window.google_sa_impl({iframeWin: window, pubWin: window.parent});};</script > < script src = "https://pagead2.googlesyndication.com/pagead/js/r20180521/r20180525/show_ads_impl.js" > < /script></body > < /html>
                                    

#3 JavaScript::Write (size: 1302, repeated: 1) - SHA256: 54e4c38720280e61cfc9f87df09540138ae7f6afbc3657e1a6be2a4f21f7e1f6

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "728"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2323449035321033&amp;output=html&amp;h=90&amp;slotname=5932501946&amp;adk=2766457931&amp;adf=807048394&amp;w=728&amp;lmt=1527489230&amp;guci=1.2.0.0.2.2&amp;format=728x90&amp;url=https%3A%2F%2Fsecure.shortcutsolutions.net%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;dt=1527489231148&amp;bpp=30&amp;fdt=40&amp;idt=281&amp;shv=r20180521&amp;cbv=r20180525&amp;saldr=aa&amp;abxe=1&amp;correlator=3200428467385&amp;frm=20&amp;ga_vid=1473150765.1527489232&amp;ga_sid=1527489232&amp;ga_hid=1314989158&amp;ga_fc=0&amp;pv=2&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=120&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=8&amp;ady=106&amp;biw=1176&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=62710016%2C62710018%2C21061122%2C21061996&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=1&amp;dtd=882"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#4 JavaScript::Write (size: 1323, repeated: 1) - SHA256: 97d642cc82faf88b5ab5ee488123e0b6e119e5e30b13e018f27664df21aa27f2

                                        < iframe id = "google_ads_frame2"
name = "google_ads_frame2"
width = "234"
height = "60"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2323449035321033&amp;output=html&amp;h=60&amp;slotname=0944642751&amp;adk=604859925&amp;adf=807048394&amp;w=234&amp;lmt=1527489230&amp;guci=1.2.0.0.2.2&amp;format=234x60&amp;url=https%3A%2F%2Fsecure.shortcutsolutions.net%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;dt=1527489231192&amp;bpp=6&amp;fdt=860&amp;idt=979&amp;shv=r20180521&amp;cbv=r20180525&amp;saldr=aa&amp;abxe=1&amp;prev_fmts=728x90&amp;correlator=3200428467385&amp;frm=20&amp;ga_vid=1473150765.1527489232&amp;ga_sid=1527489232&amp;ga_hid=1314989158&amp;ga_fc=0&amp;pv=1&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=120&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=8&amp;ady=510&amp;biw=1176&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=62710016%2C62710018%2C21061122%2C21061996&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=2&amp;dtd=1008"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    


HTTP Transactions (19)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: 66.228.55.240
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         66.228.55.240
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 28 May 2018 06:33:53 GMT
Server: Apache/2.4.7 (Ubuntu)
Location: https://secure.shortcutsolutions.net/
Cache-Control: max-age=0
Expires: Mon, 28 May 2018 06:33:53 GMT
Content-Length: 323
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   323
Md5:    58c383ae25d5ccc52d1c26da40a7a161
Sha1:   14cc140415bdbfa23677c367e8ff6ae0bc72ef05
Sha256: d013cd4bd6e484bc57ebf063d69436e16709e25e91a6f09d3d3722892367f4be
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "546C0D4A9A33B186E05AEFF43297A6E4DAEE4F6D0EBBA49AA8A7C19E32A940A5"
Last-Modified: Sat, 26 May 2018 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43189
Expires: Mon, 28 May 2018 18:33:39 GMT
Date: Mon, 28 May 2018 06:33:50 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    fa8e81063f066efce0ac7ec790bb1a26
Sha1:   d102e9fc73a88993766dc66470e74ac9dec86adf
Sha256: 546c0d4a9a33b186e05aeff43297a6e4daee4f6d0ebba49aa8a7c19e32a940a5
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Sun, 27 May 2018 08:07:03 GMT
Etag: "e7dfc1026df9aab76f36c3834cc1ad092724b99e"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=23023
Expires: Mon, 28 May 2018 12:57:33 GMT
Date: Mon, 28 May 2018 06:33:50 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    89d343c0699bee671584a66c8c9b90ae
Sha1:   e7dfc1026df9aab76f36c3834cc1ad092724b99e
Sha256: 826fafded951f93f8afde8c3ca7a9d7f7a7545fe0914a2f5f582f9531d7860d9
                                        
                                            GET / HTTP/1.1 
Host: secure.shortcutsolutions.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         66.228.55.240
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Mon, 28 May 2018 06:33:54 GMT
Server: Apache/2.4.7 (Ubuntu)
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Mod-Pagespeed: 1.13.35.2-0
Cache-Control: max-age=0, no-cache
Content-Encoding: gzip
Content-Length: 701
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   701
Md5:    343f18b1960bd0c59236c1d66aa1bcab
Sha1:   aedba092c2578c1d3e697ef07b717c25ec9be9c5
Sha256: bfe1f577ccf7772b21d3811df5782b69c33a73e3b007a681793d4833351c82e6
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 May 2018 06:33:50 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    fb75c5d4f44b34cc24462f3db629e5c9
Sha1:   4f4cf54b0bf317167c15b290488e98b54587d5e7
Sha256: 94e442aaf6032493cd443557e5d07e43211fa945c6538864e10193b035176c9f
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 May 2018 06:33:50 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Mon, 28 May 2018 06:33:51 GMT
Expires: Mon, 28 May 2018 06:33:51 GMT
Cache-Control: private, max-age=3600
Etag: 1186206492399471126
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   27483
Md5:    442b4e3e0f5b1f983c346d2b7082e73e
Sha1:   0f2baa4dd21ccb0f30ac6a0fa350b2f24e442780
Sha256: 2d873c2b6b6371f5e8a6ef80c49f8d19f9a26e884b7bcdaddeb4791da7dd461f
                                        
                                            GET /pub-config/r20160913/ca-pub-2323449035321033.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 125
Date: Mon, 28 May 2018 06:33:51 GMT
Expires: Mon, 28 May 2018 18:33:51 GMT
Cache-Control: public, max-age=43200
Last-Modified: Sun, 27 May 2018 20:23:54 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   125
Md5:    21aea2dae0239adff4f9f063cdacfc76
Sha1:   ce64c497ac1dd86393da79e8cea239de113c1de7
Sha256: a59ee78166b8467dd7dd8c7acb03d8df7d16cf4a04f45c8558366df1c33b868f
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 May 2018 06:33:51 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    e582325d6ffe0de8b1b7f0881030c425
Sha1:   6fdaab1bfec4618c28b210319cea86d266119925
Sha256: b5d0eb71644b069d6ea81c8206a2a2a99350219a7062f0bc22d0b5e321c83ccb
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 May 2018 06:33:51 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    090798497d09bc504d638ae04e7f1509
Sha1:   592afe220c68d3cbff30a84a7efe453150444bd8
Sha256: 150fc1e528c1ed94e0d98856b8a54968752b4757eb26808252b825c6fa2d32a8
                                        
                                            GET /pagead/js/r20180521/r20180525/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Mon, 28 May 2018 06:33:51 GMT
Expires: Mon, 28 May 2018 06:33:51 GMT
Cache-Control: private, max-age=1209600
Etag: 6062912514114545969
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   68421
Md5:    7d5fd43ae904c6160846a11432a603ce
Sha1:   00ce301e5fca75ce7e73f4ca45af8878f08562d9
Sha256: 9ee3af972a5cc6d1aaa4f7f631098ca136660fcd867e8bed498f63971bf42f48
                                        
                                            GET /adsid/integrator.js?domain=secure.shortcutsolutions.net HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Mon, 28 May 2018 06:33:51 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   105
Md5:    302d8fbb1c03323fe333b0dd1dc5881c
Sha1:   6605ac94f4ee2c14aa17c8624261c8a6659ec5c0
Sha256: 09f5a753ddc8c32ff346b2d0cd592ecfe1ed88d099f26127931a13c19b68f830
                                        
                                            GET /adsid/integrator.js?domain=secure.shortcutsolutions.net HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Mon, 28 May 2018 06:33:52 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   105
Md5:    302d8fbb1c03323fe333b0dd1dc5881c
Sha1:   6605ac94f4ee2c14aa17c8624261c8a6659ec5c0
Sha256: 09f5a753ddc8c32ff346b2d0cd592ecfe1ed88d099f26127931a13c19b68f830
                                        
                                            GET /pagead/js/r20180521/r20180525/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Fri, 25 May 2018 23:19:28 GMT
Expires: Fri, 08 Jun 2018 23:19:28 GMT
Etag: 4371217384211563518
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 26522
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 198864
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   26522
Md5:    e15c93c8df24254ce217697e0382f335
Sha1:   8eaba96c6de39dbe779b8f1465eec77ddab02866
Sha256: 7f3a6d7b6acb1c106f553b8589572b6c7e24249c8f7dd986a706a871744d1c98
                                        
                                            GET /pagead/html/r20180521/r20180525/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Fri, 25 May 2018 23:19:13 GMT
Expires: Fri, 08 Jun 2018 23:19:13 GMT
Etag: 8341461738443483577
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6979
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 198879
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6979
Md5:    eca8ee1eaa5936ac0a30b6c8c2a932c8
Sha1:   ca6b8c4aa50eeff4b1cd9cf4aa9f5e0b0935ddbc
Sha256: f51ad0be46383543bfd1ec5778777e027064c1cebb264353855b35b104908a2a
                                        
                                            GET /pagead/ads?client=ca-pub-2323449035321033&output=html&h=60&slotname=0944642751&adk=604859925&adf=807048394&w=234&lmt=1527489230&guci=1.2.0.0.2.2&format=234x60&url=https%3A%2F%2Fsecure.shortcutsolutions.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1527489231192&bpp=6&fdt=860&idt=979&shv=r20180521&cbv=r20180525&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3200428467385&frm=20&ga_vid=1473150765.1527489232&ga_sid=1527489232&ga_hid=1314989158&ga_fc=0&pv=1&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=8&ady=510&biw=1176&bih=754&scr_x=0&scr_y=0&eid=62710016%2C62710018%2C21061122%2C21061996&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=1008 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 28 May 2018 06:33:52 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Mon, 28-May-2018 06:48:52 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
Expires: Mon, 28 May 2018 06:33:52 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   383
Md5:    c94feef81ae03d0712e2d42cd8876670
Sha1:   c9bcddb5e5f79d37f46b25b51666fdea7e11a4a2
Sha256: 3149a8f6b934cb10698b2b1901b27ca0b32e4754b39670dc80f7ddac4b124294
                                        
                                            GET /pagead/ads?client=ca-pub-2323449035321033&output=html&h=90&slotname=5932501946&adk=2766457931&adf=807048394&w=728&lmt=1527489230&guci=1.2.0.0.2.2&format=728x90&url=https%3A%2F%2Fsecure.shortcutsolutions.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1527489231148&bpp=30&fdt=40&idt=281&shv=r20180521&cbv=r20180525&saldr=aa&abxe=1&correlator=3200428467385&frm=20&ga_vid=1473150765.1527489232&ga_sid=1527489232&ga_hid=1314989158&ga_fc=0&pv=2&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=8&ady=106&biw=1176&bih=754&scr_x=0&scr_y=0&eid=62710016%2C62710018%2C21061122%2C21061996&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=882 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 28 May 2018 06:33:52 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Mon, 28-May-2018 06:48:52 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
Expires: Mon, 28 May 2018 06:33:52 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   384
Md5:    2f05eb41aea16384dd3d64ce55a1ac8d
Sha1:   e382cf698c233f9023d72641a28a4780773140eb
Sha256: 0927cc54d589a3972c3dfcc71177e1acabdba3af96286e96a7fc926a82ff00ce
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: secure.shortcutsolutions.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         66.228.55.240
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 28 May 2018 06:33:56 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 303
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   303
Md5:    01753ee2f5cbd11a37348181c0f8e723
Sha1:   6d24b9f0c56efb3f8263f495b33fd17c1024c469
Sha256: 56229f8f644f146673178f36f79d90dd005b75c2cc9fa70806500473fd9fd350
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: secure.shortcutsolutions.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         66.228.55.240
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 28 May 2018 06:33:57 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 303
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   303
Md5:    01753ee2f5cbd11a37348181c0f8e723
Sha1:   6d24b9f0c56efb3f8263f495b33fd17c1024c469
Sha256: 56229f8f644f146673178f36f79d90dd005b75c2cc9fa70806500473fd9fd350