Overview

URL dostchat.4mg.com/cgi-bin/framed/2074/ust.htm
IP64.136.20.40
ASNAS13446 Netzero,INC.
Location United States
Report completed2017-08-06 09:47:09 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-08-06 2 dostchat.4mg.com/cgi-bin/framed/2074/ust.htm Malware
2017-08-06 2 dostchat.4mg.com/ust.htm Malware
2017-08-06 2 dostchat.4mg.com/fs_img/js/set_homepage.js Malware
2017-08-06 2 dostchat.4mg.com/fs_img/js/overlay.js Malware
2017-08-06 2 dostchat.4mg.com/fs_img/js/pt.js Malware
2017-08-06 2 dostchat.4mg.com/fs_img/js/pt.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 8 reports on IP: 64.136.20.40

Date UQ / IDS / BL URL IP
2017-11-24 13:24:00 +0100
0 - 1 - 0 freegipv.4mg.com/dor9/gary-lt.html 64.136.20.40
2017-11-16 21:56:05 +0100
0 - 0 - 4 htown6.20megsfree.com/index.html 64.136.20.40
2017-11-12 11:58:51 +0100
0 - 0 - 4 www.yennjaker.4mg.com/enaane/ 64.136.20.40
2017-10-03 18:08:02 +0200
0 - 0 - 11 dostchat.4mg.com/cgi-bin/framed/2040/main.htm 64.136.20.40
2017-09-12 11:12:33 +0200
0 - 1 - 4 hunbbgt.gqnu.net/tvshw/boggleg208.html 64.136.20.40
2017-09-07 13:37:17 +0200
0 - 6 - 0 bobby-prometnatehnicna-tehnikainvarnost.freew (...) 64.136.20.40
2017-07-23 00:10:07 +0200
0 - 0 - 2 amvewfa.4mg.com/intimnye-znakomstva-v-nizhnem (...) 64.136.20.40
2017-07-22 16:57:31 +0200
0 - 1 - 0 antibidu.4mg.com/gi9f/wke.html 64.136.20.40

Last 10 reports on ASN: AS13446 Netzero,INC.

Date UQ / IDS / BL URL IP
2017-12-07 17:00:03 +0100
0 - 0 - 11 demongomez1.50megs.com/mamiclub.htm 64.136.20.35
2017-12-06 11:34:43 +0100
0 - 1 - 0 santaril.iceryder.net/wss/royal-santa-lightos.html 64.136.20.37
2017-12-05 17:20:13 +0100
0 - 1 - 0 dereck45.fanspace.com/distc/wme.html 64.136.20.31
2017-12-04 12:40:43 +0100
0 - 0 - 1 lvmummer.mysite.com/ 64.136.20.37
2017-12-03 10:09:02 +0100
0 - 1 - 0 internfe.cz28.com/bee8/paula-deen27s-turk84.html 64.136.20.37
2017-12-02 21:33:13 +0100
2 - 0 - 0 maisetingho.tvheaven.com/zhitomir-seks-uslugi (...) 64.136.20.39
2017-12-02 14:39:26 +0100
0 - 1 - 0 ymadrfer.3dup.net/roal/qashome302.html 64.136.20.37
2017-12-01 16:20:25 +0100
0 - 1 - 0 patricmv.freewebspace.com/ton/fully-cooked-tu (...) 64.136.20.42
2017-12-01 14:55:00 +0100
0 - 1 - 0 timene69.htmlplanet.com/b8j/walmart9j.html 64.136.20.31
2017-11-30 14:37:04 +0100
0 - 0 - 0 thirdpartyoffers.juno.com/TGL3141/5a1b6b6e474 (...) 64.136.45.215

No other reports on domain: .



JavaScript

Executed Scripts (13)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 1648, repeated: 1) - SHA256: d5650183474c0b5e9e43de7f43006b03154a1059f3a8934f16207debce3bb8e5

                                        < !DOCTYPE html > < html > < head > < title > OpenX < /title><base target='_top'/ > < /head><body style='margin:0;padding:0'><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / rr ? ts = 1 fHJpZD1hYTEyMTg4Yy1kMGZhLTRhNWQtODNhNy1hMzljZTc5NGE1Yzh8cnQ9MTUwMjAwNTU5N3xhdWlkPTUzODc3MTI5MnxhdW09RE1JRC5XRUJ8YXVwZj1kaXNwbGF5fHNzaWQ9NTM4ODg4Njg5fHNpZD01MzczMTc3MjV8cHViPTY5MTczfHBjPVVTRHxyYWlkPWJkZDlkMGI3LTMxNGMtNDUyNy04ZDM3LTczYTFiMzhmZmNlYXxycz0xfGNsPTF8YWlkPTUzODUxMjY1OXx0PTR8YXM9MXgxfGxpZD01Mzc4MjI5NjR8b2lkPTUzNzM1MjQxOXxwPTEwMDB8cHI9MTAwMHxhdGI9MTAwMHxhZHY9NTM3MTUyMzM3fGFjPVVTRHxwbT1QUklDSU5HLkNQTXxibT1CVVlJTkcuR1VBUkFOVEVFREVYQ0xVU0lWRXxsaXQ9RXxjaT0xfHVyPWFURk1CMEhpSUM '/></div><script type='
text / javascript '> (function() {
    var spoutjs = document.createElement('script'),
        firstjs = document.getElementsByTagName('script')[0];
    spoutjs.async = 1;
    spoutjs.src = '//cdn.spoutable.com/ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js';
    firstjs.parentNode.insertBefore(spoutjs, firstjs)
})(); < /script><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / ri ? ts = 1 fHJpZD1hYTEyMTg4Yy1kMGZhLTRhNWQtODNhNy1hMzljZTc5NGE1Yzh8cnQ9MTUwMjAwNTU5N3xhdWlkPTUzODc3MTI5MnxhdW09RE1JRC5XRUJ8YXVwZj1kaXNwbGF5fHNzaWQ9NTM4ODg4Njg5fHNpZD01MzczMTc3MjV8cHViPTY5MTczfHBjPVVTRHxyYWlkPWJkZDlkMGI3LTMxNGMtNDUyNy04ZDM3LTczYTFiMzhmZmNlYXxycz0xfGNsPTF8YWlkPTUzODUxMjY1OXx0PTR8YXM9MXgxfGxpZD01Mzc4MjI5NjR8b2lkPTUzNzM1MjQxOXxwPTEwMDB8cHI9MTAwMHxhdGI9MTAwMHxhZHY9NTM3MTUyMzM3fGFjPVVTRHxwbT1QUklDSU5HLkNQTXxibT1CVVlJTkcuR1VBUkFOVEVFREVYQ0xVU0lWRXxsaXQ9RXxjaT0xfHVyPWFURk1CMEhpSUM '/></div></body></html>
                                    

#2 JavaScript::Write (size: 1658, repeated: 1) - SHA256: 84911a36d29dcc486e526d620d1b0fd0c03e6ee760b4fb2f51fde5c446d53281

                                        < !DOCTYPE html > < html > < head > < title > OpenX < /title><base target='_top'/ > < /head><body style='margin:0;padding:0'><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / rr ? ts = 1 fHU9MXxyaWQ9ZDI1MDRhMGQtMDIzNi00Y2NmLWE1NzAtOGUzYzY1NGZlNTdhfHJ0PTE1MDIwMDU1OTd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD01YjAwODU3OS1jYmRmLTRlNDctYTZjZS03Mjg5ZWFiYjY2Y2J8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj02aHBSMjRucDAx '/></div><script type='
text / javascript '> (function() {
    var spoutjs = document.createElement('script'),
        firstjs = document.getElementsByTagName('script')[0];
    spoutjs.async = 1;
    spoutjs.src = '//cdn.spoutable.com/ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js';
    firstjs.parentNode.insertBefore(spoutjs, firstjs)
})(); < /script><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / ri ? ts = 1 fHU9MXxyaWQ9ZDI1MDRhMGQtMDIzNi00Y2NmLWE1NzAtOGUzYzY1NGZlNTdhfHJ0PTE1MDIwMDU1OTd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD01YjAwODU3OS1jYmRmLTRlNDctYTZjZS03Mjg5ZWFiYjY2Y2J8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj02aHBSMjRucDAx '/></div></body></html>
                                    


HTTP Transactions (34)


Request Response
                                        
                                            GET /cgi-bin/framed/2074/ust.htm HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         64.136.20.40
HTTP/1.1 302 Found
Content-Type: text/x-invalid
                                        
Date: Sun, 06 Aug 2017 07:46:36 GMT
Server: .V03 Apache
Filter-Revision: 1.20
Location: http://dostchat.4mg.com/ust.htm
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /w/1.0/jstag HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Vary: Accept-Encoding
Server: OXGW/11.99.7
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Sun, 06 Aug 2017 08:46:36 GMT
Date: Sun, 06 Aug 2017 07:46:36 GMT
Content-Length: 17277
Content-Encoding: gzip
Cache-Control: max-age=3600


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17277
Md5:    16cd01b42b6b4bfce6aa0e12830a0ee6
Sha1:   43b836b77188dc88dc63f7e068a3277ef01d4730
Sha256: 6eb6f12f1c9040449c6033fef4981b57b5daf3c8ef06ad097118a9ab3f2f1208
                                        
                                            GET /ust.htm HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 06 Aug 2017 07:46:36 GMT
Server: .V03 Apache
Filter-Revision: 1.220
Last-Modified: Thu Nov 29 22:03:38 2001 GMT
Content-Length: 16961
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive
X-Pad: avoid browser bug


--- Additional Info ---
Magic:  ISO-8859 HTML document text, with very long lines
Size:   16961
Md5:    f2e0478de19031c5e0f729e77a76e09e
Sha1:   04af5ac6a79e8587d1c889b58f6d5a75b3ffaeba
Sha256: 079d44120e383e857354f7e561690673c4c38404149b313ad8983a36ef990da1

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /cgi-bin/image/images/bannertype/100X22.gif HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 06 Aug 2017 07:46:36 GMT
Server: .V03 Apache
Last-Modified: Wed, 14 Dec 2005 17:40:39 GMT
Content-Length: 2048
Keep-Alive: timeout=999999, max=999998
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 22
Size:   2048
Md5:    eaa41ff1132570fc5276feed2eead30d
Sha1:   0b0a7aad91a8f53c138cce5717478ce53e20f04a
Sha256: bd10a49f25f934452d959bc672151f200a4740ca225498f4be61cacbbc45722a
                                        
                                            GET /w/1.0/acj?ai=f8d0c3a2-6637-4ed6-84ee-345ce06b6a3f&o=6371566153&callback=OX_6371566153&ju=http%3A//dostchat.4mg.com/ust.htm&jr=&auid=538771292&dims=1176x754&adxy=588%2C48&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=ISO-8859-1&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm

                                         
                                         173.241.240.220
HTTP/1.1 302 Moved Temporarily
                                        
Set-Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597; Version=1; Expires=Mon, 06-Aug-2018 07:46:37 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.99.7
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://uol-d.openx.net/w/1.0/acj?cc=1&ai=f8d0c3a2-6637-4ed6-84ee-345ce06b6a3f&o=6371566153&callback=OX_6371566153&ju=http%3A//dostchat.4mg.com/ust.htm&jr=&auid=538771292&dims=1176x754&adxy=588%2C48&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=ISO-8859-1&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1
Date: Sun, 06 Aug 2017 07:46:37 GMT
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /w/1.0/acj?cc=1&ai=f8d0c3a2-6637-4ed6-84ee-345ce06b6a3f&o=6371566153&callback=OX_6371566153&ju=http%3A//dostchat.4mg.com/ust.htm&jr=&auid=538771292&dims=1176x754&adxy=588%2C48&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=ISO-8859-1&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Vary: Accept
Set-Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597; Version=1; Expires=Mon, 06-Aug-2018 07:46:37 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 06 Aug 2017 07:46:37 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   1017
Md5:    36239adb7ff2c0868dfb52e3bd550a12
Sha1:   94f631a7ecc23216f62dbebf97e377f3a3ba079d
Sha256: 0c25314d8ab3fdda84f52d3fb0e851e499948030e8b9f50cb9b1e654046821b6
                                        
                                            GET /w/1.0/rr?ts=1fHU9MXxyaWQ9ZDI1MDRhMGQtMDIzNi00Y2NmLWE1NzAtOGUzYzY1NGZlNTdhfHJ0PTE1MDIwMDU1OTd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD01YjAwODU3OS1jYmRmLTRlNDctYTZjZS03Mjg5ZWFiYjY2Y2J8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj02aHBSMjRucDAx HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 06 Aug 2017 07:46:37 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js HTTP/1.1 
Host: cdn.spoutable.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm

                                         
                                         104.20.69.222
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 06 Aug 2017 07:46:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d0aa01d24561ca5d4ffc24d5e16bfd2ad1502005597; expires=Mon, 06-Aug-18 07:46:37 GMT; path=/; domain=.spoutable.com; HttpOnly
x-amz-id-2: RLwUTxv0ymX54zqExAHC043zQNDXjXvt1z8eP2X3vgEtL+pbvrQm0dfFVkmJNIzoxz3V9nteYoA=
x-amz-request-id: CD92C0A378552845
Last-Modified: Sat, 05 Aug 2017 16:28:47 GMT
Etag: W/"55e3bd8aae6e3f8dfec6a30c6c00df80"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Sun, 06 Aug 2017 09:46:37 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38a06228e2d5426d-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   830
Md5:    b93008db770708b345cf417cd87ab743
Sha1:   e47c0545c14b0c623064a6d0f967e85d596c1492
Sha256: f46788bdde3c0d172ac8b827d987d1b287d502a4f6f210dbd9239741081c2490
                                        
                                            GET /fs_img/js/set_homepage.js HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sun, 06 Aug 2017 07:46:37 GMT
Server: .V03 Apache
Last-Modified: Thu, 25 Jun 2009 09:12:35 GMT
Etag: "56021-6cb-4a433f83"
Accept-Ranges: bytes
Content-Length: 1739
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   1739
Md5:    65d1bd2fb6b2997618d4487d7f0c458b
Sha1:   e176f2620fb4c3b22e8877d0770f68bed8e1421f
Sha256: 24fcc4b766d9485b2e8276c0fd71fb9f129b0e2fbc90e073afbe8a7cbd3b199b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /w/1.0/ri?ts=1fHU9MXxyaWQ9ZDI1MDRhMGQtMDIzNi00Y2NmLWE1NzAtOGUzYzY1NGZlNTdhfHJ0PTE1MDIwMDU1OTd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD01YjAwODU3OS1jYmRmLTRlNDctYTZjZS03Mjg5ZWFiYjY2Y2J8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj02aHBSMjRucDAx HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 06 Aug 2017 07:46:37 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /fs_img/js/overlay.js HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sun, 06 Aug 2017 07:46:37 GMT
Server: .V03 Apache
Last-Modified: Thu, 27 Aug 2009 10:08:37 GMT
Etag: "5601d-1952-4a965b25"
Accept-Ranges: bytes
Content-Length: 6482
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   6482
Md5:    85f8bd82370a634fcb8f5aca3e407395
Sha1:   4065a0ff47a5b4f01df8c90adaa7a6781b4087c3
Sha256: 0c33d70a8a30833d45c2217aeaf8691b17d54c70c136593bf03f7b68109b84ed

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /w/1.0/acj?ai=f8d0c3a2-6637-4ed6-84ee-345ce06b6a3f&o=8098960240&callback=OX_8098960240&ju=http%3A//dostchat.4mg.com/ust.htm&jr=&auid=538771292&dims=1176x754&adxy=588%2C48&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=windows-1254&tz=-120&ws=1176x754&ifr=0&tws=1176x754&si=8421453130&sd=2&ul=70 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Vary: Accept
Set-Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597; Version=1; Expires=Mon, 06-Aug-2018 07:46:37 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 06 Aug 2017 07:46:37 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   1013
Md5:    a046a9a70fec463f3d45c7d9aaaab4ad
Sha1:   967eeee31912830b6725cf15509d82d267b400b4
Sha256: 88d75065f20908898b63974dbdca72becbba620cc023de148f578c9b963dd5c8
                                        
                                            GET /w/1.0/rr?ts=1fHJpZD1hYTEyMTg4Yy1kMGZhLTRhNWQtODNhNy1hMzljZTc5NGE1Yzh8cnQ9MTUwMjAwNTU5N3xhdWlkPTUzODc3MTI5MnxhdW09RE1JRC5XRUJ8YXVwZj1kaXNwbGF5fHNzaWQ9NTM4ODg4Njg5fHNpZD01MzczMTc3MjV8cHViPTY5MTczfHBjPVVTRHxyYWlkPWJkZDlkMGI3LTMxNGMtNDUyNy04ZDM3LTczYTFiMzhmZmNlYXxycz0xfGNsPTF8YWlkPTUzODUxMjY1OXx0PTR8YXM9MXgxfGxpZD01Mzc4MjI5NjR8b2lkPTUzNzM1MjQxOXxwPTEwMDB8cHI9MTAwMHxhdGI9MTAwMHxhZHY9NTM3MTUyMzM3fGFjPVVTRHxwbT1QUklDSU5HLkNQTXxibT1CVVlJTkcuR1VBUkFOVEVFREVYQ0xVU0lWRXxsaXQ9RXxjaT0xfHVyPWFURk1CMEhpSUM HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 06 Aug 2017 07:46:37 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /w/1.0/ri?ts=1fHJpZD1hYTEyMTg4Yy1kMGZhLTRhNWQtODNhNy1hMzljZTc5NGE1Yzh8cnQ9MTUwMjAwNTU5N3xhdWlkPTUzODc3MTI5MnxhdW09RE1JRC5XRUJ8YXVwZj1kaXNwbGF5fHNzaWQ9NTM4ODg4Njg5fHNpZD01MzczMTc3MjV8cHViPTY5MTczfHBjPVVTRHxyYWlkPWJkZDlkMGI3LTMxNGMtNDUyNy04ZDM3LTczYTFiMzhmZmNlYXxycz0xfGNsPTF8YWlkPTUzODUxMjY1OXx0PTR8YXM9MXgxfGxpZD01Mzc4MjI5NjR8b2lkPTUzNzM1MjQxOXxwPTEwMDB8cHI9MTAwMHxhdGI9MTAwMHxhZHY9NTM3MTUyMzM3fGFjPVVTRHxwbT1QUklDSU5HLkNQTXxibT1CVVlJTkcuR1VBUkFOVEVFREVYQ0xVU0lWRXxsaXQ9RXxjaT0xfHVyPWFURk1CMEhpSUM HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 06 Aug 2017 07:46:37 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /images/bann-01.jpg HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=2; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 06 Aug 2017 07:46:38 GMT
Server: .V03 Apache
Last-Modified: Thu, 29 Nov 2001 21:52:00 GMT
Etag: "585d0e-dc1-3c06ae00"
Accept-Ranges: bytes
Content-Length: 3521
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3521
Md5:    bc6834e4099d85f66f78e12db49cf186
Sha1:   7021c03a7ef487b410fe5bd493184e687c1620de
Sha256: 01e0c171c36db6d0fe4944629c0f32384dcb3fb29aa5d00734d938b7e2e7b796
                                        
                                            GET /images/bann-02.jpg HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=2; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 06 Aug 2017 07:46:38 GMT
Server: .V03 Apache
Last-Modified: Thu, 29 Nov 2001 21:52:09 GMT
Etag: "585d0f-edb-3c06ae09"
Accept-Ranges: bytes
Content-Length: 3803
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3803
Md5:    3f5f3835d90a740dc4e2a1d3c0bc04c6
Sha1:   a838e58e6a9992ef590959a2112be5b220d2e19d
Sha256: 4a13328320eb0d7023d383534cb2bae812aedd89171503e8e573eaf5efca1eb3
                                        
                                            GET /images/ust-01.jpg HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=2; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 06 Aug 2017 07:46:38 GMT
Server: .V03 Apache
Last-Modified: Thu, 29 Nov 2001 21:59:13 GMT
Etag: "ce3955-10b9-3c06afb1"
Accept-Ranges: bytes
Content-Length: 4281
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   4281
Md5:    91b95afa75c9dd891ca9ba8326e93deb
Sha1:   7538250c9b5546d8c68144fc482f86d7a8538d55
Sha256: 4b37baa70e2e7ae6fb085b76cb09ef88ecfd2dc922772355158ed955b7e9212a
                                        
                                            GET /images/ust-bg.jpg HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=2; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 06 Aug 2017 07:46:38 GMT
Server: .V03 Apache
Last-Modified: Thu, 29 Nov 2001 21:59:31 GMT
Etag: "ce3957-194-3c06afc3"
Accept-Ranges: bytes
Content-Length: 404
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   404
Md5:    14e9d0497c09c44283eaf1b9e39cb930
Sha1:   677ca14a8011a62bf6733afb7476cf9a232b5c64
Sha256: 5279140c2d2b180784a66e72ac1626f3292fef1e73a6092766c3a81df88fb449
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: OX_ssn=8421453130; OX_sd=2; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.40
HTTP/1.1 200 Special Default
Content-Type: image/gif
                                        
Date: Sun, 06 Aug 2017 07:46:40 GMT
Server: .V03 Apache
Last-Modified: Wed, 27 Jul 2011 09:23:13 GMT
Content-Length: 1406
Keep-Alive: timeout=999999, max=999998
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1406
Md5:    d009cced4ed43383291700a3b7a18f86
Sha1:   eff142aafd81e111c728ccf1f1df36cf1c244dce
Sha256: 748f652b4067e9b431761049ae7e3b77e5cf4d3042b2cd7a3b5da379d95d8dab
                                        
                                            GET /images/ust-02.jpg HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=2; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 06 Aug 2017 07:46:41 GMT
Server: .V03 Apache
Last-Modified: Thu, 29 Nov 2001 21:59:23 GMT
Etag: "ce3956-724-3c06afbb"
Accept-Ranges: bytes
Content-Length: 1828
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   1828
Md5:    d17a8ea3bb67443b3c961f441e4627b0
Sha1:   e58927733b187262fd36544bdb1f3d4b91128828
Sha256: 3bad770cbb5e11ade46e0511292ff45608b77f2e2f2cc09af7138d41ccd6faca
                                        
                                            GET /images/ust-son.jpg HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=2; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 06 Aug 2017 07:46:41 GMT
Server: .V03 Apache
Last-Modified: Thu, 29 Nov 2001 21:59:36 GMT
Etag: "1ad3516-88a-3c06afc8"
Accept-Ranges: bytes
Content-Length: 2186
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   2186
Md5:    2043bf6548d7afb606ebb4f88266b486
Sha1:   74b34853e0f14d87a9707b7c65ad6a4b6d06c6b9
Sha256: 04381545f56bb7db7f740056a7daf15da9390129019b063a149a23d948e5920f
                                        
                                            GET /fs_img/js/pt.js HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=2; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.40
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sun, 06 Aug 2017 07:46:41 GMT
Server: .V03 Apache
Last-Modified: Tue, 23 Dec 2008 06:18:16 GMT
Etag: "56020-133c-495082a8"
Accept-Ranges: bytes
Content-Length: 4924
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   4924
Md5:    5a579305a5ed446e5d235fdf055af4df
Sha1:   460970478d97e27013664cca14b24b312db5e837
Sha256: b7869a1ad7f1eec802fdbd1018fa315b26b3c92a13db66c9044dad80a8fc5b2f

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm

                                         
                                         209.85.233.138
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Sun, 06 Aug 2017 07:08:35 GMT
Expires: Sun, 06 Aug 2017 09:08:35 GMT
Last-Modified: Tue, 01 Aug 2017 03:25:32 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 16022
Cache-Control: public, max-age=7200
Age: 2286


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16022
Md5:    09889dfa1a6bf800507b7a6799c45901
Sha1:   51b1c3f117a0874b6e5ea58bf9e8863c918db4aa
Sha256: 1c92948832be823e16d40195f5f66135368b5cb3f8a7833c3e25f558f16fecfb
                                        
                                            GET /r/__utm.gif?utmwv=5.6.7&utms=1&utmn=735031418&utmhn=dostchat.4mg.com&utmcs=windows-1254&utmsr=1176x885&utmvp=1176x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=GROSS%20Computer%20Bilgisayar%20%26%20Bilgi-%C4%B0%C5%9Flem&utmhid=916021936&utmr=-&utmp=%2Fust.htm&utmht=1502005601587&utmac=UA-4601892-3&utmcc=__utma%3D1.2038166426.1502005602.1502005602.1502005602.1%3B%2B__utmz%3D1.1502005602.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1631261201&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm

                                         
                                         209.85.233.138
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Sun, 06 Aug 2017 07:46:41 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Set-Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597; Version=1; Expires=Mon, 06-Aug-2018 07:46:41 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1502005601|9D; Version=1; Expires=Mon, 21-Aug-2017 07:46:41 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server: OXGW/11.99.7
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Sun, 06 Aug 2017 07:46:41 GMT
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   144
Md5:    0ee3d1ec9516bf623a4f9f4fe1ac0de7
Sha1:   1137f814defa2d841e3e419ae46f88421ea0d1f2
Sha256: 51a1db175deb1e8e69f4e16f07fe08c2760aa1241ab979f08c9c4cb6e79892d0
                                        
                                            GET /pixel?google_nid=openx&google_cm&google_sc HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909

                                         
                                         216.58.211.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
Date: Sun, 06 Aug 2017 07:46:41 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 292
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 06-Aug-2017 08:01:41 GMT; path=/; domain=.doubleclick.net


--- Additional Info ---
Magic:  HTML document text
Size:   292
Md5:    b6e453661d0ddf68898fe6de8bf77403
Sha1:   b5ada9403c9838f483e1ab74f2b4ac290bc5e26e
Sha256: 0cebcca4b12681a67614eb3055af0918df4f03b11d0ec0394a4c39e13d791829
                                        
                                            GET /pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.211.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI8_s9BG3VU0PTXlt4BH69U&google_cver=1
Date: Sun, 06 Aug 2017 07:46:41 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 294
X-XSS-Protection: 1; mode=block
Set-Cookie: id=24192a822a266d23||t=1502005601|et=730|cs=002213fd48c92771adc067c461; expires=Tue, 06-Aug-2019 07:46:41 GMT; path=/; domain=.doubleclick.net test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUnA6c1XnWpfcSG1IEXzV-Hx4TXeM3m15jMNwTQ_wNKu9Xdy_Mfv5Q; expires=Tue, 06-Aug-2019 07:46:41 GMT; path=/; domain=.doubleclick.net; HttpOnly


--- Additional Info ---
Magic:  HTML document text
Size:   294
Md5:    27b45187940a24a465a1547f1115bdf6
Sha1:   8dbf4a38b7f2c42de52f588f78175bbcc2b8642b
Sha256: 49c411add4a9e718a10fa509eea59fb604a10e139b1d573c2535f2ce60dbe798
                                        
                                            GET /w/1.0/sd?id=537072991&val=CAESEI8_s9BG3VU0PTXlt4BH69U&google_cver=1 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909
Cookie: i=f0cfb1fe-9fab-05a1-3216-fa5514742814|1502005597; pd=v2|1502005601|9D

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 06 Aug 2017 07:46:41 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   458
Md5:    00dfe4463b6d25f7f2d270e7bf307112
Sha1:   2cefad5519c301b0e2e548f99108639791d0d2e6
Sha256: 34c77664315be63e07fe73c6a5be94a3c205374a4791b7bf937a5cfe5d466fe6
                                        
                                            GET /images/ust-01.jpg HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /images/bann-01.jpg HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: OX_ssn=8421453130; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /images/ust-son.jpg HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /images/ust-02.jpg HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /fs_img/js/pt.js HTTP/1.1 
Host: dostchat.4mg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dostchat.4mg.com/ust.htm
Cookie: OX_ssn=8421453130; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware