Overview

URL go.afh32lkjwe.net
IP52.28.43.142
ASNAS16509 Amazon.com, Inc.
Location Germany
Report completed2017-12-07 11:16:32 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 3 reports on IP: 52.28.43.142

Date UQ / IDS / BL URL IP
2017-12-07 11:18:41 +0100
0 - 0 - 0 go.afh32lkjwe.net/favicon.ico 52.28.43.142
2017-11-05 14:52:36 +0100
0 - 0 - 1 go.afhkj23lkhs.xyz/traf?c=3902 52.28.43.142
2017-10-17 10:16:26 +0200
0 - 0 - 0 go.afh78erlkj.xyz 52.28.43.142

Last 10 reports on ASN: AS16509 Amazon.com, Inc.

Date UQ / IDS / BL URL IP
2017-12-15 09:19:51 +0100
2 - 0 - 0 amazon.de.wahlensieihrgluckselement.accountan (...) 54.93.122.66
2017-12-15 09:13:56 +0100
0 - 1 - 0 limdile.com/b6ddc0f2-2191-41c9-afe6-2ba001acc (...) 54.93.159.4
2017-12-15 09:13:44 +0100
2 - 1 - 0 amazon.com.bonuspointssmartphones.win/c1-v954 (...) 54.93.122.66
2017-12-15 09:10:40 +0100
0 - 4 - 1 metalinktracking.com/delivery/click.php?metalink=4 54.201.71.19
2017-12-15 09:07:59 +0100
2 - 1 - 0 amazon.com.extrabonusgadgets.bid/c1-v954-lv-C (...) 54.93.122.66
2017-12-15 09:01:41 +0100
2 - 0 - 0 amazon.com.advancegiftgiveaways.men/c1-v954-c (...) 54.93.122.66
2017-12-15 08:55:30 +0100
2 - 1 - 0 amazon.com.seasonalrewardgiveaways.faith/c1-v (...) 54.93.122.66
2017-12-15 08:44:07 +0100
2 - 1 - 0 amazon.com.claimholidaygadgets.webcam/c1-v954 (...) 54.93.122.66
2017-12-15 08:37:53 +0100
0 - 0 - 0 ec2-54-213-190-230.us-west-2.compute.amazonaws.com 54.213.190.230
2017-12-15 08:27:29 +0100
2 - 1 - 0 amazon.com.ny-gadget-versjoner-promo.host/c1- (...) 54.93.122.66

No other reports on domain: afh32lkjwe.net



JavaScript

Executed Scripts (10)


Executed Evals (7)

#1 JavaScript::Eval (size: 380, repeated: 1) - SHA256: d554409a92584ea44cfa4371c3cdb17bbeb4520aad32625c4283ee14c124f98a

                                        "\u3002\u300C\u300D\u3001\u30FB\u30F2\u30A1\u30A3\u30A5\u30A7\u30A9\u30E3\u30E5\u30E7\u30C3\u30FC\u30A2\u30A4\u30A6\u30A8\u30AA\u30AB\u30AD\u30AF\u30B1\u30B3\u30B5\u30B7\u30B9\u30BB\u30BD\u30BF\u30C1\u30C4\u30C6\u30C8\u30CA\u30CB\u30CC\u30CD\u30CE\u30CF\u30D2\u30D5\u30D8\u30DB\u30DE\u30DF\u30E0\u30E1\u30E2\u30E4\u30E6\u30E8\u30E9\u30EA\u30EB\u30EC\u30ED\u30EF\u30F3\u309B\u309C"
                                    

#2 JavaScript::Eval (size: 128, repeated: 1) - SHA256: a57860e57beadba16a31d8ed9ad8c1b0f954eb570964e6b7afa906f581f5b96d

                                        "\u30A6\u30AB\u30AD\u30AF\u30B1\u30B3\u30B5\u30B7\u30B9\u30BB\u30BD\u30BF\u30C1\u30C4\u30C6\u30C8\u30CF\u30D2\u30D5\u30D8\u30DB"
                                    

#3 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 49e5a3c9a690014556c38268c9a73d7b0d57e9c41dbed98b82b57760f231adc4

                                        "\u30CF\u30D2\u30D5\u30D8\u30DB"
                                    

#4 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 4ae962eaa2451ad9c4d52c042d6ea62ec6f3faf8628b5a8cc6bd64300a342543

                                        "\u30D1\u30D4\u30D7\u30DA\u30DD"
                                    

#5 JavaScript::Eval (size: 40, repeated: 1) - SHA256: ba0e98aadef8bde958800cd09d1d05cc45c3fa8c57fe9806e7cda2d53e632fff

                                        "\u30D1__\u30D4__\u30D7__\u30DA__\u30DD"
                                    

#6 JavaScript::Eval (size: 135, repeated: 1) - SHA256: 224a6aed48a221a344ea43c2fbc4d94af06935bd36416c276af1d2e4f10757b1

                                        "\u30F4__\u30AC\u30AE\u30B0\u30B2\u30B4\u30B6\u30B8\u30BA\u30BC\u30BE\u30C0\u30C2\u30C5\u30C7\u30C9_____\u30D0\u30D3\u30D6\u30D9\u30DC"
                                    

#7 JavaScript::Eval (size: 161, repeated: 1) - SHA256: 817cad2021ca194f96b28c5f9856955fc765edc888821a4e4774a18e545c009d

                                        "\u30F4____\u30AC_\u30AE_\u30B0_\u30B2_\u30B4_\u30B6_\u30B8_\u30BA_\u30BC_\u30BE_\u30C0_\u30C2__\u30C5_\u30C7_\u30C9______\u30D0__\u30D3__\u30D6__\u30D9__\u30DC"
                                    

Executed Writes (0)



HTTP Transactions (18)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: go.afh32lkjwe.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.28.43.142
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 07 Dec 2017 10:22:35 GMT
Content-Length: 154
Connection: keep-alive
Location: https://www.google.com


--- Additional Info ---
Magic:  HTML document text
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Dec 2017 10:22:35 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    553586bbead3455562d57c29bc7a3ff5
Sha1:   ec39594494254de2c33c73c5c53cb4a422a3d708
Sha256: 07dda9a155e2db4edf21f4f0af73612c1c03b834f322cd0da4f08fc855c07218
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=391103, public, no-transform, must-revalidate
Last-Modified: Mon, 4 Dec 2017 23:00:41 GMT
Expires: Mon, 11 Dec 2017 23:00:41 GMT
Date: Thu, 07 Dec 2017 10:22:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    f34e592a7b8c6407bf4d7130d27a2058
Sha1:   773f83149c758cfbe1ee34f5562dbab80f167f6a
Sha256: d6dea0b79b9602ccb5f9f6ec257eef00e024d0a1ee1a7000251905204b78a983
                                        
                                            GET / HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         209.85.233.106
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Cache-Control: private
Referrer-Policy: no-referrer
Location: https://www.google.no/?gfe_rd=cr&dcr=0&ei=axYpWqScI4u5ygX467HoAw
Content-Length: 269
Date: Thu, 07 Dec 2017 10:22:35 GMT
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  HTML document text
Size:   269
Md5:    f5ce3e1b48fcf05914cb0608e96249c0
Sha1:   9ed22796832102e38531f1613df6d4cf0d150f90
Sha256: c12a316e032db4736f442e4ab6fc3f6a8a886edeb1e0fecbbea23ea460861c1d
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Dec 2017 10:22:35 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    9005c25a728e1115c90ba1e65d589def
Sha1:   b67ca8347f284437f3b531034d684decbb345f24
Sha256: 5b0755f7a4b3a2566ed0548e48e79dc48777bb4a4f01a84b71bc264c719533ae
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Dec 2017 10:22:35 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            GET /?gfe_rd=cr&dcr=0&ei=axYpWqScI4u5ygX467HoAw HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         209.85.233.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 07 Dec 2017 10:22:35 GMT
Expires: -1
Cache-Control: private, max-age=0
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Encoding: gzip
Server: gws
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2017-12-07-10; expires=Sat, 06-Jan-2018 10:22:35 GMT; path=/; domain=.google.no NID=118=V3ENk8MZIryBVGpuRorhE8XGsaPiKhKPoRteLUK1QvKhzXffpShzE-XbnwXivy8K3XoDpYqLzM_2wj_sT9tE6H1FW0j-Ggqu_ZglwZlSu9vxVwGbPaldzheOFaS06ScL; expires=Fri, 08-Jun-2018 10:22:35 GMT; path=/; domain=.google.no; HttpOnly
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   15708
Md5:    0d52ddb66cb4e26975af11e69341e468
Sha1:   db2b40820d4b262b230fbef0fe135b8b791398e7
Sha256: d6fb75f6b3e3174177c2972b16e8c21b94f76816180e0e26ca411751f65c2121
                                        
                                            GET /textinputassistant/tia.png HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&dcr=0&ei=axYpWqScI4u5ygX467HoAw
Cookie: 1P_JAR=2017-12-07-10; NID=118=V3ENk8MZIryBVGpuRorhE8XGsaPiKhKPoRteLUK1QvKhzXffpShzE-XbnwXivy8K3XoDpYqLzM_2wj_sT9tE6H1FW0j-Ggqu_ZglwZlSu9vxVwGbPaldzheOFaS06ScL

                                         
                                         209.85.233.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Content-Length: 258
Date: Thu, 07 Dec 2017 09:18:15 GMT
Expires: Fri, 07 Dec 2018 09:18:15 GMT
Last-Modified: Thu, 08 Dec 2016 15:30:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 3860
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  PNG image, 27 x 23, 8-bit/color RGB, non-interlaced
Size:   258
Md5:    201e50d8dd7a30c0a918213686ca43b7
Sha1:   6678592120e899f0d2245c8afeaf9d4a3043c41b
Sha256: c532312eea8020a0370685b222a02b11becd58cd394b509029dff5956127dd81
                                        
                                            GET /images/branding/googlelogo/1x/googlelogo_white_background_color_272x92dp.png HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&dcr=0&ei=axYpWqScI4u5ygX467HoAw
Cookie: 1P_JAR=2017-12-07-10; NID=118=V3ENk8MZIryBVGpuRorhE8XGsaPiKhKPoRteLUK1QvKhzXffpShzE-XbnwXivy8K3XoDpYqLzM_2wj_sT9tE6H1FW0j-Ggqu_ZglwZlSu9vxVwGbPaldzheOFaS06ScL

                                         
                                         209.85.233.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Content-Length: 5482
Date: Thu, 07 Dec 2017 10:22:36 GMT
Expires: Thu, 07 Dec 2017 10:22:36 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Thu, 08 Dec 2016 01:00:57 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  PNG image, 272 x 92, 8-bit/color RGB, non-interlaced
Size:   5482
Md5:    b593548ac0f25135c059a0aae302ab4d
Sha1:   340e2151bb68e85fe92882f39eca3d1728d0a46c
Sha256: 44fc041cb8145b4ef97007f85bdb9abdb9a50d744e258b0c4bb01f1d196bf105
                                        
                                            GET /images/branding/product/ico/googleg_lodp.ico HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: 1P_JAR=2017-12-07-10; NID=118=V3ENk8MZIryBVGpuRorhE8XGsaPiKhKPoRteLUK1QvKhzXffpShzE-XbnwXivy8K3XoDpYqLzM_2wj_sT9tE6H1FW0j-Ggqu_ZglwZlSu9vxVwGbPaldzheOFaS06ScL

                                         
                                         209.85.233.94
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 07 Dec 2017 10:22:35 GMT
Expires: Thu, 07 Dec 2017 10:22:35 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Thu, 08 Dec 2016 01:00:57 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   1494
Md5:    18383378c91b40b088b91b7dd19e1d47
Sha1:   811561a24e52b8e08950771dd1a7414e66967c00
Sha256: 2624719399b42e74b0b1d4eb0ca4a2756bb7080e74cdb6eb53f446c9a78b405c
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Dec 2017 10:22:36 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    a40eeac77f23a3a2b09ce5ca161abeec
Sha1:   a52be62b97b0e3965f0624c7de9d7cf2d598349e
Sha256: 9b160e029be2699b9aa962d562720202a3f2f768d079051a97a17144997bc39c
                                        
                                            GET /xjs/_/js/k=xjs.hp.en_US.lRnqgZCbycc.O/m=sb_he,d/am=ABA/rt=j/d=1/t=zcms/rs=ACT90oGXePKUT9i1UbJxnYLlTN3GfGbolA HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&dcr=0&ei=axYpWqScI4u5ygX467HoAw
Cookie: 1P_JAR=2017-12-07-10; NID=118=V3ENk8MZIryBVGpuRorhE8XGsaPiKhKPoRteLUK1QvKhzXffpShzE-XbnwXivy8K3XoDpYqLzM_2wj_sT9tE6H1FW0j-Ggqu_ZglwZlSu9vxVwGbPaldzheOFaS06ScL

                                         
                                         209.85.233.94
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 53457
Date: Thu, 07 Dec 2017 10:09:06 GMT
Expires: Fri, 07 Dec 2018 10:09:06 GMT
Last-Modified: Tue, 05 Dec 2017 00:29:14 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 810
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   53457
Md5:    9246d41dc454a593d49b8d84cfc2421a
Sha1:   05ade81badaa806ea24322c01bd1ed6d344f314e
Sha256: de39a1f4cf206b9f89c789a19d9b4913dd4343a3aa029a0760d107fd1857ae1b
                                        
                                            GET /images/nav_logo229.png HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&dcr=0&ei=axYpWqScI4u5ygX467HoAw
Cookie: 1P_JAR=2017-12-07-10; NID=118=V3ENk8MZIryBVGpuRorhE8XGsaPiKhKPoRteLUK1QvKhzXffpShzE-XbnwXivy8K3XoDpYqLzM_2wj_sT9tE6H1FW0j-Ggqu_ZglwZlSu9vxVwGbPaldzheOFaS06ScL

                                         
                                         209.85.233.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Content-Length: 12263
Date: Thu, 07 Dec 2017 10:22:36 GMT
Expires: Thu, 07 Dec 2017 10:22:36 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Fri, 16 Dec 2016 12:30:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  PNG image, 167 x 305, 8-bit/color RGBA, non-interlaced
Size:   12263
Md5:    1b12cab0347f8728af450fe2457e79c3
Sha1:   af13a78470385e8e483c58ddc1a9c21386ea8a03
Sha256: ca858453ce21cabdf9911c6fa3291aa630df344244bc183a4d5ae9972e59f675
                                        
                                            GET /gb/images/b_8d5afc09.png HTTP/1.1 
Host: ssl.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&dcr=0&ei=axYpWqScI4u5ygX467HoAw

                                         
                                         209.85.233.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Vary: Origin
Content-Length: 9760
Date: Mon, 04 Dec 2017 12:47:52 GMT
Expires: Tue, 04 Dec 2018 12:47:52 GMT
Last-Modified: Thu, 21 Apr 2016 03:17:22 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 250484
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  PNG image, 161 x 273, 8-bit/color RGBA, non-interlaced
Size:   9760
Md5:    5ad0cc06381cd23bbf32d659120ee90b
Sha1:   7f78973dac6ca1280f46e232016d20156c26e913
Sha256: 1a69b7eaec79f08a9d565b7c785f02e212ededc1f641901ee78cecfba1cef60f
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Dec 2017 10:22:36 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    7bfd07024e479e572eea6faad6db4c0c
Sha1:   3c83059d5555e95783bb33fe039949c2b5f2f58a
Sha256: 649c68e6f662cc868d28714a6ca43947ca47a3a6118751c63a5ef7724b4ed62b
                                        
                                            GET /client_204?&atyp=i&biw=1176&bih=754&ei=axYpWsC7LsyL6ASUxr-wAw HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&dcr=0&ei=axYpWqScI4u5ygX467HoAw
Cookie: 1P_JAR=2017-12-07-10; NID=118=V3ENk8MZIryBVGpuRorhE8XGsaPiKhKPoRteLUK1QvKhzXffpShzE-XbnwXivy8K3XoDpYqLzM_2wj_sT9tE6H1FW0j-Ggqu_ZglwZlSu9vxVwGbPaldzheOFaS06ScL

                                         
                                         209.85.233.94
HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 07 Dec 2017 10:22:36 GMT
Server: gws
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2017-12-07-10; expires=Sat, 06-Jan-2018 10:22:36 GMT; path=/; domain=.google.no
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
                                        
                                            GET /generate_204 HTTP/1.1 
Host: clients1.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&dcr=0&ei=axYpWqScI4u5ygX467HoAw
Cookie: 1P_JAR=2017-12-07-10; NID=118=V3ENk8MZIryBVGpuRorhE8XGsaPiKhKPoRteLUK1QvKhzXffpShzE-XbnwXivy8K3XoDpYqLzM_2wj_sT9tE6H1FW0j-Ggqu_ZglwZlSu9vxVwGbPaldzheOFaS06ScL

                                         
                                         216.58.211.131
HTTP/1.1 204 No Content
                                        
Content-Length: 0
Date: Thu, 07 Dec 2017 10:22:36 GMT
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
                                        
                                            GET /gb/js/sem_08cb88615f61c75cb1d39296cc472432.js HTTP/1.1 
Host: ssl.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&dcr=0&ei=axYpWqScI4u5ygX467HoAw

                                         
                                         209.85.233.94
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Content-Length: 20674
Date: Wed, 06 Dec 2017 13:20:51 GMT
Expires: Thu, 06 Dec 2018 13:20:51 GMT
Last-Modified: Wed, 15 Nov 2017 03:45:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 75705
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   20674
Md5:    3e4cc468e2669cd35bcc41557e4f096c
Sha1:   559b9bc5d83bf9688ab8ed716f4f7da9a44c9381
Sha256: d3d2404a045935aaf935c32052cb617b4c4fc88b5ee62a70be1270591d38940f