Overview

URL 66.228.55.240
IP66.228.55.240
ASNAS36351 SoftLayer Technologies Inc.
Location United States
Report completed2018-06-20 20:31:30 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-06-20 20:30:57 CEST 1 Client IP  66.228.55.240 ET CNC Feodo Tracker Reported CnC Server group 18


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 66.228.55.240

Date UQ / IDS / BL URL IP
2018-11-05 13:57:34 +0100
0 - 0 - 0 brokedown.net 66.228.55.240
2018-10-01 19:37:42 +0200
0 - 0 - 0 www.starrco.com 66.228.55.240
2018-09-09 18:11:07 +0200
0 - 1 - 0 www.cardinalsurveying.com 66.228.55.240
2018-09-09 18:10:30 +0200
0 - 1 - 0 https://www.cardinalsurveying.com 66.228.55.240
2018-09-09 18:08:12 +0200
0 - 1 - 0 CARDINALSURVEYING.COM 66.228.55.240
2018-08-07 21:25:27 +0200
0 - 1 - 0 https://66.228.55.240 66.228.55.240
2018-08-06 21:06:39 +0200
0 - 0 - 0 https://www.starrco.com 66.228.55.240
2018-06-07 23:52:51 +0200
0 - 1 - 0 https://www.cardinalsurveying.com 66.228.55.240
2018-05-28 08:34:22 +0200
0 - 1 - 0 66.228.55.240 66.228.55.240
2018-05-23 21:24:22 +0200
0 - 0 - 0 www.gemtransportation.com 66.228.55.240

Last 10 reports on ASN: AS36351 SoftLayer Technologies Inc.

Date UQ / IDS / BL URL IP
2018-11-16 17:48:40 +0100
0 - 0 - 0 clksite.com 173.192.101.24
2018-11-16 17:45:47 +0100
0 - 0 - 1 kidanioman.com/plans~%21@$@%5E%2A 5.10.105.36
2018-11-16 16:58:52 +0100
0 - 0 - 0 links.informations-edf.fr/ctt?kn=3&ms=NDUxNDM (...) 108.168.255.76
2018-11-16 14:43:15 +0100
0 - 0 - 1 taichplay.info/files/ 104.200.23.45
2018-11-16 14:25:58 +0100
0 - 1 - 0 macwater.net/ 50.97.114.18
2018-11-16 13:30:25 +0100
0 - 0 - 0 v.whatsapp.com/807789 192.155.212.202
2018-11-16 11:54:44 +0100
0 - 0 - 4 i-call.it/kjv783r 198.58.80.98
2018-11-16 11:36:26 +0100
0 - 0 - 1 https://bongdatreem.net/sparkasse/ 216.12.214.227
2018-11-16 11:29:55 +0100
0 - 0 - 1 kidanioman.com/plans~%21@$@%5E%2A 5.10.105.36
2018-11-16 11:11:51 +0100
0 - 0 - 0 www.spamarrest.com/a2?AQV4AwV4AwchnJAioTHholq (...) 174.36.59.160

No other reports on domain: 66.228.55.240.



JavaScript

Executed Scripts (12)


Executed Evals (0)


Executed Writes (4)

#1 JavaScript::Write (size: 633, repeated: 1) - SHA256: 151f620e9f5391b20afd2ea9c9a21d8b6a94b4fafd743ae6083b6ce79b353fc2

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-2323449035321033"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20180613/r20180604/zrt_lookup.html#" > < /iframe><script>google_pub_vars=window.parent['google_sv_map']['aswift_0'];google_iframe_start_time=new Date().getTime();google_async_iframe_id="aswift_0";</script > < script > window.google_process_slots = function() {
    window.google_sa_impl({
        iframeWin: window,
        pubWin: window.parent
    });
}; < /script><script src="https:/ / pagead2.googlesyndication.com / pagead / js / r20180613 / r20180604 / show_ads_impl.js "></script></body></html>
                                    

#2 JavaScript::Write (size: 429, repeated: 1) - SHA256: 93c9c76369473a6a9b91d29c29d0493c51f5f648c86c66bfda004aa8c78c04d9

                                        < !doctype html > < html > < body > < script > google_pub_vars = window.parent['google_sv_map']['aswift_1'];
google_iframe_start_time = new Date().getTime();
google_async_iframe_id = "aswift_1"; < /script><script>window.google_process_slots=function(){window.google_sa_impl({iframeWin: window, pubWin: window.parent});};</script > < script src = "https://pagead2.googlesyndication.com/pagead/js/r20180613/r20180604/show_ads_impl.js" > < /script></body > < /html>
                                    

#3 JavaScript::Write (size: 1314, repeated: 1) - SHA256: 3ff6d2747175a8c0ee9f6cc5d8a2fd005c3104eaf18be6960af9c06b8ba44e47

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "728"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2323449035321033&amp;output=html&amp;h=90&amp;slotname=5932501946&amp;adk=2766457931&amp;adf=807048394&amp;w=728&amp;lmt=1529519459&amp;guci=1.2.0.0.2.2.0&amp;format=728x90&amp;url=https%3A%2F%2Fsecure.shortcutsolutions.net%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;dt=1529519459702&amp;bpp=15&amp;fdt=26&amp;idt=320&amp;shv=r20180613&amp;cbv=r20180604&amp;saldr=aa&amp;abxe=1&amp;correlator=8427150936351&amp;frm=20&amp;pv=2&amp;ga_vid=728535090.1529519461&amp;ga_sid=1529519461&amp;ga_hid=304221416&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=120&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=8&amp;ady=106&amp;biw=1176&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=368226401%2C4089040%2C21061122%2C20194406%2C188690904&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=1&amp;dtd=860"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#4 JavaScript::Write (size: 1335, repeated: 1) - SHA256: e4fff4c3259b55c28a5ba5f364faeaab6ab2788bb1a11502b6863b307460285c

                                        < iframe id = "google_ads_frame2"
name = "google_ads_frame2"
width = "234"
height = "60"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2323449035321033&amp;output=html&amp;h=60&amp;slotname=0944642751&amp;adk=604859925&amp;adf=807048394&amp;w=234&amp;lmt=1529519459&amp;guci=1.2.0.0.2.2.0&amp;format=234x60&amp;url=https%3A%2F%2Fsecure.shortcutsolutions.net%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;dt=1529519459731&amp;bpp=10&amp;fdt=848&amp;idt=947&amp;shv=r20180613&amp;cbv=r20180604&amp;saldr=aa&amp;abxe=1&amp;prev_fmts=728x90&amp;correlator=8427150936351&amp;frm=20&amp;pv=1&amp;ga_vid=728535090.1529519461&amp;ga_sid=1529519461&amp;ga_hid=304221416&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=120&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=8&amp;ady=510&amp;biw=1176&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=368226401%2C4089040%2C21061122%2C20194406%2C188690904&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=2&amp;dtd=980"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    


HTTP Transactions (20)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: 66.228.55.240
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         66.228.55.240
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 20 Jun 2018 18:31:06 GMT
Server: Apache/2.4.7 (Ubuntu)
Location: https://secure.shortcutsolutions.net/
Cache-Control: max-age=0
Expires: Wed, 20 Jun 2018 18:31:06 GMT
Content-Length: 323
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   323
Md5:    58c383ae25d5ccc52d1c26da40a7a161
Sha1:   14cc140415bdbfa23677c367e8ff6ae0bc72ef05
Sha256: d013cd4bd6e484bc57ebf063d69436e16709e25e91a6f09d3d3722892367f4be
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "1F2F6B79569DE4A965BFE7A86B41E449E5C4D3322FD3426B79798EB0219731C6"
Last-Modified: Tue, 19 Jun 2018 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43200
Expires: Thu, 21 Jun 2018 06:30:58 GMT
Date: Wed, 20 Jun 2018 18:30:58 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    aa548cfa1507ba2b1ad89f220cc14687
Sha1:   e9fe93f0fbe40a1995bf2bd02ef0f87df14c1c23
Sha256: 1f2f6b79569de4a965bfe7a86b41e449e5c4d3322fd3426b79798eb0219731c6
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Tue, 19 Jun 2018 09:03:20 GMT
Etag: "94de6fcd62d50136e6875338f1fc15c2cc9ce7f8"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=6014
Expires: Wed, 20 Jun 2018 20:11:13 GMT
Date: Wed, 20 Jun 2018 18:30:59 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    64d356a4b88a43aa44f3c478f20f47a1
Sha1:   94de6fcd62d50136e6875338f1fc15c2cc9ce7f8
Sha256: 33c04226ff84b71495b5dec0c51619e43fb5b7a839a7c682e1e1ccc52d0b11a6
                                        
                                            GET / HTTP/1.1 
Host: secure.shortcutsolutions.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         66.228.55.240
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 20 Jun 2018 18:31:07 GMT
Server: Apache/2.4.7 (Ubuntu)
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Mod-Pagespeed: 1.13.35.2-0
Cache-Control: max-age=0, no-cache
Content-Encoding: gzip
Content-Length: 701
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   701
Md5:    343f18b1960bd0c59236c1d66aa1bcab
Sha1:   aedba092c2578c1d3e697ef07b717c25ec9be9c5
Sha256: bfe1f577ccf7772b21d3811df5782b69c33a73e3b007a681793d4833351c82e6
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 20 Jun 2018 18:30:59 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    33d42f4cfe780148d2422ac7637ec00c
Sha1:   7dcf6b34cde5d30e83ddf3791db5735c27526c50
Sha256: 2d30afca5a8be749b21da9db8c582cdc5a214ab7826d991e603f8d6ee9ba590f
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 20 Jun 2018 18:30:59 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 20 Jun 2018 18:30:59 GMT
Expires: Wed, 20 Jun 2018 18:30:59 GMT
Cache-Control: private, max-age=3600
Etag: 11131637562948519104
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   27283
Md5:    00adf4a1c2e9f7ba8bdbb6b36cb2a0f1
Sha1:   11c4d0575322a76a00fa998552e3d6ca1f17b26d
Sha256: 405ca74798ee96a2caf2a0740320bf927e3ac7a220f51a4f768778990bc093c5
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 20 Jun 2018 18:30:59 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    0552786fad9e7fa721f2f8ea9fc2132b
Sha1:   e35c184b33e00c8b6558f88753d9c235725e4e2f
Sha256: f2cff35de1b949e6e9f5272cb702d5bc17e70f0bbcf04486fc11cee39f4d49e9
                                        
                                            GET /pub-config/r20160913/ca-pub-2323449035321033.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 125
Date: Wed, 20 Jun 2018 18:30:59 GMT
Expires: Thu, 21 Jun 2018 06:30:59 GMT
Cache-Control: public, max-age=43200
Last-Modified: Tue, 19 Jun 2018 22:15:52 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   125
Md5:    21aea2dae0239adff4f9f063cdacfc76
Sha1:   ce64c497ac1dd86393da79e8cea239de113c1de7
Sha256: a59ee78166b8467dd7dd8c7acb03d8df7d16cf4a04f45c8558366df1c33b868f
                                        
                                            GET /adsid/integrator.js?domain=secure.shortcutsolutions.net HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Wed, 20 Jun 2018 18:30:59 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /pagead/js/r20180613/r20180604/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 20 Jun 2018 18:30:59 GMT
Expires: Wed, 20 Jun 2018 18:30:59 GMT
Cache-Control: private, max-age=1209600
Etag: 5353776564612892412
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   70143
Md5:    803c9eebaa80c463a498fa6adea42606
Sha1:   c4c2747ece8bdf917f52c056a7bf29eac126c3df
Sha256: e3657410469171b6ea55fed272fe10a4ad5d16e231b6f2ef6029c22ae2491b7d
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 20 Jun 2018 18:31:00 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    07fee19f28dc643d2df6b5d5d6ac935b
Sha1:   7e0b5a93707d4f2cbe1aaf12317030ce92664b9e
Sha256: 693dd1d9cf88215f05f7dca7a145b0f1a4613147771ddde60f9ab30cccea5e99
                                        
                                            GET /pagead/html/r20180613/r20180604/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 14 Jun 2018 18:00:53 GMT
Expires: Thu, 28 Jun 2018 18:00:53 GMT
Etag: 4726315756816018096
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6958
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 520207
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6958
Md5:    10e890f6add5412ceb6551110efc6a5a
Sha1:   2931281ad4cc4612fc4f51d293476b6447d24df0
Sha256: 7b9de2bf9579846089a25c5cc861e2de3e7b91f3867e528478a7badb2f6da1f0
                                        
                                            GET /pagead/js/r20180613/r20180604/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 14 Jun 2018 03:28:35 GMT
Expires: Thu, 28 Jun 2018 03:28:35 GMT
Etag: 3904269307053913741
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 26581
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 572545
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   26581
Md5:    fbaf30981770e8e6717f4d6e0a79e829
Sha1:   766daae04287db41a4d415bd2ff67bcb9aa740fa
Sha256: 36283f424b87e260fcba6da7d4480042afc0279fa9b8f3b7ee97396144747b5f
                                        
                                            GET /adsid/integrator.js?domain=secure.shortcutsolutions.net HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Wed, 20 Jun 2018 18:31:00 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /pagead/ads?client=ca-pub-2323449035321033&output=html&h=60&slotname=0944642751&adk=604859925&adf=807048394&w=234&lmt=1529519459&guci=1.2.0.0.2.2.0&format=234x60&url=https%3A%2F%2Fsecure.shortcutsolutions.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1529519459731&bpp=10&fdt=848&idt=947&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8427150936351&frm=20&pv=1&ga_vid=728535090.1529519461&ga_sid=1529519461&ga_hid=304221416&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=8&ady=510&biw=1176&bih=754&scr_x=0&scr_y=0&eid=368226401%2C4089040%2C21061122%2C20194406%2C188690904&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=980 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 20 Jun 2018 18:31:00 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Wed, 20-Jun-2018 18:46:00 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
Expires: Wed, 20 Jun 2018 18:31:00 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   386
Md5:    4f56c3a36a35b8d2ec61ee4bc78151a0
Sha1:   9303d22375e478e443bf356438909e7be3d659f2
Sha256: 1a8e4c39f113d13d8426e268ff77c3590aa5e1705b42ffbf0971dc4d9b941f91
                                        
                                            GET /pagead/ads?client=ca-pub-2323449035321033&output=html&h=90&slotname=5932501946&adk=2766457931&adf=807048394&w=728&lmt=1529519459&guci=1.2.0.0.2.2.0&format=728x90&url=https%3A%2F%2Fsecure.shortcutsolutions.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1529519459702&bpp=15&fdt=26&idt=320&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=8427150936351&frm=20&pv=2&ga_vid=728535090.1529519461&ga_sid=1529519461&ga_hid=304221416&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=8&ady=106&biw=1176&bih=754&scr_x=0&scr_y=0&eid=368226401%2C4089040%2C21061122%2C20194406%2C188690904&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=860 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 20 Jun 2018 18:31:00 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Wed, 20-Jun-2018 18:46:00 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
Expires: Wed, 20 Jun 2018 18:31:00 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   384
Md5:    93054e222b1a58fc0a51b36b50173486
Sha1:   83285b4081bf6cdb7b7f54158932fad100b8d9f9
Sha256: 36ae8683ebc2f37926ef23309c0ac85ab8709a87d70b1b40810c4d01cdeca739
                                        
                                            GET /pagead/gen_204?id=resize&scrl=0&adk=2766457931&adf=807048394&fmt=728x90&str=false&ad_y=106.43333435058594&vph=754&r_nh=0&qid=CNaVj4Hw4tsCFViaGAodEoIKfQ&w=728&h=90&err=1&url=https%3A%2F%2Fsecure.shortcutsolutions.net%2F HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.shortcutsolutions.net/

                                         
                                         172.217.21.162
HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Wed, 20 Jun 2018 18:31:00 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: secure.shortcutsolutions.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         66.228.55.240
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 20 Jun 2018 18:31:09 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 303
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   303
Md5:    01753ee2f5cbd11a37348181c0f8e723
Sha1:   6d24b9f0c56efb3f8263f495b33fd17c1024c469
Sha256: 56229f8f644f146673178f36f79d90dd005b75c2cc9fa70806500473fd9fd350
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: secure.shortcutsolutions.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         66.228.55.240
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 20 Jun 2018 18:31:10 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 303
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   303
Md5:    01753ee2f5cbd11a37348181c0f8e723
Sha1:   6d24b9f0c56efb3f8263f495b33fd17c1024c469
Sha256: 56229f8f644f146673178f36f79d90dd005b75c2cc9fa70806500473fd9fd350