Overview

URL photoconnections.net
IP66.96.147.159
ASNAS29873 The Endurance International Group, Inc.
Location United States
Report completed2018-10-18 02:07:47 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 66.96.147.159

Date UQ / IDS / BL URL IP
2019-04-15 13:24:21 +0200
0 - 0 - 8 windows10-activator.com/ 66.96.147.159
2018-09-02 08:09:47 +0200
0 - 1 - 0 qatar.com-rg.net/ 66.96.147.159
2018-08-03 20:15:13 +0200
0 - 0 - 0 advisorlawyer.net 66.96.147.159
2018-07-09 10:16:46 +0200
0 - 0 - 0 sitnpretti.com 66.96.147.159
2018-06-28 22:05:25 +0200
0 - 0 - 0 https://www.qmsi.software/EPF-WEB 66.96.147.159
2018-06-20 03:21:32 +0200
0 - 1 - 0 dubai.com-reg.net/ 66.96.147.159
2018-06-14 11:57:02 +0200
0 - 1 - 0 dubai.com-reg.net 66.96.147.159
2018-05-29 19:13:00 +0200
0 - 1 - 0 emirates.com-reg.net/ 66.96.147.159
2018-05-28 16:21:38 +0200
0 - 1 - 0 emirates.com-reg.net/ 66.96.147.159
2018-05-28 10:27:07 +0200
0 - 2 - 1 www.hdioso.com/ 66.96.147.159

Last 10 reports on ASN: AS29873 The Endurance International Group, Inc.

Date UQ / IDS / BL URL IP
2019-04-24 05:00:54 +0200
0 - 0 - 1 https://saint-mike.com/server.exe 66.96.163.130
2019-04-24 04:27:13 +0200
0 - 0 - 1 silkroad-adventure.com/7a3ba897f11ee31ea52758 (...) 66.96.130.7
2019-04-24 02:50:08 +0200
0 - 0 - 10 tranphusaigon.com/wp-content/wp-adm/bof-meu/b (...) 65.254.248.151
2019-04-23 21:29:46 +0200
0 - 0 - 1 hacha.org/programas/resistencias.rar 66.96.147.101
2019-04-23 18:40:17 +0200
0 - 0 - 0 www.csisoftwareusa.com/404/index.php 66.96.146.129
2019-04-23 13:30:32 +0200
0 - 0 - 6 acapellatown.net/midi/category/2-unlimited 66.96.149.32
2019-04-23 13:19:23 +0200
0 - 0 - 0 drm.satoil.com 66.96.133.6
2019-04-23 10:08:30 +0200
0 - 0 - 6 acapellatown.net/midi/category/a-ha/ 66.96.149.32
2019-04-23 09:32:28 +0200
0 - 0 - 6 acapellatown.net/midi/category/house 66.96.149.32
2019-04-23 08:39:56 +0200
0 - 0 - 0 ringlord.com 66.96.149.1

No other reports on domain: photoconnections.net



JavaScript

Executed Scripts (19)


Executed Evals (0)


Executed Writes (6)

#1 JavaScript::Write (size: 623, repeated: 1) - SHA256: 1dcf0847848a12213b1d5bdcb01982d39e9d7c945f2d228579266033f67a5fe9

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-6592299222545545"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20181010/r20180604/zrt_lookup.html#" > < /iframe><script>google_iframe_start_time=new Date().getTime();google_async_iframe_id="aswift_0";</script > < script > window.google_process_slots = function() {
    window.google_sa_impl({
        iframeWin: window,
        pubWin: window.parent,
        vars: window.parent['google_sv_map']['aswift_0']
    });
}; < /script><script src="http:/ / pagead2.googlesyndication.com / pagead / js / r20181010 / r20180604 / show_ads_impl.js "></script></body></html>
                                    

#2 JavaScript::Write (size: 419, repeated: 1) - SHA256: 472f197d71622ce8c84de5bc6934a62a1e57083a9fca4a8aacad18926ced90de

                                        < !doctype html > < html > < body > < script > google_iframe_start_time = new Date().getTime();
google_async_iframe_id = "aswift_1"; < /script><script>window.google_process_slots=function(){window.google_sa_impl({iframeWin: window, pubWin: window.parent, vars: window.parent['google_sv_map']['aswift_1']});};</script > < script src = "http://pagead2.googlesyndication.com/pagead/js/r20181010/r20180604/show_ads_impl.js" > < /script></body > < /html>
                                    

#3 JavaScript::Write (size: 419, repeated: 1) - SHA256: 2d31bc00d0b6a5cb711eeb87e1dd917f8cc77b884ee19ef490d80402e684d5e4

                                        < !doctype html > < html > < body > < script > google_iframe_start_time = new Date().getTime();
google_async_iframe_id = "aswift_2"; < /script><script>window.google_process_slots=function(){window.google_sa_impl({iframeWin: window, pubWin: window.parent, vars: window.parent['google_sv_map']['aswift_2']});};</script > < script src = "http://pagead2.googlesyndication.com/pagead/js/r20181010/r20180604/show_ads_impl.js" > < /script></body > < /html>
                                    

#4 JavaScript::Write (size: 1296, repeated: 1) - SHA256: 0c4b50542ec82c0fc03fb7a55ef38b2312178d855027835f69ed91cffd4f06d9

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "728"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6592299222545545&amp;output=html&amp;h=90&amp;slotname=9437895268&amp;adk=1008776544&amp;adf=807048394&amp;w=728&amp;lmt=1510704228&amp;guci=1.2.0.0.2.2.0&amp;format=728x90&amp;url=http%3A%2F%2Fphotoconnections.net%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;dt=1539821232735&amp;bpp=12&amp;fdt=18&amp;idt=258&amp;shv=r20181010&amp;cbv=r20180604&amp;saldr=aa&amp;abxe=1&amp;correlator=6026562444358&amp;frm=20&amp;pv=2&amp;ga_vid=310338983.1539821234&amp;ga_sid=1539821234&amp;ga_hid=1927093062&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=120&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=216&amp;ady=8&amp;biw=1159&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=21062570%2C21060853%2C20195144%2C828064255&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=1&amp;dtd=1120"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#5 JavaScript::Write (size: 1303, repeated: 1) - SHA256: 4a511b3356eca2aa8d15e74bd9c5bc959f42dd5f03c20ae8f990c2bdf7926bb1

                                        < iframe id = "google_ads_frame2"
name = "google_ads_frame2"
width = "728"
height = "15"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6592299222545545&amp;output=html&amp;h=15&amp;slotname=8364486744&amp;adk=3140632776&amp;adf=807048394&amp;w=728&amp;lmt=1510704228&amp;guci=1.2.0.0.2.2.0&amp;url=http%3A%2F%2Fphotoconnections.net%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;dt=1539821232755&amp;bpp=9&amp;fdt=1202&amp;idt=1345&amp;shv=r20181010&amp;cbv=r20180604&amp;saldr=aa&amp;abxe=1&amp;prev_fmts=728x90&amp;correlator=6026562444358&amp;frm=20&amp;pv=1&amp;ga_vid=310338983.1539821234&amp;ga_sid=1539821234&amp;ga_hid=1927093062&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=120&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=216&amp;ady=560&amp;biw=1159&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=21062570%2C21060853%2C20195144%2C828064255&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=2&amp;dtd=1373"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#6 JavaScript::Write (size: 1335, repeated: 1) - SHA256: d5035ff8e2f3ed644391136003a4eb9fec354286dc494691c7feda7aa606600e

                                        < iframe id = "google_ads_frame3"
name = "google_ads_frame3"
width = "728"
height = "15"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6592299222545545&amp;output=html&amp;h=15&amp;slotname=8364486744&amp;adk=3995527574&amp;adf=807048394&amp;w=728&amp;lmt=1510704228&amp;guci=1.2.0.0.2.2.0&amp;url=http%3A%2F%2Fphotoconnections.net%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;dt=1539821232764&amp;bpp=5&amp;fdt=1394&amp;idt=1517&amp;shv=r20181010&amp;cbv=r20180604&amp;saldr=aa&amp;abxe=1&amp;prev_fmts=728x90&amp;prev_slotnames=8364486744&amp;correlator=6026562444358&amp;frm=20&amp;pv=1&amp;ga_vid=310338983.1539821234&amp;ga_sid=1539821234&amp;ga_hid=1927093062&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=120&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=216&amp;ady=887&amp;biw=1159&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=21062570%2C21060853%2C20195144%2C828064255&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7Cbr%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=3&amp;dtd=1540"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    


HTTP Transactions (25)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: photoconnections.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         66.96.147.159
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Thu, 18 Oct 2018 00:07:12 GMT
Content-Length: 3221
Connection: keep-alive
Keep-Alive: timeout=30
Server: Apache
Last-Modified: Wed, 15 Nov 2017 00:03:48 GMT
Etag: "c95-55dfa3ce049d9"
Cache-Control: max-age=3600
Expires: Thu, 18 Oct 2018 01:07:12 GMT
Accept-Ranges: bytes
Age: 0


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   3221
Md5:    427201931f7402714e6561f382874ed1
Sha1:   7b349307b87a6a58634078b730dda50cff6228fc
Sha256: 12602198e17d96fd028d5ecf59c4f007feda44275d988fff1203832f05da82d6
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 18 Oct 2018 00:07:12 GMT
Expires: Thu, 18 Oct 2018 00:07:12 GMT
Cache-Control: private, max-age=3600
Etag: 12863622562313528110
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 27975
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   27975
Md5:    ae11c1748bcf2fb67097bef1e1cbd051
Sha1:   ba5621bfdb2f2245596422ca6f5d134e3ba75524
Sha256: 134f13aabf1bbabf5d42a01af68df9b19e097d7a8226b4298bb284e24cd59427
                                        
                                            GET /pagead/js/r20181010/r20180604/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 18 Oct 2018 00:07:12 GMT
Expires: Thu, 18 Oct 2018 00:07:12 GMT
Cache-Control: private, max-age=1209600
Etag: 16159507721029663624
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 74390
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   74390
Md5:    8478d1239edabb81f23600377b2c13f4
Sha1:   a63046d1567c321f33e744905667e867401adaca
Sha256: 21bd50b9a143a40a12e7924d1ef717ac69ec5f4becf985dbb83a304a83e63774
                                        
                                            GET /images/header11.jpg HTTP/1.1 
Host: photoconnections.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         66.96.147.159
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 18 Oct 2018 00:07:12 GMT
Content-Length: 86776
Connection: keep-alive
Keep-Alive: timeout=30
Server: Apache
Last-Modified: Tue, 14 Nov 2017 23:33:30 GMT
Etag: "152f8-55df9d083f068"
Cache-Control: max-age=14400
Expires: Thu, 18 Oct 2018 00:08:47 GMT
Accept-Ranges: bytes
Age: 14305


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   86776
Md5:    c0dfd8ba6603929d87cb250445f24613
Sha1:   b4a5f69988ba4cf5760a7cd06d8f66bbb7cdfbdd
Sha256: acaeea05dbc35c2eb8410ff24ec6afab75cbcc3a64e8bd74db1f2c2f2f0b880c
                                        
                                            GET /images/banner_drawing1.jpg HTTP/1.1 
Host: photoconnections.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         66.96.147.159
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 18 Oct 2018 00:07:12 GMT
Content-Length: 28473
Connection: keep-alive
Keep-Alive: timeout=30
Server: Apache
Last-Modified: Tue, 14 Nov 2017 23:33:29 GMT
Etag: "6f39-55df9d076b990"
Cache-Control: max-age=14400
Expires: Thu, 18 Oct 2018 00:08:47 GMT
Accept-Ranges: bytes
Age: 14305


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   28473
Md5:    452e09e89c64d451c3cc36e301fb66e2
Sha1:   bfed0bfe490958a47caf0e8371d20cd604d6e129
Sha256: 6ff79942cf1826419acd63b809844529026989a32ce1155ab9daf3a7066adba5
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 18 Oct 2018 00:07:13 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    9a3467654409e6aa75058822aa6ccd4a
Sha1:   66b4492a234d561dd2b66bcd04096d9039526179
Sha256: bc03fe1be7f9f79c55eb1c1b485f4d4a47d5185bf073a6654d60ed83cd99711d
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 18 Oct 2018 00:07:14 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 18 Oct 2018 00:07:14 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    8865a12f8cc4f4916e5aad942c2764d3
Sha1:   dca46d7689c09e7ffdd9bbcf60424633a084e530
Sha256: 1866d143f1a19b5a6495ef65fc5cdd98aaa267056f821ed577a7bb4da49a5b08
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 18 Oct 2018 00:07:14 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    e6f05f1e4487f833ce9a90d855b7d5c9
Sha1:   489aa3a2a64cd6f53e7db3fec68e13d81af74d8f
Sha256: 0e760b9a173c8505e93c05b3f995a65a4f4082c8f85423d2587c3a13eded6716
                                        
                                            GET /pub-config/r20160913/ca-pub-6592299222545545.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 125
Date: Thu, 18 Oct 2018 00:07:14 GMT
Expires: Thu, 18 Oct 2018 12:07:14 GMT
Cache-Control: public, max-age=43200
Last-Modified: Wed, 17 Oct 2018 21:35:18 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   125
Md5:    21aea2dae0239adff4f9f063cdacfc76
Sha1:   ce64c497ac1dd86393da79e8cea239de113c1de7
Sha256: a59ee78166b8467dd7dd8c7acb03d8df7d16cf4a04f45c8558366df1c33b868f
                                        
                                            GET /adsid/integrator.js?domain=photoconnections.net HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Thu, 18 Oct 2018 00:07:14 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /adsid/integrator.js?domain=photoconnections.net HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Thu, 18 Oct 2018 00:07:14 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /pagead/js/r20181010/r20180604/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 11 Oct 2018 01:50:28 GMT
Expires: Thu, 25 Oct 2018 01:50:28 GMT
Etag: 1710582856480326422
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 27187
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 598606
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   27187
Md5:    1510d088fee4107303e6d39de683664c
Sha1:   418392689f71f433c8eda34d08b498da881c773d
Sha256: 48365c9a4c03215340b2884e5e916246217cb79ee5e9347431097a41c6442412
                                        
                                            GET /pagead/html/r20181010/r20180604/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 11 Oct 2018 00:19:57 GMT
Expires: Thu, 25 Oct 2018 00:19:57 GMT
Etag: 12810928231326100212
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6940
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 604037
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6940
Md5:    d777326182433d075d044edb2f090fa9
Sha1:   6b39f197a7908fff24360fe81de0d221134a3197
Sha256: c8232f61c75ebbbe71b20c2aca70b70dcb6b65a0d35509a9ada4994a41c1976b
                                        
                                            GET /pagead/ads?client=ca-pub-6592299222545545&output=html&h=15&slotname=8364486744&adk=3140632776&adf=807048394&w=728&lmt=1510704228&guci=1.2.0.0.2.2.0&url=http%3A%2F%2Fphotoconnections.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1539821232755&bpp=9&fdt=1202&idt=1345&shv=r20181010&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6026562444358&frm=20&pv=1&ga_vid=310338983.1539821234&ga_sid=1539821234&ga_hid=1927093062&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=216&ady=560&biw=1159&bih=754&scr_x=0&scr_y=0&eid=21062570%2C21060853%2C20195144%2C828064255&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=1373 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Thu, 18 Oct 2018 00:07:14 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Thu, 18-Oct-2018 00:22:14 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Expires: Thu, 18 Oct 2018 00:07:14 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   2864
Md5:    23c12d31a5a87fc7e0a0cd3d12518c17
Sha1:   6f42e79a766ca51389650113b46010feca91445c
Sha256: 04caba6d3fab6fcba0486faf24eadafd84e6f655a250962b9e5022f87ec12033
                                        
                                            GET /pagead/ads?client=ca-pub-6592299222545545&output=html&h=15&slotname=8364486744&adk=3995527574&adf=807048394&w=728&lmt=1510704228&guci=1.2.0.0.2.2.0&url=http%3A%2F%2Fphotoconnections.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1539821232764&bpp=5&fdt=1394&idt=1517&shv=r20181010&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=8364486744&correlator=6026562444358&frm=20&pv=1&ga_vid=310338983.1539821234&ga_sid=1539821234&ga_hid=1927093062&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=216&ady=887&biw=1159&bih=754&scr_x=0&scr_y=0&eid=21062570%2C21060853%2C20195144%2C828064255&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7Cbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=3&dtd=1540 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Thu, 18 Oct 2018 00:07:14 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Thu, 18-Oct-2018 00:22:14 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Expires: Thu, 18 Oct 2018 00:07:14 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   2890
Md5:    7c17ccf34d6f1817569755317458857d
Sha1:   d51fe701d78be6ff78000bbebb0854b82135841f
Sha256: 691582daaad96ea159d4e6ad507d00bf327b576bc04e68e6d324f35b750cd28a
                                        
                                            GET /pagead/images/adchoices/icon.png HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6592299222545545&output=html&h=15&slotname=8364486744&adk=3140632776&adf=807048394&w=728&lmt=1510704228&guci=1.2.0.0.2.2.0&url=http%3A%2F%2Fphotoconnections.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1539821232755&bpp=9&fdt=1202&idt=1345&shv=r20181010&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6026562444358&frm=20&pv=1&ga_vid=310338983.1539821234&ga_sid=1539821234&ga_hid=1927093062&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=216&ady=560&biw=1159&bih=754&scr_x=0&scr_y=0&eid=21062570%2C21060853%2C20195144%2C828064255&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=1373
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: image/png
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 17 Oct 2018 16:50:49 GMT
Expires: Thu, 18 Oct 2018 16:50:49 GMT
Etag: 426692510519060060
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 295
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=86400
Age: 26185
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  PNG image, 15 x 15, 16-bit/color RGBA, non-interlaced
Size:   295
Md5:    d848a2953307aa510bdad31f5bf84671
Sha1:   e9d6d8daa9255f99e4e778ff4c4b47806bdb18c1
Sha256: 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 18 Oct 2018 00:07:14 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    34402ce7cd07fbac1d71356f67365a3d
Sha1:   64761d3f325030537278f0d27485912b91e945e0
Sha256: 9be772bedd3b4c6fed0754da13c0d7622ec598bdb3b121b52d0a91c8138f19b2
                                        
                                            GET /pagead/ads?client=ca-pub-6592299222545545&output=html&h=90&slotname=9437895268&adk=1008776544&adf=807048394&w=728&lmt=1510704228&guci=1.2.0.0.2.2.0&format=728x90&url=http%3A%2F%2Fphotoconnections.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1539821232735&bpp=12&fdt=18&idt=258&shv=r20181010&cbv=r20180604&saldr=aa&abxe=1&correlator=6026562444358&frm=20&pv=2&ga_vid=310338983.1539821234&ga_sid=1539821234&ga_hid=1927093062&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=216&ady=8&biw=1159&bih=754&scr_x=0&scr_y=0&eid=21062570%2C21060853%2C20195144%2C828064255&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=1120 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://photoconnections.net/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Thu, 18 Oct 2018 00:07:14 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Thu, 18-Oct-2018 00:22:14 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Expires: Thu, 18 Oct 2018 00:07:14 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   384
Md5:    a36a9ceeb6b271dd6ce435e98133ae39
Sha1:   3ce6ac73172308914a100af0198dfd8c8587296c
Sha256: a0405c625d4895c2357fa5790d9be7416e29f1e9ec78a859e4aac78f3283440c
                                        
                                            GET /pagead/js/r20181010/r20110914/activeview/osd_listener.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6592299222545545&output=html&h=15&slotname=8364486744&adk=3140632776&adf=807048394&w=728&lmt=1510704228&guci=1.2.0.0.2.2.0&url=http%3A%2F%2Fphotoconnections.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1539821232755&bpp=9&fdt=1202&idt=1345&shv=r20181010&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6026562444358&frm=20&pv=1&ga_vid=310338983.1539821234&ga_sid=1539821234&ga_hid=1927093062&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=216&ady=560&biw=1159&bih=754&scr_x=0&scr_y=0&eid=21062570%2C21060853%2C20195144%2C828064255&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=1373

                                         
                                         216.58.207.225
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 10 Oct 2018 14:05:54 GMT
Expires: Wed, 24 Oct 2018 14:05:54 GMT
Etag: 17625815580851182446
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 27584
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 640880
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   27584
Md5:    55041845315997adb9c5feef739ab5a2
Sha1:   8dbefabe40cc5a88b7ba7b3fe4b147e763109868
Sha256: a131e5b43fc58608d75a3c04212e29a4c02cdd506831285f2840300f87e3c85c
                                        
                                            GET /pagead/js/r20181010/r20110914/abg_lite.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6592299222545545&output=html&h=15&slotname=8364486744&adk=3140632776&adf=807048394&w=728&lmt=1510704228&guci=1.2.0.0.2.2.0&url=http%3A%2F%2Fphotoconnections.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1539821232755&bpp=9&fdt=1202&idt=1345&shv=r20181010&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6026562444358&frm=20&pv=1&ga_vid=310338983.1539821234&ga_sid=1539821234&ga_hid=1927093062&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=216&ady=560&biw=1159&bih=754&scr_x=0&scr_y=0&eid=21062570%2C21060853%2C20195144%2C828064255&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=1373

                                         
                                         216.58.207.225
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 10 Oct 2018 14:05:54 GMT
Expires: Wed, 24 Oct 2018 14:05:54 GMT
Etag: 1958646849341609685
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 12869
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 640880
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   12869
Md5:    369482e1c910d15b1d60d5d530e80fbc
Sha1:   f7194a45127dfa950c7ad56a23611574f68b6914
Sha256: bec5cdabde5101740504226243df61d4efa2820e1b5f71952cd305c6a701b4de
                                        
                                            GET /pcs/activeview?xai=AKAOjsvWKieT4qlMJ4TzDZVTaSxJw2GlugESE1-zrjyCz-2_Lo07-T0K4nk30JrK6mjMFhl9LPR2DDHspaSKW_LqKy6nj4TLz0KzKCGP&sig=Cg0ArKJSzGExWJovkF8oEAE&r=pv&id=osdim&uc=0&tgt=nf&cl=0&v=r20181010 HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6592299222545545&output=html&h=15&slotname=8364486744&adk=3140632776&adf=807048394&w=728&lmt=1510704228&guci=1.2.0.0.2.2.0&url=http%3A%2F%2Fphotoconnections.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1539821232755&bpp=9&fdt=1202&idt=1345&shv=r20181010&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6026562444358&frm=20&pv=1&ga_vid=310338983.1539821234&ga_sid=1539821234&ga_hid=1927093062&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=216&ady=560&biw=1159&bih=754&scr_x=0&scr_y=0&eid=21062570%2C21060853%2C20195144%2C828064255&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=1373

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Date: Thu, 18 Oct 2018 00:07:15 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pcs/activeview?xai=AKAOjssT1h9Pd6_PLQC9KH0npNk6fXjWgcoq6YZEdgVELmWNr8lItBI265a1X8AKGMRBS2vR2SK7omFkPzE69iSzq85020wPKjeKhjyV&sig=Cg0ArKJSzOkEhl7Muq6cEAE&r=pv&id=osdim&uc=0&tgt=nf&cl=0&v=r20181010 HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6592299222545545&output=html&h=15&slotname=8364486744&adk=3995527574&adf=807048394&w=728&lmt=1510704228&guci=1.2.0.0.2.2.0&url=http%3A%2F%2Fphotoconnections.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1539821232764&bpp=5&fdt=1394&idt=1517&shv=r20181010&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=8364486744&correlator=6026562444358&frm=20&pv=1&ga_vid=310338983.1539821234&ga_sid=1539821234&ga_hid=1927093062&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=216&ady=887&biw=1159&bih=754&scr_x=0&scr_y=0&eid=21062570%2C21060853%2C20195144%2C828064255&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7Cbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=3&dtd=1540

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Date: Thu, 18 Oct 2018 00:07:15 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: photoconnections.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         66.96.147.159
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Thu, 18 Oct 2018 00:07:15 GMT
Content-Length: 863
Connection: keep-alive
Keep-Alive: timeout=30
Server: Apache
Last-Modified: Wed, 02 Aug 2017 19:17:35 GMT
Accept-Ranges: bytes, bytes
Age: 0


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   863
Md5:    48b224e27fc0531334736bf30f60072a
Sha1:   095be8bd8197388323d8bb78a43718c975bae4a9
Sha256: 34c4d4a0e2ee644773bc81295d48609e40621bbc15cd04d3eec5b7d8726a320b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: photoconnections.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=0-
If-Range: Wed, 02 Aug 2017 19:17:35 GMT

                                         
                                         66.96.147.159
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Thu, 18 Oct 2018 00:07:15 GMT
Content-Length: 863
Connection: keep-alive
Keep-Alive: timeout=30
Server: Apache
Last-Modified: Wed, 02 Aug 2017 19:17:35 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   863
Md5:    48b224e27fc0531334736bf30f60072a
Sha1:   095be8bd8197388323d8bb78a43718c975bae4a9
Sha256: 34c4d4a0e2ee644773bc81295d48609e40621bbc15cd04d3eec5b7d8726a320b