Overview

URL quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9
IP50.19.252.69
ASNAS14618 Amazon.com, Inc.
Location United States
Report completed2017-12-18 18:08:38 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2017-12-18 18:14:47 CET 1  50.19.240.192 Client IP ETPRO CURRENT_EVENTS Microsoft Live Account Verification Phishing Landing Nov 20 2017


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 50.19.252.69

Date UQ / IDS / BL URL IP
2018-04-18 18:42:46 +0200
0 - 0 - 0 50.19.252.69 50.19.252.69
2018-04-16 22:22:08 +0200
0 - 0 - 0 wildcard.memberful.com.herokudns.com 50.19.252.69
2018-03-30 11:33:47 +0200
0 - 0 - 0 https://list.ly/list/1qhm-bellfeed-articles 50.19.252.69
2018-03-07 21:59:20 +0100
0 - 0 - 0 carousell.totemapp.com/ 50.19.252.69
2018-03-02 17:46:20 +0100
0 - 0 - 0 https://www.evanta.com/cio/summit/chicago#gov (...) 50.19.252.69
2018-03-02 09:21:49 +0100
0 - 0 - 0 httpbin.org/get?show_env=1 50.19.252.69
2018-02-09 22:51:51 +0100
0 - 0 - 0 https://emails.alignable.com/c/bD0lMkYmdT0lM0 (...) 50.19.252.69
2018-02-07 18:42:31 +0100
0 - 0 - 0 https://httpbin.org 50.19.252.69
2018-01-25 03:25:41 +0100
0 - 0 - 0 https://git.io/vN0n4 50.19.252.69
2018-01-18 18:58:10 +0100
0 - 0 - 0 dr75.webredirect.org/sect/iv6cwjbhfw59ae2de18 (...) 50.19.252.69

Last 10 reports on ASN: AS14618 Amazon.com, Inc.

Date UQ / IDS / BL URL IP
2019-01-18 15:40:26 +0100
0 - 0 - 0 email.notifications.payable.com/c/eJwVjk2KxCA (...) 52.72.166.195
2019-01-18 15:39:01 +0100
0 - 0 - 1 cloudnet2.com/208061/Media_Converter_208061.exe 50.16.239.57
2019-01-18 15:33:03 +0100
0 - 0 - 0 platform.shopmsg.me 52.72.250.2
2019-01-18 15:24:50 +0100
0 - 0 - 1 moztweak.com/downloads/bs-0216-softpublisher- (...) 54.84.55.49
2019-01-18 15:17:27 +0100
0 - 0 - 2 snowdive.top/installs/3299/db1f4cbf.exe 52.4.209.250
2019-01-18 15:16:58 +0100
0 - 0 - 1 botz.in/f/6e3f56cb8a4243035867b5a7e7fd156e.exe 52.0.7.30
2019-01-18 15:15:56 +0100
0 - 0 - 1 botz.in/f/0834d8c6ab7de0f83e4d232d6792ec81.exe 52.0.7.30
2019-01-18 15:13:33 +0100
0 - 0 - 1 botz.in/f/7522b64695ab881eaad7bfa0e3194fd3.exe 52.0.7.30
2019-01-18 15:13:32 +0100
0 - 0 - 1 botz.in/f/1d3b787a0281d2638fa95279dc7d875a.exe 52.0.7.30
2019-01-18 15:13:03 +0100
0 - 0 - 1 botz.in/f/253355544af8e1814601d802a98ecbe8.exe 52.0.7.30

Last 1 reports on domain: quav.webredirect.org

Date UQ / IDS / BL URL IP
2017-12-20 07:34:22 +0100
0 - 0 - 1 quav.webredirect.org/sect/ams65thqh55a0011758 (...) 174.129.214.98


JavaScript

Executed Scripts (3)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (17)


Request Response
                                        
                                            GET /sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9 HTTP/1.1 
Host: quav.webredirect.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         50.19.240.192
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Connection: keep-alive
Date: Mon, 18 Dec 2017 17:14:41 GMT
Server: Apache
Cache-Control: no-cache
Set-Cookie: laravel_session=eyJpdiI6IllXXC94dVZaM3JLQ1RuaDlqdFR4dEh3PT0iLCJ2YWx1ZSI6Ik1zekR0ZGdpYWc4bWNyaEN0XC8xVW91MVVrT1ErZm5FMCsrSStNV2V6V2RHRnNuQkxPN2JyT2JqYjFzSnVmek5sZCtTWnU1bzJzTUlPUTlmUTBNbFhUdz09IiwibWFjIjoiMWJmMDQzOTdkMzUyMzdjOWUzYTAwODZjODk4YzY5YTczZDcxZTY5MzY2MDFkY2NmNTYwNGFhN2M1NmMxYjQ4NiJ9; expires=Mon, 18-Dec-2017 19:14:41 GMT; Max-Age=7200; path=/; httponly
Transfer-Encoding: chunked
Via: 1.1 vegur


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   6927
Md5:    90ac03d0680fd2372e73ab38fa74ba36
Sha1:   61a52f7efb308ec19aeac5f9016685db4396a96f
Sha256: 2cf32ce8eb4fd6253faf68c087eba503c3bc1836f68af8b9f088528afa0f0db0

Alerts:
  IDS:
    - ETPRO CURRENT_EVENTS Microsoft Live Account Verification Phishing Landing Nov 20 2017
                                        
                                            GET /css?family=Lato:100 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9

                                         
                                         64.233.162.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 18 Dec 2017 17:14:41 GMT
Date: Mon, 18 Dec 2017 17:14:41 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   188
Md5:    117d413af1bd126d11dc8b7854ad4146
Sha1:   30f7884c2fb38f9a4e6640e41702a932c47cecdb
Sha256: 9a394a4d12cb527b1600a87ac2165e9a8f5191699c00d360ebdef34322c3db9a
                                        
                                            GET /css?family=Roboto:300 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9

                                         
                                         64.233.162.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 18 Dec 2017 17:14:41 GMT
Date: Mon, 18 Dec 2017 17:14:41 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   205
Md5:    2b3f6e3bce158bd66a85f2f4e9e02148
Sha1:   b8fdaec29523557abbc0af07b421854ed9a10ffb
Sha256: e406ed0877ac3453f920c5dfaf3d6d1cbbf08954656a07fd93d2b46ff1857168
                                        
                                            POST / HTTP/1.1 
Host: ocsp.msocsp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         104.17.176.200
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 18 Dec 2017 17:14:41 GMT
Content-Length: 1831
Connection: keep-alive
Set-Cookie: __cfduid=d401b62bf7df5189ecdceab03aefb43831513617281; expires=Tue, 18-Dec-18 17:14:41 GMT; path=/; domain=.msocsp.com; HttpOnly
Last-Modified: Mon, 18 Dec 2017 12:55:57 GMT
Expires: Fri, 22 Dec 2017 12:55:57 GMT
Etag: "6f22ba4853f518088b31e266a4dbae3e20b4d3c5"
Cache-Control: max-age=10800,public,no-transform,must-revalidate
X-Cache: HIT
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3cf3c288c618426d-OSL


--- Additional Info ---
Magic:  data
Size:   1831
Md5:    5e4143f871cd6c38388deffa24471d93
Sha1:   6f22ba4853f518088b31e266a4dbae3e20b4d3c5
Sha256: 5d7b36b91457cd66e93efc4c3311b188482f341beb742a0e52f4a44a0f8b7152
                                        
                                            GET /16.000.27486.00/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9

                                         
                                         23.223.31.172
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:15 GMT
Accept-Ranges: bytes
Etag: "809f9ecd71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1C004 V: 0
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=350512
Date: Mon, 18 Dec 2017 17:14:41 GMT
Content-Length: 1435
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   1435
Md5:    1ea9a5ae0b2025e472d0afb30ef385af
Sha1:   0fe07bae4a2d10d4a5bc356d6baa8f851fbf4143
Sha256: 72fc9e1cc2a27060a4288017d1921368289ba55ee5f1c79f6dd4bef7bf3b7e8c
                                        
                                            GET /16.000.27486.00/images/picker_account_msa.svg?x=2d8f86059be176833897099ee6ddedeb HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9

                                         
                                         23.223.31.172
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:16 GMT
Accept-Ranges: bytes
Etag: "03637ce71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1C004 V: 0
Access-Control-Allow-Origin: *
Content-Length: 379
Cache-Control: max-age=210023
Date: Mon, 18 Dec 2017 17:14:41 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   379
Md5:    2d8f86059be176833897099ee6ddedeb
Sha1:   93a2e327027deed53076e86bfa7d9eebbf0cc4b9
Sha256: 34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Mon, 18 Dec 2017 17:14:41 GMT
Etag: "5a379939-1d7"
Expires: Wed, 20 Dec 2017 17:14:41 GMT
Last-Modified: Mon, 18 Dec 2017 10:32:25 GMT
Server: ECS (arn/46A2)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    94ead2e9e1f00c644ddc50922ac7cb6a
Sha1:   95d8cf8f0aaec3e52ebe8251fa22e97fc3ac0730
Sha256: 3311d09855f1b8819719ef9e10fecacbdd5107b320e443bb4a846f5f13d9d7bf
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Mon, 18 Dec 2017 17:14:41 GMT
Etag: "5a37a86a-1d7"
Expires: Wed, 20 Dec 2017 17:14:41 GMT
Last-Modified: Mon, 18 Dec 2017 11:37:14 GMT
Server: ECS (arn/46D1)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c12a8d2b31987e256057875747caf9a5
Sha1:   eca7db2a1acf9a3294c5f7c8195a7f5bb330fdc9
Sha256: ecc0e7acd134664d23ef5be635597539c35b4b0ebd5965dc9c5b3c28ea910872
                                        
                                            GET /assets/general/normalize.css HTTP/1.1 
Host: stark-depths-34094.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9

                                         
                                         54.243.204.100
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: keep-alive
Date: Mon, 18 Dec 2017 17:14:41 GMT
Server: Apache
Last-Modified: Wed, 15 Nov 2017 12:19:50 GMT
Etag: "1e76-55e0485218580"
Accept-Ranges: bytes
Content-Length: 7798
Via: 1.1 vegur


--- Additional Info ---
Magic:  ASCII C program text
Size:   7798
Md5:    7caceed677229c6cc84aa3f4754ff3a4
Sha1:   02fe53286d071637534d5aa2c57c76c168c0d521
Sha256: 0da50cff35708a2790dac0457ecdc3e52e3c811caef93c274fb3f394e7e8b6bf
                                        
                                            GET /assets/outlook/css.css HTTP/1.1 
Host: stark-depths-34094.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9

                                         
                                         54.243.204.100
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: keep-alive
Date: Mon, 18 Dec 2017 17:14:41 GMT
Server: Apache
Last-Modified: Wed, 15 Nov 2017 12:19:50 GMT
Etag: "f3-55e0485218580"
Accept-Ranges: bytes
Content-Length: 243
Via: 1.1 vegur


--- Additional Info ---
Magic:  troff or preprocessor input text
Size:   243
Md5:    1b072db5ecd719a790f5a99facbe5e7b
Sha1:   15dfdb0769f7ec100e3067c1bd13d649f4e10378
Sha256: 1463d517f86a5027f0ebe745d551757e76e20e075578d1b23f84c73e8f9954e2
                                        
                                            GET /assets/general/uiexchange.js HTTP/1.1 
Host: stark-depths-34094.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9

                                         
                                         54.243.204.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: keep-alive
Date: Mon, 18 Dec 2017 17:14:41 GMT
Server: Apache
Last-Modified: Wed, 15 Nov 2017 12:19:50 GMT
Etag: "3430-55e0485218580"
Accept-Ranges: bytes
Content-Length: 13360
Via: 1.1 vegur


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   13360
Md5:    4ff108e4584780dce15d610c142c3e62
Sha1:   77e4519962e2f6a9fc93342137dbb31c33b76b04
Sha256: fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
                                        
                                            GET /assets/general/jquery.js HTTP/1.1 
Host: stark-depths-34094.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9

                                         
                                         54.243.204.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: keep-alive
Date: Mon, 18 Dec 2017 17:14:41 GMT
Server: Apache
Last-Modified: Wed, 15 Nov 2017 12:19:50 GMT
Etag: "14a8d-55e0485218580"
Accept-Ranges: bytes
Content-Length: 84621
Via: 1.1 vegur


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   84621
Md5:    8dc163c822c3bfa264f8a282be2c6ef5
Sha1:   5aafe51a3edd9e685f3cdf2c953c884bb365f49b
Sha256: a294fb8bca0e3cd0eb2e1b0cb2c7dbb9c939098c8ef8ba572e16e6d7a6752814
                                        
                                            GET /assets/general/foundation.css HTTP/1.1 
Host: stark-depths-34094.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9

                                         
                                         54.243.204.100
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: keep-alive
Date: Mon, 18 Dec 2017 17:14:41 GMT
Server: Apache
Last-Modified: Wed, 15 Nov 2017 12:19:50 GMT
Etag: "2db82-55e0485218580"
Accept-Ranges: bytes
Content-Length: 187266
Via: 1.1 vegur


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   187266
Md5:    510c3f64837b2109c01c215da59b2294
Sha1:   51e64d0e13bdf55d0ae5faaaed6f1fd925e971f8
Sha256: 383092b23d8ac142552cc4d56ea71719a2e80e21e72e66aff02f861757a28c3f
                                        
                                            GET /16.000.27486.00/images/picker_account_msa.svg?x=2d8f86059be176833897099ee6ddedeb HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9
Range: bytes=0-
If-Range: "03637ce71d31:0"

                                         
                                         23.223.31.172
HTTP/1.1 206 Partial Content
Content-Type: image/svg+xml
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:16 GMT
Accept-Ranges: bytes
Etag: "03637ce71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1C004 V: 0
Access-Control-Allow-Origin: *
Cache-Control: max-age=210022
Date: Mon, 18 Dec 2017 17:14:42 GMT
Content-Range: bytes 0-378/379
Content-Length: 379
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   379
Md5:    2d8f86059be176833897099ee6ddedeb
Sha1:   93a2e327027deed53076e86bfa7d9eebbf0cc4b9
Sha256: 34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
                                        
                                            GET /s/roboto/v18/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Roboto:300
Origin: http://quav.webredirect.org

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19916
Date: Sun, 10 Dec 2017 18:45:01 GMT
Expires: Mon, 10 Dec 2018 18:45:01 GMT
Last-Modified: Mon, 16 Oct 2017 17:32:42 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 685781


--- Additional Info ---
Magic:  data
Size:   19916
Md5:    a1471d1d6431c893582a5f6a250db3f9
Sha1:   ff5673d89e6c2893d24c87bc9786c632290e150e
Sha256: 3ab30e780c8b0bcc4998b838a5b30c3bfe28edead312906dc3c12271fae0699a
                                        
                                            GET /16.000.27486.00/images/Backgrounds/0.jpg?x=f5a9a9531b8f4bcc86eabb19472d15d5 HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://quav.webredirect.org/sect/ams65thqh55a00117584eb0/5a37d4a85dfd6/bWVwcGVyc29uQHJ5ZGV4aW52ZXN0bWVudHMuY29t?forced=1&tg=b2ZmaWNlb2ZmaWNpYWwy&s=ZXlKcGRpSTZJa1pJYTFBd1ozRTJWVEJ0Y0haaVkxZ3haRmR2VjNjOVBTSXNJblpoYkhWbElqb2lYQzgwZUhGelNWWkxlR1o0YkdWSFdqQXJWRmxqUWpGVlEwWmhPVU51TkRVM2NHdDBablpwYmxkdFkxcHlWM29yVTNsUVVXbFRTR1ZvY0U1amVrUnZhRkp5VldaY0wxd3ZXRTVjTDNwWFhDOVVXRmt4ZDJOWU5XMW9kVkJ1Vm5oc05XbzNhazFPUW1sb2EzSXdPRmRoTWpGRGIzWTJPRVZtYlZsMlZYYzVWMHcwWEM5MFYzRTFaMnMxTldwY0wySnVTbTlXZEZOb1JXZFVaa0l4VUhCMmRFSjFUVlJsYlZCTFEwMU5ZVnBhT0hobWJ6MGlMQ0p0WVdNaU9pSmxOR0k0WXprM1ltVXlOMlF3Wm1Ga09UbGlOVFJpTUdZeE5tRXhZVFkxWXpObE4yRTBNVGxtWXpZelpqSTJaamRpWVRGaE1tTTVNamhtWkRJM1l6ZzJJbjA9

                                         
                                         23.223.31.172
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:15 GMT
Accept-Ranges: bytes
Etag: "809f9ecd71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1C004 V: 0
Access-Control-Allow-Origin: *
Content-Length: 298105
Cache-Control: max-age=147268
Date: Mon, 18 Dec 2017 17:14:42 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   298105
Md5:    f5a9a9531b8f4bcc86eabb19472d15d5
Sha1:   0aac0b09708622c679768aa62b11d95f0e8388de
Sha256: 62faab60433070e2ea52c235f0f18db228759f2a08bb6f9e5711630df8321214
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: quav.webredirect.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: laravel_session=eyJpdiI6IllXXC94dVZaM3JLQ1RuaDlqdFR4dEh3PT0iLCJ2YWx1ZSI6Ik1zekR0ZGdpYWc4bWNyaEN0XC8xVW91MVVrT1ErZm5FMCsrSStNV2V6V2RHRnNuQkxPN2JyT2JqYjFzSnVmek5sZCtTWnU1bzJzTUlPUTlmUTBNbFhUdz09IiwibWFjIjoiMWJmMDQzOTdkMzUyMzdjOWUzYTAwODZjODk4YzY5YTczZDcxZTY5MzY2MDFkY2NmNTYwNGFhN2M1NmMxYjQ4NiJ9

                                         
                                         50.19.240.192
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Connection: keep-alive
Date: Mon, 18 Dec 2017 17:14:42 GMT
Server: Apache
Last-Modified: Fri, 20 Oct 2017 16:07:56 GMT
Etag: "0-55bfcad018f00"
Accept-Ranges: bytes
Content-Length: 0
Via: 1.1 vegur


--- Additional Info ---