Overview

URL https://afff.site/?a=3658
IP34.254.128.141
ASNAS22717 Halliburton Company
Location United States
Report completed2019-02-24 01:12:37 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-02-24 2 win.stack-prizes01.com/proc.php?04e9e0efafacf65e62f5478033d948efeeb784c9 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 34.254.128.141

Date UQ / IDS / BL URL IP
2019-03-21 12:40:31 +0100
0 - 0 - 1 askdots.com/ 34.254.128.141
2019-02-28 19:23:52 +0100
0 - 0 - 0 cooffr.com/?a=3421&c=19366&s1=&s2=5e414004-c7 (...) 34.254.128.141

Last 10 reports on ASN: AS22717 Halliburton Company

Date UQ / IDS / BL URL IP
2019-06-25 02:56:59 +0200
0 - 3 - 0 lxp.klp.pw 34.253.21.225
2019-06-19 09:51:49 +0200
0 - 0 - 1 www.limalin-setu.com/+++jM_/UonI/-+-+-+-%20/s (...) 34.253.36.147
2019-06-10 20:23:51 +0200
0 - 0 - 1 amazonida.jp/pjj 34.254.1.203
2019-06-10 20:23:51 +0200
0 - 0 - 1 amazonida.jp/it 34.254.1.203
2019-06-10 20:23:48 +0200
0 - 0 - 1 amazonida.jp/6m74g 34.254.1.203
2019-06-10 14:55:37 +0200
0 - 0 - 1 icloud.jp-server.jp/index.html 34.254.1.203
2019-06-10 14:55:36 +0200
0 - 0 - 1 icloud.jp-server.jp/windows 34.254.1.203
2019-06-10 14:55:35 +0200
0 - 0 - 1 icloud.jp-server.jp/fzz 34.254.1.203
2019-06-10 14:55:35 +0200
0 - 0 - 1 icloud.jp-server.jp/tnn 34.254.1.203
2019-06-10 14:55:34 +0200
0 - 0 - 1 icloud.jp-server.jp/jdd 34.254.1.203

Last 3 reports on domain: afff.site

Date UQ / IDS / BL URL IP
2019-02-25 07:10:26 +0100
0 - 0 - 1 https://afff.site/?a=3658 52.211.183.132
2018-08-16 05:59:28 +0200
0 - 0 - 1 https://afff.site/?a=4740 34.247.60.17
2018-07-27 11:39:48 +0200
0 - 0 - 1 c.afff.site/ 34.253.248.63


JavaScript

Executed Scripts (48)


Executed Evals (0)


Executed Writes (5)

#1 JavaScript::Write (size: 2, repeated: 1) - SHA256: c59dc4e44ff99288156d4dff2168f6ac7ddee6b1fc7ccc0754656ffaa6d351ea

                                        +1
                                    

#2 JavaScript::Write (size: 13, repeated: 2) - SHA256: e5e82e7883e0b3cb35f5ec2d0d2f5f66e343edcd81eb2cf11eb5612fd1e4fdb2

                                        77.40.129.123
                                    

#3 JavaScript::Write (size: 10, repeated: 2) - SHA256: 9e2abf1f47faabbc6d077205a39501466ec09e2f53a6e404ad85546f9d182ca9

                                        PC Cleanup
                                    

#4 JavaScript::Write (size: 33, repeated: 1) - SHA256: ad038294af99c10bbab93408468b5390a032fa441fdeaae479db586866063fa1

                                        Sunday, February 24, 2019 1: 12 AM
                                    

#5 JavaScript::Write (size: 9, repeated: 32) - SHA256: eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c

                                        undefined
                                    


HTTP Transactions (31)


Request Response
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 24 Feb 2019 00:12:04 GMT
Content-Length: 1517
Connection: keep-alive
Set-Cookie: __cfduid=de8d41b2dd432b14433a0c45ed9131a0a1550967124; expires=Mon, 24-Feb-20 00:12:04 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Sat, 23 Feb 2019 22:45:26 GMT
Expires: Wed, 27 Feb 2019 22:45:26 GMT
Etag: "c2ec8e4b7715d3a90d80dfd1d5be9c3f0711c885"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4addb7f03f4342c1-OSL


--- Additional Info ---
Magic:  data
Size:   1517
Md5:    c43093281713d1097082e7723ad67412
Sha1:   c2ec8e4b7715d3a90d80dfd1d5be9c3f0711c885
Sha256: a94bf84f8a4e5cde7e84048c0ad9e243956dfb005b5aab1ab2db4c8bbd438fff
                                        
                                            GET /?a=3658 HTTP/1.1 
Host: afff.site
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.214.2.140
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Content-Length: 237
Date: Sun, 24 Feb 2019 00:12:04 GMT
Location: http://win.stack-prizes01.com/?utm_medium=0f9976f518c19bbfd969893fd3105db2fa2af9bb&utm_campaign=FB-G-NORS&1=3658
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=JSjUGi2O3XXVfQVNh6MuNTL+QbzxPCrM1/3W8p0h5Q/0IDOW1HPxNg==; domain=.afff.site; path=/; HttpOnly trk=YWDd9B76PSbcq6KJxPTwpzL+QbzxPCrM1/3W8p0h5Q/0IDOW1HPxNg==; domain=.afff.site; expires=Sat, 24-Feb-2024 07:12:04 GMT; path=/; HttpOnly
Connection: close


--- Additional Info ---
Magic:  HTML document text
Size:   237
Md5:    2d89b296707d6150e414899cfd286bf8
Sha1:   692e56d7340a4c790b3eb1926062267a19a0ae75
Sha256: 5ff6e9c96025eab9f973d02172f80bce867d3e46c0266843eff7bc8bb83b7a27
                                        
                                            GET /?utm_medium=0f9976f518c19bbfd969893fd3105db2fa2af9bb&utm_campaign=FB-G-NORS&1=3658 HTTP/1.1 
Host: win.stack-prizes01.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         198.143.165.219
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: u=e61bed37833682cb605621370b1d119d; expires=Mon, 24-Feb-2020 00:12:05 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2323
Md5:    a8210b45093ed4c996b6dd60e105de5c
Sha1:   b9013dbc6764549721335420e3209547338d5781
Sha256: f41f4e8f2069f8bc051138427f6635ca8b68c3077526c8f410d3deff6cc16b5f
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: win.stack-prizes01.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: u=e61bed37833682cb605621370b1d119d

                                         
                                         198.143.165.219
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:06 GMT
Content-Length: 1150
Last-Modified: Wed, 04 Oct 2017 19:16:17 GMT
Connection: keep-alive
Etag: "59d53381-47e"
Expires: Mon, 25 Feb 2019 00:12:06 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1150
Md5:    91abe01116ab422c598e9c8af72cf4da
Sha1:   0f2815fe8e067d48537ad168225ab4674271fa27
Sha256: b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
                                        
                                            GET /?utm_term=6661353079062921635&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab9bb82b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafccdc2c6c0c1c2c1c1f5fafbf8f9fefdfefdf2f3a1f9f6fff4f5b5 HTTP/1.1 
Host: win.stack-prizes01.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://win.stack-prizes01.com/?utm_medium=0f9976f518c19bbfd969893fd3105db2fa2af9bb&utm_campaign=FB-G-NORS&1=3658
Cookie: u=e61bed37833682cb605621370b1d119d

                                         
                                         198.143.165.219
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1729
Md5:    6d4c7529487170927d204c99f1ef08d3
Sha1:   a29caf1f427b715df846561d0f0fb0bf930bbcf9
Sha256: 116a2b4c123a4c1beae35fd7fa4598f0891c2d63c217196a35d923578ef0fc3c
                                        
                                            GET /proc.php?04e9e0efafacf65e62f5478033d948efeeb784c9 HTTP/1.1 
Host: win.stack-prizes01.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://win.stack-prizes01.com/?utm_term=6661353079062921635&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab9bb82b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafccdc2c6c0c1c2c1c1f5fafbf8f9fefdfefdf2f3a1f9f6fff4f5b5
Cookie: u=e61bed37833682cb605621370b1d119d

                                         
                                         198.143.165.219
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tracking.marketing/e7acd77b-6484-4010-bef0-64552b7907f1?partner_id=672&pid=672-12232ce4&payout=[[amount]]&clickid=6661353079062921635


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Feb 2019 21:07:48 GMT
Etag: 9C720518C7BD04260B84239F36E4434C5CC68C6B
X-OCSP-Responder-ID: mcdpcaocsp7
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=74717
Expires: Sun, 24 Feb 2019 20:57:23 GMT
Date: Sun, 24 Feb 2019 00:12:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    7ca811cfa7d99329d80fde12a7b169db
Sha1:   9c720518c7bd04260b84239f36e4434c5cc68c6b
Sha256: b780fc1eb4a9ae57aa80840c012ff228f54b3e264b175b441683e7534f65c496
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Fri, 22 Feb 2019 22:59:25 GMT
Etag: 9300433B9554A5E7B412151762A296009D0050E9
X-OCSP-Responder-ID: mcdpcaocsp7
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=513463
Expires: Fri, 01 Mar 2019 22:49:49 GMT
Date: Sun, 24 Feb 2019 00:12:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    5df2654bc18ddd052f6300befb1de450
Sha1:   9300433b9554a5e7b412151762a296009d0050e9
Sha256: 1cd914f45fad402a2f7aea485cafdea0362717c28b257ea661ec03c4572e1ec1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Fri, 22 Feb 2019 22:59:25 GMT
Etag: 4F0462C594D0084F9667697900A631B04982F2FB
X-OCSP-Responder-ID: mcdpcaocsp3
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=513404
Expires: Fri, 01 Mar 2019 22:48:50 GMT
Date: Sun, 24 Feb 2019 00:12:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    52a520e3dce2e211b8e7130845e0c69d
Sha1:   4f0462c594d0084f9667697900a631b04982f2fb
Sha256: 09048a1d352e795ebded4412bcff4734c900484a71d6f3564631d2bffa206d96
                                        
                                            GET /e7acd77b-6484-4010-bef0-64552b7907f1?partner_id=672&pid=672-12232ce4&payout=[[amount]]&clickid=6661353079062921635 HTTP/1.1 
Host: tracking.marketing
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://win.stack-prizes01.com/?utm_term=6661353079062921635&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab9bb82b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafccdc2c6c0c1c2c1c1f5fafbf8f9fefdfefdf2f3a1f9f6fff4f5b5

                                         
                                         18.184.38.55
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635
Pragma: no-cache
Set-Cookie: e7acd77b-6484-4010-bef0-64552b7907f1-v4=e7acd77b-6484-4010-bef0-64552b7907f1;domain=tracking.marketing;path=/;HttpOnly cep-v4=zhqweK_pSpIu6MH6mTv-PkoWe_RUNNl6h6nvrzy2Ajpo-ACdrjF1msCB5hmtNXMmedqnEX-TPJvtXBKNph8ywWsRlE3N8SowTG4iE5LzaOoAkPj8D03S-19k7l0m2Ob-nU_zxjk6Hd_sql7uy5AOU-5RWbt9RvpHAvJ5FCgCemcvTPZ9IMSCzKgSUu_pOC3d-xzYuh1Vs0AI5XzN78IT460H5yi4QH3Jos7x6b_sJAFaK9tu21QKv5lMDpB5SkIFXs-bglu71pqACf9-SXTqjw;Max-Age=86400;Expires=Mon, 25-Feb-2019 00:12:07 GMT;domain=tracking.marketing;path=/;HttpOnly


--- Additional Info ---
                                        
                                            GET /tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635 HTTP/1.1 
Host: www.microsoft.com-repair-windows.live
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://win.stack-prizes01.com/?utm_term=6661353079062921635&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab9bb82b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafccdc2c6c0c1c2c1c1f5fafbf8f9fefdfefdf2f3a1f9f6fff4f5b5

                                         
                                         52.29.39.28
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Cache-Control: no-store, no-cache, private, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 0
Content-Length: 3292
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sun, 24 Feb 2019 00:12:07 GMT
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3292
Md5:    9a44ed3729bc7d636b6c3fc63debfd9c
Sha1:   fe34e68f34df252cc94a526bbed464662a6e9f6a
Sha256: f04806c01e7e7a4a5554bb8d018c2a0356bf71fe0a51e8fe43313dee66a203f8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Feb 2019 15:43:12 GMT
Etag: 44D314789A5A521BF72783F038E1FFADF087B79A
X-OCSP-Responder-ID: mcdpcaocsp3
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=55312
Expires: Sun, 24 Feb 2019 15:33:59 GMT
Date: Sun, 24 Feb 2019 00:12:07 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    0fff76181e1f25fc3c58787cd51fb3d2
Sha1:   44d314789a5a521bf72783f038e1ffadf087b79a
Sha256: 24575006a2bd3c4c207a3d30ab4d16dfbe8e73c07f7191321a9df11b67dd920e
                                        
                                            GET /jquery-3.3.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         205.185.208.52
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sun, 24 Feb 2019 00:12:07 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 30288
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
Etag: W/"5a637bd4-1538f"
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1550967127.dop007.sk1.t,1550967127.cds055.sk1.shn,1550967127.dop007.sk1.t,1550967127.cds008.sk1.c


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   30288
Md5:    d549b312f7a7d228b4ec229a6547dfdc
Sha1:   0766794582ad530ec0f8c2595f741086afffa312
Sha256: f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
                                        
                                            GET /wintonic/language-version-1.js HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:37 GMT
Etag: W/"208002f-286-579291d6784dc"
Vary: Accept-Encoding
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Content-Encoding: gzip
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   212
Md5:    99aa3dc2bd39f45a7472c0a6973af2b0
Sha1:   1f8425f4af9d58b4a49d6dd79144e52c1ced1daf
Sha256: 771daba88988e9a490f757727de19bc9f650be684715b76c272d2209d4ab6813
                                        
                                            GET /wintonic/main.css HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:38 GMT
Etag: W/"2080033-312a-579291d7c7437"
Vary: Accept-Encoding
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Content-Encoding: gzip
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2466
Md5:    7427e7a218949ed8218d57dcdcb24bb6
Sha1:   a5aae4db265e649c1870799f0cfd448e845debd9
Sha256: 0cc321363ea5079dacf46d74881327bf2a35a18a9e40c5ee06c7f69e5c2b7ac0
                                        
                                            GET /wintonic/icon_saf.png HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 487
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:37 GMT
Etag: "208002d-1e7-579291d60223e"
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Accept-Ranges: bytes
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  PNG image, 41 x 27, 8-bit colormap, non-interlaced
Size:   487
Md5:    49d5ea266773725cab19e0eb03ca4936
Sha1:   b4f649a30acac282306f1dff23323be70d72ef35
Sha256: 36f016b0cf55a9ec191762f78060fd203ee96aff86407e0612982f09a3b2faee
                                        
                                            GET /wintonic/arrow_animation.gif HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 7944
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:36 GMT
Etag: "2080028-1f08-579291d5237c1"
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Accept-Ranges: bytes
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  GIF image data, version 89a, 52 x 81
Size:   7944
Md5:    191a79ed3fd7888397607c5c11d01c0a
Sha1:   42b787651fb505f62baa7bf1b6c3799a83545f01
Sha256: 5b51195b8674efdfbf920a779f9eb0ab2761a44c1d634ac7fb5bb0a19800aaa5
                                        
                                            GET /wintonic/language-set.js HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Oct 2018 11:12:28 GMT
Etag: W/"208002e-13e0a-5795c24ff6702"
Vary: Accept-Encoding
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Content-Encoding: gzip
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   24138
Md5:    955c152fdf7f07783bb010d86c59367d
Sha1:   d63eb6442bc7266ee4fc775e95fffb08879c5b3a
Sha256: 60ca343beb133bf12b2e0766f4ba6eec87f2a50eea2ad5cbe183c7d698e6a7c7
                                        
                                            GET /wintonic/script.js HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 19 Feb 2019 14:37:30 GMT
Etag: W/"208000d-8e6-582402e5d7c8f"
Vary: Accept-Encoding
X-Age: 120781
X-Cache: HIT
X-Storage: 579691579:8001
Content-Encoding: gzip
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   963
Md5:    b47a1b2578ed3646af69cb6dac444874
Sha1:   b670545368779264c90cfb28d5eff8098d0e9c30
Sha256: 6d6283e9daeae46a375f3ffd13b53906964987dd60bbc3304e9dd30c7f10545d
                                        
                                            GET /wintonic/main.js HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:38 GMT
Etag: W/"2080032-332-579291d793818"
Vary: Accept-Encoding
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Content-Encoding: gzip
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   423
Md5:    24249f8bcf2cde002d80fe93d4b4e33f
Sha1:   c3bcfbf3eaf160c72ba5e26072b798622b2d4218
Sha256: b33342184a4144204fe1dfd6e2487e572e1c437b83d210725c416883233e6317
                                        
                                            GET /wintonic/arrow_animation2.gif HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 7948
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:35 GMT
Etag: "2080027-1f0c-579291d4f8842"
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Accept-Ranges: bytes
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  GIF image data, version 89a, 52 x 81
Size:   7948
Md5:    349b50e16935b94e57e41057242b027e
Sha1:   605040917d46275c90e32a4d8b8012a4f4f5fc0c
Sha256: 3daba949a682d184ffb892cd8b1a1ce4e4e9b13cb8d8e70334110a3c62a142cd
                                        
                                            GET /wintonic/windows_warning.png HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 3766
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:41 GMT
Etag: "2080036-eb6-579291d9d9890"
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Accept-Ranges: bytes
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  PNG image, 104 x 100, 8-bit/color RGBA, non-interlaced
Size:   3766
Md5:    9c18b5b03e84cff76a11af8b38675412
Sha1:   264aaf0c3402af05c05da515647f4820bd010262
Sha256: 5b668e040f2a37da85988289b1ffab9689e1040261fd5ec83c75e2083ec225f0
                                        
                                            GET /wintonic/moment-with-locales.min.js HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:42 GMT
Etag: W/"2080034-51e22-579291db6fc8a"
Vary: Accept-Encoding
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Content-Encoding: gzip
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   68191
Md5:    596d15e479c326934d94647d9124e7d9
Sha1:   c3474258724266af350dffde825ec737e86217f2
Sha256: c33b668e9f4f9962f3b96a701d25ccb005e039cf669228dc07fcef13f2d558ff
                                        
                                            GET /wintonic/header-bar3.png HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 7774
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:36 GMT
Etag: "208002c-1e5e-579291d5eab3f"
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Accept-Ranges: bytes
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  PNG image, 2457 x 179, 8-bit colormap, non-interlaced
Size:   7774
Md5:    f70354c70bb1a712be321ad68f3af4c6
Sha1:   8a7f3e71d159b0addc52f76815ab6a27e13c8852
Sha256: 7aaa3cf934609efcc6c49030df4cfed6e05b3bd57efbb082418b268aed8e3407
                                        
                                            GET /wintonic/tick.png HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 381
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:39 GMT
Etag: "2080035-17d-579291d84b195"
X-Age: 71467
X-Cache: HIT
X-Storage: 579691579:8001
Accept-Ranges: bytes
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   381
Md5:    1ef4e0a8e19946d2d73c44a63d4e4160
Sha1:   8ede6ac3d58691d4bf744529915a3eae5308662c
Sha256: 562b29e08c7d623d3604b9fce91a6715c5f3d14ce62fee4e3c806b72528402ce
                                        
                                            GET /wintonic/loading.gif HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 14005
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:38 GMT
Etag: "2080030-36b5-579291d730dfa"
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Accept-Ranges: bytes
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  GIF image data, version 89a, 128 x 128
Size:   14005
Md5:    865b37c9ff3d6043d7f7ad85240cb8b6
Sha1:   dbb90ceb0b04b01a8ecb2935086db761d8362718
Sha256: 2ab649297ad5fe176d49bd95696774b8f19ba88b91f82137e15c3f73a1289581
                                        
                                            GET /wintonic/dreq.png HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 720
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:36 GMT
Etag: "208002b-2d0-579291d5a55e0"
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Accept-Ranges: bytes
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  PNG image, 64 x 64, 8-bit colormap, non-interlaced
Size:   720
Md5:    3d8d18b36d9ee4ed1bd7afc26ed6fa15
Sha1:   4363e22249e9343a20d061e2539ae5b09f168e08
Sha256: b62f1a81bfc0d281c853d7d1169c8866e33b58c7a990734cb6d6d91b2dbaf49a
                                        
                                            GET /wintonic/cross.png HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 344
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:36 GMT
Etag: "2080029-158-579291d550681"
X-Age: 71471
X-Cache: HIT
X-Storage: 579691579:8001
Accept-Ranges: bytes
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   344
Md5:    7d7f814263c715b2ee3751e2c6d371f0
Sha1:   33e7891bc6da95011d8e82196fc69ae8be920bb1
Sha256: 9b1192a77adc835c1665f249fd08384d10a447271925e6d81fcdc8fdfba7771e
                                        
                                            GET /wintonic/decal.png HTTP/1.1 
Host: pc.ourcdn.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.microsoft.com-repair-windows.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=wS5DTAIlK0F2WCBKcIzRazs7OPkilNnuE0cTDsvyClAss2xsxgIpZR_bB2ZKo2EqbwD0JdQxGMix-_JSTFd8D-gYLKfGHOCKCbELMKVfS_qHcpzaJkQj2-cQFnnywTmnm-5E0MY0jUd-RvFhz-HnadsRIHONcQkOvqrOhzOm5eimrIYFhpLoH-k1k7wf0jbcpwxNATJqJhb4Tc2XcK1qU_j8Pi5v8LuFRZCUaNf9gfu2woaZpTzz5oCQEDjXxKGOwJidnfAifrVokkbBwqygGg&partner_id=672&pid=672-12232ce4&payout=%5B%5Bamount%5D%5D&clickid=6661353079062921635

                                         
                                         94.254.0.211
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 24 Feb 2019 00:12:07 GMT
Content-Length: 112
Connection: keep-alive
Last-Modified: Fri, 26 Oct 2018 22:19:36 GMT
Etag: "208002a-70-579291d5796c0"
X-Age: 71392
X-Cache: HIT
X-Storage: 579691579:8001
Accept-Ranges: bytes
X-Edge-IP: 5.150.254.150
X-Edge-Location: Stockholm, SE


--- Additional Info ---
Magic:  PNG image, 11 x 102, 4-bit colormap, non-interlaced
Size:   112
Md5:    b5c0ef0ead0631ffad8876b121e4be2c
Sha1:   1becbeb533bc8ae136615db03e9bc39482fc02bc
Sha256: 965dda64e39715338f9d580eb450f34299830b803879bd5d0d6087d6dad1ac94
                                        
                                            POST / HTTP/1.1 
Host: ocsp.msocsp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         104.18.25.243
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 24 Feb 2019 00:12:08 GMT
Content-Length: 1831
Connection: keep-alive
Set-Cookie: __cfduid=d5e28005038f9395d6792a3081ee2d9e31550967127; expires=Mon, 24-Feb-20 00:12:07 GMT; path=/; domain=.msocsp.com; HttpOnly
Last-Modified: Sat, 23 Feb 2019 22:42:25 GMT
Expires: Wed, 27 Feb 2019 22:42:25 GMT
Etag: "1fc02be6e0288f296f528efb5ea7867bbc353ec6"
X-Cache: HIT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4addb8054b4a42bb-OSL


--- Additional Info ---
Magic:  data
Size:   1831
Md5:    3956853692c961d704a6d6f686323296
Sha1:   1fc02be6e0288f296f528efb5ea7867bbc353ec6
Sha256: c74f411a7b91ce919d6ce841b6d56c08170f425af471bc0b6960c51f7ea1a9cc
                                        
                                            GET /favicon.ico?v2 HTTP/1.1 
Host: c.s-microsoft.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         72.247.174.123
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Last-Modified: Tue, 09 Jun 2015 04:52:20 GMT
Accept-Ranges: bytes
Etag: "1D0A270110F5A00"
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Credentials: true
P3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Frame-Options: SAMEORIGIN
Content-Length: 17174
Cache-Control: public, max-age=117589
Expires: Mon, 25 Feb 2019 08:51:57 GMT
Date: Sun, 24 Feb 2019 00:12:08 GMT
Connection: keep-alive
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  MS Windows icon resource - 6 icons, 16-colors
Size:   17174
Md5:    12e3dac858061d088023b2bd48e2fa96
Sha1:   e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
Sha256: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21