Overview

URL best.truefuncontent.com/?utm_medium=329b2ef9a95f8ec85fa00a5065ad57fdd19ff3aa
IP198.143.165.220
ASNAS32475 SingleHop
Location United States
Report completed2017-10-13 06:11:42 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-10-13 2 best.truefuncontent.com/?utm_medium=329b2ef9a95f8ec85fa00a5065ad57fdd19ff3aa Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 198.143.165.220

Date UQ / IDS / BL URL IP
2017-10-18 03:52:35 +0200
0 - 1 - 0 best.truefuncontent.com/proc.php?1f445aed48f4 (...) 198.143.165.220
2017-10-18 03:43:30 +0200
0 - 1 - 1 best.truefuncontent.com/?utm_term=64769271060 (...) 198.143.165.220
2017-10-18 03:15:34 +0200
0 - 0 - 1 best.truefuncontent.com/?utm_medium=329b2ef9a (...) 198.143.165.220
2017-10-17 20:35:57 +0200
0 - 1 - 0 the.awesomemobcontent.com/?utm_term=647695745 (...) 198.143.165.220
2017-10-17 20:20:31 +0200
0 - 0 - 1 best.truefuncontent.com/?utm_medium=329b2ef9a (...) 198.143.165.220
2017-10-17 19:16:30 +0200
0 - 1 - 1 best.truefuncontent.com/?utm_medium=329b2ef9a (...) 198.143.165.220
2017-10-17 18:52:01 +0200
0 - 1 - 0 traffic.doplesk.es/proc.php?31142df9e46b75e52 (...) 198.143.165.220
2017-10-17 18:49:56 +0200
0 - 0 - 1 best.truefuncontent.com/?utm_medium=329b2ef9a (...) 198.143.165.220
2017-10-17 14:58:23 +0200
0 - 1 - 1 best.truefuncontent.com/?utm_medium=329b2ef9a (...) 198.143.165.220
2017-10-17 11:49:43 +0200
0 - 0 - 1 best.truefuncontent.com/?utm_medium=329b2ef9a (...) 198.143.165.220

Last 10 reports on ASN: AS32475 SingleHop

Date UQ / IDS / BL URL IP
2017-10-18 03:52:35 +0200
0 - 1 - 0 best.truefuncontent.com/proc.php?1f445aed48f4 (...) 198.143.165.220
2017-10-18 03:51:11 +0200
0 - 1 - 0 winning.yetioffer.com/proc.php?5f7fd060c01a83 (...) 198.143.165.221
2017-10-18 03:43:53 +0200
0 - 1 - 0 1.coolmobithing.com/?utm_medium=e6608943ef2a0 (...) 216.104.36.156
2017-10-18 03:43:30 +0200
0 - 1 - 1 best.truefuncontent.com/?utm_term=64769271060 (...) 198.143.165.220
2017-10-18 03:43:12 +0200
0 - 1 - 0 1.coolmobithing.com/?utm_term=6476926882724972242 216.104.36.156
2017-10-18 03:42:35 +0200
0 - 1 - 0 click.woopamobi.com/?utm_medium=67478b025169d (...) 184.154.47.14
2017-10-18 03:38:24 +0200
0 - 1 - 0 click.ultradmobi.com/?utm_medium=48286ec5f4e2 (...) 108.163.203.126
2017-10-18 03:37:14 +0200
0 - 1 - 0 click.ultradmobi.com/?utm_medium=48286ec5f4e2 (...) 108.163.203.126
2017-10-18 03:36:35 +0200
0 - 1 - 0 click.ultradmobi.com/?utm_medium=48286ec5f4e2 (...) 108.163.203.126
2017-10-18 03:36:17 +0200
0 - 1 - 0 click.ultradmobi.com/proc.php?5ea52f962555b2e (...) 108.163.203.126

No other reports on domain: truefuncontent.com



JavaScript

Executed Scripts (4)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (22)


Request Response
                                        
                                            GET /?utm_medium=329b2ef9a95f8ec85fa00a5065ad57fdd19ff3aa HTTP/1.1 
Host: best.truefuncontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         198.143.165.220
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: u=7988817339d2cdd5d867a86b6a6b94dd; expires=Sat, 13-Oct-2018 04:11:08 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1941
Md5:    ab342d7b94c121e41336e2d30456ceb0
Sha1:   0b874f2799184088a4e05fb0efbb21e2355ace7a
Sha256: aba25d7260293bf55fe00b3e5c8faff91a01a9641c81b669ac8544d15d441003

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: best.truefuncontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: u=7988817339d2cdd5d867a86b6a6b94dd

                                         
                                         198.143.165.220
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:10 GMT
Content-Length: 1150
Last-Modified: Wed, 04 Oct 2017 19:16:17 GMT
Connection: keep-alive
Etag: "59d53381-47e"
Expires: Sat, 14 Oct 2017 04:11:10 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1150
Md5:    91abe01116ab422c598e9c8af72cf4da
Sha1:   0f2815fe8e067d48537ad168225ab4674271fa27
Sha256: b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
                                        
                                            GET /?utm_term=6476243179766024072&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6b9bbbe8fbdbdbaba80b3b6b6b0b5a9aaa9a9aeacaaa9aa93a19196979495ead9dce9dcdbecede297929483e7e4e5cbcacfcffec7c4c8f2c3c0c4c6c7c0c3ffcbf8f9fefffcfff0f3f0f1a7fff4fdeaeb79 HTTP/1.1 
Host: best.truefuncontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://best.truefuncontent.com/?utm_medium=329b2ef9a95f8ec85fa00a5065ad57fdd19ff3aa
Cookie: u=7988817339d2cdd5d867a86b6a6b94dd

                                         
                                         198.143.165.220
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1919
Md5:    5e15ea5392b08522638e447d5763fe72
Sha1:   7ec447c32478763b58b5584aa73ad129dbfc1919
Sha256: 4c82e532652020bc718f0a83d6d51fc4811489f1a4ec4ad6357113108f1c602c
                                        
                                            GET /proc.php?01a743e8a4f8fd4d3ed4d8264cc349a584c8fcdf HTTP/1.1 
Host: best.truefuncontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: u=7988817339d2cdd5d867a86b6a6b94dd

                                         
                                         198.143.165.220
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://daily-offer-club.com/?flux_fts=qioeqxf6d98&flux_cost=0&aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072


--- Additional Info ---
                                        
                                            GET /?flux_fts=qioeqxf6d98&flux_cost=0&aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072 HTTP/1.1 
Host: daily-offer-club.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         89.34.16.69
HTTP/1.1 307 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.12.0
Date: Fri, 13 Oct 2017 04:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Set-Cookie: PHPSESSID=qjopl358d4kv1s28rs726lsut3; path=/ csid=qjopl358d4kv1s28rs726lsut3; expires=Sat, 13-Oct-2018 04:11:10 GMT; Max-Age=31536000; path=/ PHPSESSID=qjopl358d4kv1s28rs726lsut3; expires=Sat, 14-Oct-2017 04:11:10 GMT; Max-Age=86400; path=/ a351a363524b677ca8decb4ddbf2b5f2=108636786555221253; expires=Fri, 13-Oct-2017 04:11:15 GMT; Max-Age=5; path=/ 4ff18bee571950466fee037ef5b9315e=108636786973375131; expires=Fri, 13-Oct-2017 04:11:15 GMT; Max-Age=5; path=/ ca4955d603d61b8b6ed2fd9b502a67e7=108636787534921502; expires=Fri, 13-Oct-2017 04:11:15 GMT; Max-Age=5; path=/ f974ea9a24642503ccb103dacc19211e=108636788038982135; expires=Fri, 13-Oct-2017 04:11:15 GMT; Max-Age=5; path=/ 200e4a3ba9420af1c0bb5dc3774f03f4=108636789110171585; expires=Fri, 13-Oct-2017 04:11:15 GMT; Max-Age=5; path=/ 6eb3643658db2cea722d3604d621ac20=108636789560561609; expires=Fri, 13-Oct-2017 04:11:15 GMT; Max-Age=5; path=/ cffcdae8a53222f09cab97cdb3b777af=108636790724944195; expires=Fri, 13-Oct-2017 04:11:16 GMT; Max-Age=5; path=/ 5af990b3acc7718754d9008114b65a29=108636791307301882; expires=Fri, 13-Oct-2017 04:11:16 GMT; Max-Age=5; path=/ fd9f4fb0a838b1ba796cddc5e1a8fdc2=108636791727152073; expires=Fri, 13-Oct-2017 04:11:16 GMT; Max-Age=5; path=/ 6877d98d53638fe7c19f3f7c79a721cc=108636791943274299; expires=Fri, 13-Oct-2017 04:11:16 GMT; Max-Age=5; path=/ 720e4c9e9190938553840fc898d870d3=108636792141621339; expires=Fri, 13-Oct-2017 04:11:16 GMT; Max-Age=5; path=/ 10986d03f4a2b48f858698163d74b563=108636792340413838; expires=Fri, 13-Oct-2017 04:11:16 GMT; Max-Age=5; path=/ 002731eb3842cebd27fb294428c44e38=108636792585104761; expires=Fri, 13-Oct-2017 04:11:16 GMT; Max-Age=5; path=/ 3e733fbb90075f9512ef9f773eae6e09=108636792835861401; expires=Fri, 13-Oct-2017 04:11:16 GMT; Max-Age=5; path=/ 5998ff920f1de0fb3254ee44dc827e73=108636793088891615; expires=Fri, 13-Oct-2017 04:11:16 GMT; Max-Age=5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Robots-Tag: noindex, noarchive, nofollow
P3P: CP="FunnelFlux doesn't have a P3P policy"
Location: https://www.deltaogvinn.com/_static/_supload/smartlink/iPhone7/index.html?aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 04:11:11 GMT
Server: Apache
Last-Modified: Tue, 10 Oct 2017 00:47:45 GMT
Expires: Tue, 17 Oct 2017 00:47:45 GMT
Etag: 680EF3BAC5891B0B5FD0BF8865D8323C5AC1837A
Cache-Control: max-age=332793,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp16
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    3aa15630f7633a0b92d62e39209aa63e
Sha1:   680ef3bac5891b0b5fd0bf8865d8323c5ac1837a
Sha256: 6c7cc4d0392926fa6552a77605b593db3639975e7dbce32ebe1143daf57988a8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 04:11:11 GMT
Server: Apache
Last-Modified: Wed, 11 Oct 2017 09:42:49 GMT
Expires: Wed, 18 Oct 2017 09:42:49 GMT
Etag: CAE2D4E36B01556EB5A7DFCAC91643A06697B94B
Cache-Control: max-age=451297,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp16
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    b1e50e73281d4487d8b1cf3cdaf74bd5
Sha1:   cae2d4e36b01556eb5a7dfcac91643a06697b94b
Sha256: ba282a3cc79d8121086cb931af7199775bd48fef7699ba80e61d794c382b880c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 04:11:11 GMT
Server: Apache
Last-Modified: Wed, 11 Oct 2017 09:42:49 GMT
Expires: Wed, 18 Oct 2017 09:42:49 GMT
Etag: 8A7BC9885D9FFAFD7270D5324F22275F2B2C0D13
Cache-Control: max-age=451297,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp16
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    d7daaf5088b1b8633e7e0d6600507656
Sha1:   8a7bc9885d9ffafd7270d5324f22275f2b2c0d13
Sha256: 9ea32e88334ce42853f79b00abaff0d4ee00214175cd3e1d189a0aa1b4a4ceba
                                        
                                            GET /_static/_supload/smartlink/iPhone7/index.html?aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072 HTTP/1.1 
Host: www.deltaogvinn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         185.3.185.189
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding, Accept-Encoding
Expires: Sat, 14 Oct 2017 04:11:11 GMT
Cache-Control: max-age=86400
Last-Modified: Mon, 20 Mar 2017 13:52:36 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1391
Md5:    c10365b9bf056c5636d57b7a7aedbdde
Sha1:   843a29d962682e0f0a9d1ed79a73ac65e306965e
Sha256: 907f394f3e1584d078b5d9ecbf49b6258793655a46feb650b18d3c44ed231699
                                        
                                            GET /_static/_supload/smartlink/iPhone7/js/mootools-core-1.4.5-full-compat-yc.js HTTP/1.1 
Host: www.deltaogvinn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.deltaogvinn.com/_static/_supload/smartlink/iPhone7/index.html?aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072

                                         
                                         185.3.185.189
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding, Accept-Encoding
Expires: Sat, 14 Oct 2017 04:11:12 GMT
Cache-Control: max-age=86400
Last-Modified: Mon, 20 Mar 2017 13:52:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   31129
Md5:    8a72f2b8c8045e0f84986d92deacd82a
Sha1:   487c49f7ba0b21f37936aefbcb343be89127dfd4
Sha256: 37988fc88a83c95611a69fa7490fab732f2fe2f971ab98e9bb8046e3f9c01d7d
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 04:11:12 GMT
Expires: Tue, 17 Oct 2017 04:11:12 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    e7bac3d0e71b2c79e04d4385fae30af0
Sha1:   4cbd66ee4d86b33ac497bde7e7d1cda767db5dc2
Sha256: bdad376aa4ed42be546c318f8d650108339a350fa37454a4b06d0728baaec563
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=332722, public, no-transform, must-revalidate
Last-Modified: Tue, 10 Oct 2017 00:34:08 GMT
Expires: Tue, 17 Oct 2017 00:34:08 GMT
Date: Fri, 13 Oct 2017 04:11:12 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    fccd40351d25d6f5eecda73fdef9b3d8
Sha1:   0d2d2f37814bb53b7dca796acc9ee278ef6297ba
Sha256: 23e276d6aa20791de9110019cb7992bae490040d4cc3a06678449d1b3f2063e4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 04:11:12 GMT
Server: Apache
Last-Modified: Tue, 10 Oct 2017 20:25:55 GMT
Expires: Tue, 17 Oct 2017 20:25:55 GMT
Etag: E6F6A5B71771F8303A717172183F5A438B9406CA
Cache-Control: max-age=403482,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp16
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    5b19e826bb4221ad7a8c7e0e74f0d30d
Sha1:   e6f6a5b71771f8303a717172183f5a438b9406ca
Sha256: 4de634454021b3af1b9850d2b3c8a2934ddafd22a126bcd4eabfb72706af0276
                                        
                                            GET /_static/_supload/smartlink/iPhone7/js/script.js HTTP/1.1 
Host: www.deltaogvinn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.deltaogvinn.com/_static/_supload/smartlink/iPhone7/index.html?aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072

                                         
                                         185.3.185.189
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding, Accept-Encoding
Expires: Sat, 14 Oct 2017 04:11:12 GMT
Cache-Control: max-age=86400
Last-Modified: Mon, 20 Mar 2017 13:52:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   694
Md5:    8e107ab74cd134409ebcc80b6829c7b6
Sha1:   d81b65396cf7683d64c88fe23b6c15e689f4ceb0
Sha256: e4cfebc0aacb436e98570157b8125119019f0cc374afc0352344111edfa75372
                                        
                                            GET /_static/_supload/smartlink/iPhone7/css/foundation.css HTTP/1.1 
Host: www.deltaogvinn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.deltaogvinn.com/_static/_supload/smartlink/iPhone7/index.html?aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072

                                         
                                         185.3.185.189
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding, Accept-Encoding
Expires: Sat, 14 Oct 2017 04:11:12 GMT
Cache-Control: max-age=86400
Last-Modified: Mon, 20 Mar 2017 13:52:36 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3627
Md5:    19abaa095fc36c017ef686ded386b1fe
Sha1:   32507025544dfe0cc1ef3eab6efcc0c7b947b484
Sha256: 3f17bd7f9124325e1ddcbe1ccd2a4689905e535c8f5d2cf65572460dff08ad8f
                                        
                                            GET /css?family=Fauna+One HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.deltaogvinn.com/_static/_supload/smartlink/iPhone7/index.html?aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072

                                         
                                         172.217.22.170
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Fri, 13 Oct 2017 04:11:12 GMT
Date: Fri, 13 Oct 2017 04:11:12 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   214
Md5:    decb8133c3d4eee6ea8a8e31c2534188
Sha1:   0f0b6114ee70f0dd327f1edd38731cca11a26367
Sha256: 02a22804463e12706d6208f86e51c8218910355f0df10b87501bcc46b5645188
                                        
                                            GET /css?family=Chewy HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.deltaogvinn.com/_static/_supload/smartlink/iPhone7/index.html?aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072

                                         
                                         172.217.22.170
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Fri, 13 Oct 2017 04:11:12 GMT
Date: Fri, 13 Oct 2017 04:11:12 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   189
Md5:    e5239f20ddb6c7d4c5fe7c93dc9387aa
Sha1:   6a30e1d79c323ede6fb287410d5464ecceff4b6f
Sha256: 4203f97e1ab3c7c5c1f3375edd60f0597f62396b50f94326ba641c50fcda61ba
                                        
                                            GET /_static/_supload/smartlink/iPhone7/images/logo.png HTTP/1.1 
Host: www.deltaogvinn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.deltaogvinn.com/_static/_supload/smartlink/iPhone7/index.html?aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072

                                         
                                         185.3.185.189
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:12 GMT
Content-Length: 3112
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Sat, 14 Oct 2017 04:11:12 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Etag: "2201972952"
Last-Modified: Mon, 20 Mar 2017 13:52:36 GMT


--- Additional Info ---
Magic:  PNG image, 150 x 60, 8-bit/color RGBA, non-interlaced
Size:   3112
Md5:    4b42f4ec6582db84b717dcc0287b93d8
Sha1:   99f5258f3a66736527ff8d18b3b48213e62728ec
Sha256: 1c6fbaf0c0d1fd2fbd7bc5c33f672f7d3624923f95cf3d5eaf0fbdfb65fbc2b0
                                        
                                            GET //files/web/freetest/_images/image_88_8_cp_image_98_8.png HTTP/1.1 
Host: www.norgespremieklubb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.deltaogvinn.com/_static/_supload/smartlink/iPhone7/index.html?aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072

                                         
                                         185.3.185.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:12 GMT
Content-Length: 58749
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 15 Sep 2016 12:28:32 GMT
Etag: "57da93f0-e57d"
X-Map-Context: no
X-Served-By: a-03
Expires: Sat, 14 Oct 2017 04:11:12 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 572 x 505, 8-bit colormap, non-interlaced
Size:   58749
Md5:    2d56f91f4958c101e62dc285abd3b7eb
Sha1:   ced850be8e3144aa3fc01f8f0d3aefe2eb0d6e67
Sha256: f198e0713c853e99f2c40b7eba4190fdd92812e5fac91fce725e1c130a55d17b
                                        
                                            GET /_static/_supload/smartlink/iPhone7/css/style.css HTTP/1.1 
Host: www.deltaogvinn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.deltaogvinn.com/_static/_supload/smartlink/iPhone7/index.html?aff_id=5052&aff_sub=2117&aff_sub2=6476243179766024072

                                         
                                         185.3.185.189
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding, Accept-Encoding
Expires: Sat, 14 Oct 2017 04:11:12 GMT
Cache-Control: max-age=86400
Last-Modified: Mon, 20 Mar 2017 13:52:36 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1033
Md5:    0642b1725c380765348174b4f05d2114
Sha1:   78931b24c992daf19a7a3f7689900060f32a6c7c
Sha256: 5008209cf077b4a200d6729d20ba8f1689b3e3781014272c2560569a0a53da7c
                                        
                                            GET /_static/_supload/smartlink/iPhone7/images/header_background.jpg HTTP/1.1 
Host: www.deltaogvinn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.deltaogvinn.com/_static/_supload/smartlink/iPhone7/css/style.css

                                         
                                         185.3.185.189
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:12 GMT
Content-Length: 622
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Sat, 14 Oct 2017 04:11:12 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Etag: "234709793"
Last-Modified: Mon, 20 Mar 2017 13:52:36 GMT


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   622
Md5:    58101e476d7a38ecc2edca30aa49cb7e
Sha1:   8993ad56e66983497f0dd857da54466067122c4b
Sha256: f190216a63436ada14253061d6a1cbafa8fcd6a1ffa2320d6bc1ae05d4bce92c
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.deltaogvinn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         185.3.185.189
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 13 Oct 2017 04:11:12 GMT
Content-Length: 4286
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 14 Oct 2016 11:25:51 GMT
Etag: "5800c0bf-10be"
X-Map-Context: no
X-Served-By: a-01
Expires: Sat, 14 Oct 2017 04:11:12 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   4286
Md5:    e32631de14608a9139996d154f202fe5
Sha1:   b2dfca79e03b920671eb0d3d5c22624842acd77e
Sha256: cfcbfb5eaecbd33f2a41c62af52149e05a38606716e556d49d06edd286628162