Overview

URL ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028
IP78.140.188.188
ASNAS35415 Webzilla B.V.
Location Netherlands
Report completed2018-11-30 19:23:56 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-11-30 2 ak.imgfarm.com/images/anx/anemone-1.2.7.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 78.140.188.188

Date UQ / IDS / BL URL IP
2019-02-22 14:56:06 +0100
0 - 0 - 1 ads.shorte.st/ads.php?key=2ea5b261f06ca771033 (...) 78.140.188.188
2019-02-08 09:21:35 +0100
0 - 0 - 0 https://cdn.shorte.st/link-converter.min.js 78.140.188.188
2019-01-27 19:21:00 +0100
0 - 0 - 1 ads.shorte.st/ads.php?key=2ea5b261f06ca771033 (...) 78.140.188.188
2019-01-18 08:18:09 +0100
0 - 1 - 1 ads.shorte.st/ads.php?key=2ea5b261f06ca771033 (...) 78.140.188.188
2019-01-15 22:06:00 +0100
0 - 0 - 1 ads.shorte.st/ads.php?key=2ea5b261f06ca771033 (...) 78.140.188.188
2018-11-13 14:44:01 +0100
0 - 0 - 0 shorte.st 78.140.188.188
2018-10-22 06:14:57 +0200
0 - 1 - 0 ads.shorte.st/ads.php?key=2ea5b261f06ca771033 (...) 78.140.188.188
2018-10-15 20:04:56 +0200
0 - 0 - 0 shorte.st 78.140.188.188
2018-10-15 13:17:39 +0200
0 - 0 - 0 cdn.shorte.st/link-converter.min.js 78.140.188.188
2018-10-15 13:11:31 +0200
0 - 0 - 0 ads.shorte.st/ads.php?key=2ea5b261f06ca771033 (...) 78.140.188.188

Last 10 reports on ASN: AS35415 Webzilla B.V.

Date UQ / IDS / BL URL IP
2019-07-01 09:07:51 +0200
0 - 0 - 0 https://pushazam.com 88.85.66.133
2019-07-01 02:08:27 +0200
0 - 0 - 0 Hilltopads.net 88.85.94.227
2019-06-30 18:03:30 +0200
0 - 0 - 0 https://comdexcipa.info/bI3JVK0LPM2NlOjPPQXRB (...) 88.85.94.232
2019-06-30 17:58:41 +0200
0 - 0 - 0 burporess.pro/bS3TVU0VPW2XlYjZPaXbBczdJemf9g0 (...) 88.85.94.229
2019-06-30 17:53:56 +0200
0 - 0 - 0 https://123freemovie.femvxitrquzretxzdq.info/ 88.85.94.236
2019-06-30 13:52:46 +0200
0 - 0 - 0 https://pornoid.notificationallow.com/ 88.85.94.227
2019-06-30 13:49:33 +0200
0 - 0 - 0 https://notificationallow.com/cbHNViz.aGEF5Lv (...) 88.85.94.227
2019-06-30 13:44:55 +0200
0 - 0 - 0 https://amliands.info/cBHlV/zVaREd5wvxdoGdlSm (...) 88.85.94.238
2019-06-30 13:23:27 +0200
0 - 0 - 1 https://deloplen.com/ 206.54.165.3
2019-06-30 13:16:32 +0200
0 - 0 - 0 https://eneritchmax.info/bF3GVH0IPJ2KlLjMPNXO (...) 88.85.94.237

No other reports on domain: shorte.st



JavaScript

Executed Scripts (6)


Executed Evals (2)

#1 JavaScript::Eval (size: 5318, repeated: 1) - SHA256: a6a76a343c867c0e8b0ef6339c7fec48580bc2c1e6c0ce80cd805151f90ad6f4

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_SAH').value = d.SAH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_CW').value = d.CW
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
    try {
        document.getElementById('ci_NW').value = d.NW
    } catch (e) {}
    try {
        document.getElementById('ci_HIL').value = d.HIL
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.SAH = window.screen.availHeight
} catch (e) {
    QC.SAH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.CW = document.documentElement.clientWidth
} catch (e) {
    QC.CW = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = window.callPhantom !== undefined || window._phantom !== undefined ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof navigator.sendBeacon === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = navigator.geolocation !== undefined ? 1 : 0
} catch (e) {
    QC.NG = -1
}
try {
    QC.NW = 'webdriver' in navigator ? 1 : 0
} catch (e) {
    QC.NW = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

#2 JavaScript::Eval (size: 613, repeated: 1) - SHA256: 7d79d7f17504a461320f713188b82fa5a1fdfd154969db17892e75294035c861

                                        var a;
var b;
var ix;
if (typeof window.innerWidth != 'undefined') {
    a = window.innerWidth;
    b = window.innerHeight
} else if (typeof document.documentElement != 'undefined' && typeof document.documentElement.clientWidth != 'undefined' && document.documentElement.clientWidth != 0) {
    a = document.documentElement.clientWidth;
    b = document.documentElement.clientHeight
} else {
    a = document.getElementsByTagName('body')[0].clientWidth;
    b = document.getElementsByTagName('body')[0].clientHeight
}
try {
    ix = window.self !== window.top ? 1 : 0
} catch (e) {
    ix = 2
}
document.getElementById('a').value = a;
document.getElementById('b').value = b;
document.getElementById('ix').value = ix;
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 4, repeated: 1) - SHA256: 152e69cf3c8e76c8d8b0aed924ddd1708e4c68624611af33d52c2c2814dd5df9

                                        2018
                                    


HTTP Transactions (26)


Request Response
                                        
                                            GET /ads.php?key=bf822edaeefaa2a510a7fc154b0be028 HTTP/1.1 
Host: ads.shorte.st
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         78.140.188.189
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.37-0+deb8u1
Cache-Control: max-age=0, must-revalidate, no-store, private, s-maxage=0
Location: https://rotumal.com/4/1241630/
Date: Fri, 30 Nov 2018 18:23:14 GMT
X-Server-ID: shn05
X-UA-Compatible: IE=Edge


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   5765
Md5:    e246aef892701257162563a902761fbb
Sha1:   fe4bc4ba6ba1ad583cf5262717e6abdf52da05e7
Sha256: ae93261fe787ca45836b75f6d7a30189926d98d7bec0ec016a20d53f1eac58a0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "E0B8493BF40EBE1B87A652CE032183F7F2CB0D6288700299509CBE83C8718626"
Last-Modified: Wed, 28 Nov 2018 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6038
Expires: Fri, 30 Nov 2018 20:03:52 GMT
Date: Fri, 30 Nov 2018 18:23:14 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    9b2a0a3503c7a39942dbde1f32067eb0
Sha1:   4ff38765775c16140b2e9c041162efdf841e3bd6
Sha256: e0b8493bf40ebe1b87a652ce032183f7f2cb0d6288700299509cbe83c8718626
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Fri, 30 Nov 2018 09:49:49 GMT
Etag: "8137f8ade04cd54de3987ed02e6fdf0ae507e9f5"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=20231
Expires: Sat, 01 Dec 2018 00:00:25 GMT
Date: Fri, 30 Nov 2018 18:23:14 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    d4f0d79537fbd3fe101e909b8751784b
Sha1:   8137f8ade04cd54de3987ed02e6fdf0ae507e9f5
Sha256: 197e7d4ba835416fc626185e6d64656bdfa5c51b5d4bd512c8ff77560008227b
                                        
                                            GET /4/1241630/ HTTP/1.1 
Host: rotumal.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         188.72.213.221
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 30 Nov 2018 18:23:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
Pragma: no-cache, no-cache
Cache-Control: private, max-age=0, no-cache, no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Sat, 01-Dec-2018 18:23:14 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Sat, 01-Dec-2018 18:23:14 GMT; Max-Age=86400; path=/ oaidts=1543602194; expires=Sat, 30-Nov-2019 18:23:14 GMT; Max-Age=31536000; path=/ OAID=b567935e59a9945f3e7d01f3829177a3; expires=Sat, 30-Nov-2019 18:23:14 GMT; Max-Age=31536000; path=/ OAID=b567935e59a9945f3e7d01f3829177a3; expires=Sat, 30-Nov-2019 18:23:14 GMT; Max-Age=31536000; path=/ OFR=%7B%2218692%22%3A1%7D; expires=Mon, 25-Nov-2019 18:23:14 GMT; Max-Age=31104000; path=/ exsdsf=1543602194 pbk3=8cf5210cfe036973e419243097ae4fb76629720942577599031; expires=Fri, 30-Nov-2018 18:33:14 GMT; Max-Age=600 ltm_afu=1; expires=Sat, 01-Dec-2018 18:23:14 GMT; Max-Age=86400; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4724
Md5:    4a811483b6ab83fa5d11958d52f55fb3
Sha1:   df34493066364717065f8425028515ea9fe9baed
Sha256: fea05ea97c65ba1c7ee9fd71616a477fccda5a726be542307b2998271a7a5081
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 26 Nov 2018 15:06:03 GMT
Etag: B759EE520C52ED2C336A580647232DED8D82B124
X-OCSP-Responder-ID: (null)
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=246759
Expires: Mon, 03 Dec 2018 14:55:53 GMT
Date: Fri, 30 Nov 2018 18:23:14 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    8040583a8a993e91775ce130709806c6
Sha1:   b759ee520c52ed2c336a580647232ded8d82b124
Sha256: 6d46bd9f5e5b266e18b030b2b9578ba2a4c021edda1917c23756bbe1e8156ed9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 27 Nov 2018 14:14:26 GMT
Etag: 6FA6B179CD614FE8A160C41580E33CE71C547952
X-OCSP-Responder-ID: (null)
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=330063
Expires: Tue, 04 Dec 2018 14:04:17 GMT
Date: Fri, 30 Nov 2018 18:23:14 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    2104a67db4d344a5bfb3b37ad543a4f7
Sha1:   6fa6b179cd614fe8a160c41580e33ce71c547952
Sha256: ae4a997c6f6d517fa47a3454c746791e438388055f46ee8a43f81743d9809a78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 27 Nov 2018 14:14:26 GMT
Etag: 553C8792AD0C3E0A9A992944F8D02F21397A4F4B
X-OCSP-Responder-ID: (null)
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=330074
Expires: Tue, 04 Dec 2018 14:04:28 GMT
Date: Fri, 30 Nov 2018 18:23:14 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    b1dd6bf93b975619ca9f8f915385a7af
Sha1:   553c8792ad0c3e0a9a992944f8d02f21397a4f4b
Sha256: 4638b368eed6bc1821c4631ef446139f80555f12500020a3b6716f43b7877cee
                                        
                                            GET /sc.php?zoneid=1241630&bannerid=2250973&OXLCA=1&clickid=92436909762023424 HTTP/1.1 
Host: trecurlik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://rotumal.com/4/1241630/

                                         
                                         88.85.66.185
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 30 Nov 2018 18:23:14 GMT
Content-Length: 43
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: SeenToday=1; expires=Sat, 01-Dec-2018 18:23:14 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Sat, 01-Dec-2018 18:23:14 GMT; Max-Age=86400; path=/ oaidts=1543602194; expires=Sat, 30-Nov-2019 18:23:14 GMT; Max-Age=31536000; path=/ OAID=1d5978d37b49dfb8c0768d6bc620e837; expires=Sat, 30-Nov-2019 18:23:14 GMT; Max-Age=31536000; path=/ _OXLCA[2250973]=pj0r2q-1241630; expires=Sun, 30-Dec-2018 18:23:14 GMT; Max-Age=2592000; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: rotumal.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1543602194; OAID=b567935e59a9945f3e7d01f3829177a3; OFR=%7B%2218692%22%3A1%7D; ltm_afu=1

                                         
                                         188.72.213.221
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 30 Nov 2018 18:23:15 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /?r=%2Fmb%2Fhan&pbk3=8cf5210cfe036973e419243097ae4fb76629720942577599031&empty=0&uuid=d7f86fcf-c0d3-4f95-8e98-c158eb4b81c6&ad_scheme=1&rotation_type=25&ppucounter=0&first_visit=0&on_test=1&offer_views=1&ab_test=2273&adparams=bm9qcz0w&ip=f3d5bb63c9dbdcfb475795d659c65a4e&zoneid=1241630&x=1176&y=775&sw=1176&sh=885&sah=855&wx=-4&wy=-4&ww=1184&wh=863&cw=1176&wiw=1176&wih=775&wfc=0&pl=https%3A%2F%2Frotumal.com%2F4%2F1241630%2F&drf=&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&nw=0&hil=undefined&id=cfd089cc347e683a8c8b6e0dc1c88f2d&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=1&sf_type=1&timeout=0 HTTP/1.1 
Host: rotumal.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://rotumal.com/4/1241630/
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1543602194; OAID=b567935e59a9945f3e7d01f3829177a3; OFR=%7B%2218692%22%3A1%7D; ltm_afu=1

                                         
                                         188.72.213.221
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 30 Nov 2018 18:23:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=_WMxfpkefAKltkKnZhVdVDu_6xnDpYw-QurlBG6f94Q; expires=Fri, 07-Dec-2018 18:23:15 GMT; Max-Age=604800 OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Sat, 01-Dec-2018 18:23:15 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Sat, 01-Dec-2018 18:23:15 GMT; Max-Age=86400; path=/ ppucntstart=1543602195; expires=Sat, 01-Dec-2018 18:23:15 GMT; Max-Age=86400; path=/ allcnt=1; expires=Sat, 30-Nov-2019 18:23:15 GMT; Max-Age=31536000; path=/ OAID=b567935e59a9945f3e7d01f3829177a3; expires=Sat, 30-Nov-2019 18:23:15 GMT; Max-Age=31536000; path=/ OFR=%7B%2218692%22%3A1%2C%2220910%22%3A1%7D; expires=Mon, 25-Nov-2019 18:23:15 GMT; Max-Age=31104000; path=/ _OACCAP[1535558]=1; expires=Sat, 30-Nov-2019 18:23:15 GMT; Max-Age=31536000; path=/ _OACBLOCK[1535558]=1543602195; expires=Sun, 30-Dec-2018 18:23:15 GMT; Max-Age=2592000; path=/ _OXCCLK[1535558]=1; expires=Sat, 30-Nov-2019 18:23:15 GMT; Max-Age=31536000; path=/ _OXPCLK[153140]=1; expires=Sat, 30-Nov-2019 18:23:15 GMT; Max-Age=31536000; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://www.bravisimobravo.win/8e485ed4-04e4-40f0-b28a-7a4ad6dc6409?siteid=1241630&visitor_id=92436914694524928
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Wed, 28 Nov 2018 11:58:33 GMT
Etag: E39DEA51759D73A8166377B63ED8C41F7A81D063
X-OCSP-Responder-ID: (null)
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=408295
Expires: Wed, 05 Dec 2018 11:48:11 GMT
Date: Fri, 30 Nov 2018 18:23:16 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    111001747972edcd52b8734e8e8e3527
Sha1:   e39dea51759d73a8166377b63ed8c41f7a81d063
Sha256: 2c56c18d12aaed772e2a49db3a986546cd5131e28b73770aaf997faed2308836
                                        
                                            GET /8e485ed4-04e4-40f0-b28a-7a4ad6dc6409?siteid=1241630&visitor_id=92436914694524928 HTTP/1.1 
Host: www.bravisimobravo.win
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://rotumal.com/4/1241630/

                                         
                                         52.29.251.15
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 30 Nov 2018 18:23:16 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://free.everydaylookup.com/index.jhtml?partner=%5EBX1%5Exdm736&s1=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&s2=wL9SRUS903GU9QJI15INFFFE&s3=NO&s4=1241630
Pragma: no-cache
Set-Cookie: 8e485ed4-04e4-40f0-b28a-7a4ad6dc6409-v4=8e485ed4-04e4-40f0-b28a-7a4ad6dc6409;domain=www.bravisimobravo.win;path=/;HttpOnly cc-v4=kiSacEYNIVyJ97mRh6satF4n8Fu0rb%2F2ZbQ5B6ld%2BZEFY2iJOrWC4VVt6DVbxtXXQX4Og%2F4jjm%2BoGfzQvN0bFh1LJAK5jkEwnCfJQc2C8MewNIy7Esi9mV5lZ00%2FZCGzMHLuBLc0ZuA3Kg%2FSOMiskw%3D%3D;Max-Age=31536000;Expires=Sat, 30-Nov-2019 18:23:16 GMT;domain=www.bravisimobravo.win;path=/;HttpOnly


--- Additional Info ---
                                        
                                            GET /index.jhtml?partner=%5EBX1%5Exdm736&s1=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&s2=wL9SRUS903GU9QJI15INFFFE&s3=NO&s4=1241630 HTTP/1.1 
Host: free.everydaylookup.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         74.113.235.138
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 30 Nov 2018 18:23:15 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: DENY
P3P: CP='CURa ADMa DEVa PSA PSD OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Language: en-NO
Set-Cookie: userSegment=""; Domain=.everydaylookup.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ sessionData=Icj9ZN8CTbVHvghlPz4CBpSYHn1HcwXIz7lMHvD9jsqgbrUCa5C0y7TPS55LaQlCxuQWljAedxSdh+SiFsGi4Et9zwod4kTBzvvOao3lomT5J8v4vQNQAIBJnfgkI3VA8lMR/vaVNCVGpwPAhoLNczMU3B0cIEwIGnxkHYxCb3guwQifoMztWxG/LdhV7UHUMqO2/r7tjMywYXQqWqsOLrSa+DDcndr9EM+Trb3RO4PTPF3IPkcqSicr7mJzepQBLjA4SbXvg9TwqQ0gCi8dSCuYEF8M+PgVxAmWqPuA08766IIfY1gxuSqUWv3bypeu2Tu6coHrdA2ZC556M+DqAlxjRfSoDCXrwN9IkGN+EmRSocwXXSEHjpjFwdcIWm5fIs2etGrfk7w2eNcIaIbHiK0piwyjCqsU8TAHErCZjNOek245lQVG1pBbxgohGAIQ4EabZSyJVxZAYyTAqPst93AnwhyGeE8wYDPm45NdbRkVymtGCwhWXDL30XKsHZTtmDwxbrrzecweruDi4UHokZVEeTuYzSql3uJ9WRFtFW3HoYyOamuepnq1+rXcRk8MJ2gxLNR8gJ7s9AdleQkYSh/hM45IdWQgxxqosF0CXkyncBwwGSezsgqzKIMOAdlSQStsXbzvJ+QpxWpNdk+5e3EZPFr6K8LOC4ir0/Z3RO2ks3EuSKdT2Y7d4JF05+LgnIEp0PAzHOPQ3EVGfEGbF13BnuVXICEQap9i15XdvI+bPdWDV36tJ1jupXvhKaGIFbFC8f4fOPHOnIo7jDVCvUUjgwSA6ICDLvdaLOgeWnd1FfnZ7YHLMtUVdRKHgIrSRQtvXFJZLZmgTPH6UIU/YIocP7YkwmYA4C8xvOLIo8UJT6bSFem6+m+XEl4tmaw8nrQLJApRRivmDgFLJGhFYNcv0FgyxMDBzqub8CMBSB5uwNfga0JOeEEOmd2CD0cy; Domain=.everydaylookup.com; Path=/ org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en_NO; Path=/ anx="xracl=BX1xdm736&xckoid=&xgds=&lv=1543602196236&adfi=&xad=&xmvte=&xmt=&add=&adc=&xit=&adn=&adm=&xlang=en&adp=&xmvtv=&xmvtt=&adt=&xose=&xckid=&xrm=&xrp=%5EBX1%5Exdm873%5ETTAB02%5Eno&xica=xdm736&xrs=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&xrt=TTAB02&adap=&xnt=dsl&xriad=&xft=&nv=1&fv=1543602196236&xuer=1&ob=-&oc=-&od=none&xgc=false&sn=dubprdsndlbfe2.dub.jabodo.com&ok=-&om=-&xrco=BX1&xrkw=&xrca=xdm873&op=-&xrcc=no&xsee=&os=-&surveyUrl=&xkw=&xtc=&g=-&xct=&xiad=&xbkw=&tbGuid=CDFB450B-DCFF-4D16-8785-DC2790923CF5&xg=&xeid=cpfeiadabjbeeceklgnhgidkenddajog&xh=8963&xi=MANUAL_OTHER&xtp=vhigh&adti=&xn=&xp=vicinio&xtt=template_responsive&xpp=%5EBX1%5Exdm873%5ETTAB02%5Eno&xs=41790&xt=rxs&xpt=&xu=&xcid=b20db049904d4082bc1ed1112159b4e1"; Version=1; Domain=.everydaylookup.com; Max-Age=7776000; Expires=Thu, 28-Feb-2019 18:23:16 GMT; Path=/ ltm-1d=rd119o00000000000000000000ffff0a904c3ao80; expires=Sat, 01-Dec-2018 18:22:43 GMT; path=/
Via: 1.1 www.mapsgalaxy.com
Connection: close
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   29858
Md5:    8d62c131609165aa06e307c8ea2f0110
Sha1:   d1543e9e637dede20a37bdb8599fb6ddf65d8084
Sha256: 86ee8c0472f812c41ba1b9bbab9b58e546f441d66e570cf4f27382f9998a55aa
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: free.everydaylookup.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: sessionData=Icj9ZN8CTbVHvghlPz4CBpSYHn1HcwXIz7lMHvD9jsqgbrUCa5C0y7TPS55LaQlCxuQWljAedxSdh+SiFsGi4Et9zwod4kTBzvvOao3lomT5J8v4vQNQAIBJnfgkI3VA8lMR/vaVNCVGpwPAhoLNczMU3B0cIEwIGnxkHYxCb3guwQifoMztWxG/LdhV7UHUMqO2/r7tjMywYXQqWqsOLrSa+DDcndr9EM+Trb3RO4PTPF3IPkcqSicr7mJzepQBLjA4SbXvg9TwqQ0gCi8dSCuYEF8M+PgVxAmWqPuA08766IIfY1gxuSqUWv3bypeu2Tu6coHrdA2ZC556M+DqAlxjRfSoDCXrwN9IkGN+EmRSocwXXSEHjpjFwdcIWm5fIs2etGrfk7w2eNcIaIbHiK0piwyjCqsU8TAHErCZjNOek245lQVG1pBbxgohGAIQ4EabZSyJVxZAYyTAqPst93AnwhyGeE8wYDPm45NdbRkVymtGCwhWXDL30XKsHZTtmDwxbrrzecweruDi4UHokZVEeTuYzSql3uJ9WRFtFW3HoYyOamuepnq1+rXcRk8MJ2gxLNR8gJ7s9AdleQkYSh/hM45IdWQgxxqosF0CXkyncBwwGSezsgqzKIMOAdlSQStsXbzvJ+QpxWpNdk+5e3EZPFr6K8LOC4ir0/Z3RO2ks3EuSKdT2Y7d4JF05+LgnIEp0PAzHOPQ3EVGfEGbF13BnuVXICEQap9i15XdvI+bPdWDV36tJ1jupXvhKaGIFbFC8f4fOPHOnIo7jDVCvUUjgwSA6ICDLvdaLOgeWnd1FfnZ7YHLMtUVdRKHgIrSRQtvXFJZLZmgTPH6UIU/YIocP7YkwmYA4C8xvOLIo8UJT6bSFem6+m+XEl4tmaw8nrQLJApRRivmDgFLJGhFYNcv0FgyxMDBzqub8CMBSB5uwNfga0JOeEEOmd2CD0cy; org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en_NO; anx="xracl=BX1xdm736&xckoid=&xgds=&lv=1543602196236&adfi=&xad=&xmvte=&xmt=&add=&adc=&xit=&adn=&adm=&xlang=en&adp=&xmvtv=&xmvtt=&adt=&xose=&xckid=&xrm=&xrp=%5EBX1%5Exdm873%5ETTAB02%5Eno&xica=xdm736&xrs=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&xrt=TTAB02&adap=&xnt=dsl&xriad=&xft=&nv=1&fv=1543602196236&xuer=1&ob=-&oc=-&od=none&xgc=false&sn=dubprdsndlbfe2.dub.jabodo.com&ok=-&om=-&xrco=BX1&xrkw=&xrca=xdm873&op=-&xrcc=no&xsee=&os=-&surveyUrl=&xkw=&xtc=&g=-&xct=&xiad=&xbkw=&tbGuid=CDFB450B-DCFF-4D16-8785-DC2790923CF5&xg=&xeid=cpfeiadabjbeeceklgnhgidkenddajog&xh=8963&xi=MANUAL_OTHER&xtp=vhigh&adti=&xn=&xp=vicinio&xtt=template_responsive&xpp=%5EBX1%5Exdm873%5ETTAB02%5Eno&xs=41790&xt=rxs&xpt=&xu=&xcid=b20db049904d4082bc1ed1112159b4e1"; ltm-1d=rd119o00000000000000000000ffff0a904c3ao80

                                         
                                         74.113.235.138
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Fri, 30 Nov 2018 18:23:16 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
Etag: W/"894-1543515462000"
Last-Modified: Thu, 29 Nov 2018 18:17:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Via: 1.1 www.mapsgalaxy.com
Connection: close
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   241
Md5:    10af52d67c177dd2fc61524bd07cabca
Sha1:   37d1ecf0cff3542641d0fa2ad6f06319d32649ca
Sha256: c74f5beb2d7aa15817ecab15f17291f37764c39d3d68e387dd127890ccccd2c2
                                        
                                            GET /unsupported/myway/index.html?p2=%5EBX1%5Exdm873%5ETTAB02%5Eno&n=7849F5F5&ptb=CDFB450B-DCFF-4D16-8785-DC2790923CF5&si=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&rd=unsupported HTTP/1.1 
Host: hp.myway.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://free.everydaylookup.com/index.jhtml?partner=%5EBX1%5Exdm736&s1=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&s2=wL9SRUS903GU9QJI15INFFFE&s3=NO&s4=1241630

                                         
                                         95.101.174.236
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: Apache
X-Application-Context: application:prod:8081
Last-Modified: Fri, 14 Apr 2017 18:45:10 GMT
Etag: "be996e-fa3-54d24d74f1980"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1344
Expires: Fri, 30 Nov 2018 18:23:16 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Fri, 30 Nov 2018 18:23:16 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1344
Md5:    0a8720b569c0a80ca5111c4890d13f8a
Sha1:   4ce16481d2b0ca5ea50f34fd890fa5c7a567fac5
Sha256: 3f660794b724c1a26864d177f464247e4a4a3a8bdcb22ea9261e7ad37f4f688c
                                        
                                            GET /images/anx/anemone-1.2.7.js HTTP/1.1 
Host: ak.imgfarm.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://free.everydaylookup.com/index.jhtml?partner=%5EBX1%5Exdm736&s1=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&s2=wL9SRUS903GU9QJI15INFFFE&s3=NO&s4=1241630

                                         
                                         95.101.174.236
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Mon, 08 Jul 2013 20:02:48 GMT
Etag: "774114-a236-4e105874e8a00"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11189
Cache-Control: max-age=77963
Expires: Sat, 01 Dec 2018 16:02:40 GMT
Date: Fri, 30 Nov 2018 18:23:17 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   11189
Md5:    d2f16e380014cd3ce341161b73bb9e3a
Sha1:   581a611c048a317b483a0a019b77de3f8621a69a
Sha256: 2e16b12f9fd4166c8e71cd59b882807cfd5d3d017f15a16fff53286e701ff934

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /unsupported/myway/styles/8c8a8c1a.app.css HTTP/1.1 
Host: hp.myway.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hp.myway.com/unsupported/myway/index.html?p2=%5EBX1%5Exdm873%5ETTAB02%5Eno&n=7849F5F5&ptb=CDFB450B-DCFF-4D16-8785-DC2790923CF5&si=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&rd=unsupported

                                         
                                         95.101.174.236
HTTP/1.1 200 OK
Content-Type: text/css;charset=utf-8
                                        
Server: Apache
X-Application-Context: application:prod:8081
Last-Modified: Fri, 14 Apr 2017 18:45:11 GMT
Etag: "be9970-11e4-54d24d75e5bc0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1320
Expires: Fri, 30 Nov 2018 18:23:17 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Fri, 30 Nov 2018 18:23:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1320
Md5:    7067cf74d0b71cfeda9d97e5b1328a79
Sha1:   69d49b1e5e419c6d7637d5adac909e8e92510ba3
Sha256: 0389282e062e4f42e1e84459a75d5f031eed83dacbd79a76c091fb3d2fc2280c
                                        
                                            GET /unsupported/myway/scripts/4e6ca3d5.app.js HTTP/1.1 
Host: hp.myway.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hp.myway.com/unsupported/myway/index.html?p2=%5EBX1%5Exdm873%5ETTAB02%5Eno&n=7849F5F5&ptb=CDFB450B-DCFF-4D16-8785-DC2790923CF5&si=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&rd=unsupported

                                         
                                         95.101.174.236
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: Apache
X-Application-Context: application:prod:8081
Last-Modified: Fri, 14 Apr 2017 18:45:11 GMT
Etag: "be9972-6270-54d24d75e5bc0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7790
Expires: Fri, 30 Nov 2018 18:23:17 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Fri, 30 Nov 2018 18:23:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7790
Md5:    2b0a47209489eec4a89768b918681246
Sha1:   99bde60b9744ce9923df49aa6aea9d6a53ea121c
Sha256: 512e5061cc4f163411e69f52438fbd3fb94a1526d4f07952b92911978a778a8d
                                        
                                            GET /images/webtooltab/chiclets/chromeinstall.png HTTP/1.1 
Host: akz.imgfarm.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hp.myway.com/unsupported/myway/index.html?p2=%5EBX1%5Exdm873%5ETTAB02%5Eno&n=7849F5F5&ptb=CDFB450B-DCFF-4D16-8785-DC2790923CF5&si=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&rd=unsupported

                                         
                                         95.101.174.236
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 06 Apr 2017 14:16:20 GMT
Etag: "6f62a7-d71-2727d500"
Accept-Ranges: bytes
Content-Length: 3441
Cache-Control: max-age=263246083
Expires: Sun, 04 Apr 2027 14:18:00 GMT
Date: Fri, 30 Nov 2018 18:23:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image, 43 x 43, 8-bit/color RGBA, non-interlaced
Size:   3441
Md5:    536faf1a976f41810d17399800ff20d2
Sha1:   1aac76d1a968392c3eedd84ce25c4dda6e8d4a75
Sha256: 85bcdd2eb3d0e03b18242cfd1fff0224c2c60b7b83ddf48221870a9f039e8d51
                                        
                                            GET /images/vicinio/chrome/spent/images/favicon/__COBRAND__.ico HTTP/1.1 
Host: akz.imgfarm.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         95.101.174.236
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Last-Modified: Mon, 13 Jun 2016 04:00:00 GMT
Etag: "a109e3-47e-ec1b7000"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=237548202
Expires: Thu, 11 Jun 2026 03:59:59 GMT
Date: Fri, 30 Nov 2018 18:23:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1150
Md5:    cc9becf51e20cba5c8a0bd600e1dc588
Sha1:   81c38090b7e51988227a63afe82816d0273f9749
Sha256: 65018cf229b50ef80816ffd62865b7a1c71ad9f1ce9a7c0ae898b87b8ed683d9
                                        
                                            GET /images/webtooltab/search/google.png HTTP/1.1 
Host: akz.imgfarm.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hp.myway.com/unsupported/myway/index.html?p2=%5EBX1%5Exdm873%5ETTAB02%5Eno&n=7849F5F5&ptb=CDFB450B-DCFF-4D16-8785-DC2790923CF5&si=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&rd=unsupported

                                         
                                         95.101.174.236
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Tue, 01 Dec 2015 15:54:44 GMT
Etag: "3d2bcd-d8a-2d233900"
Accept-Ranges: bytes
Content-Length: 3466
Cache-Control: max-age=220743122
Expires: Fri, 28 Nov 2025 15:55:19 GMT
Date: Fri, 30 Nov 2018 18:23:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image, 97 x 33, 8-bit/color RGBA, non-interlaced
Size:   3466
Md5:    953f6562d9c856bbe67943b342ef3812
Sha1:   423d9ef5d57b4c8b318103b2bbc4e5be8359800a
Sha256: 089f2a53201e9ec91ba795d1c4a785b4c61b819702761436396d3380ff7015c4
                                        
                                            GET /images/webtooltab/assets/myway.png HTTP/1.1 
Host: akz.imgfarm.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hp.myway.com/unsupported/myway/index.html?p2=%5EBX1%5Exdm873%5ETTAB02%5Eno&n=7849F5F5&ptb=CDFB450B-DCFF-4D16-8785-DC2790923CF5&si=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&rd=unsupported

                                         
                                         95.101.174.236
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Wed, 27 Apr 2016 19:14:11 GMT
Etag: "97207b-1a43-36f0a6c0"
Accept-Ranges: bytes
Content-Length: 6723
Cache-Control: max-age=233542232
Expires: Sat, 25 Apr 2026 19:13:49 GMT
Date: Fri, 30 Nov 2018 18:23:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image, 156 x 36, 8-bit/color RGBA, non-interlaced
Size:   6723
Md5:    522f52df77af55b88144d6d1a8056df8
Sha1:   77cd1afa0f072b70de215b5b0fab562fbc9a98f3
Sha256: 2a3c8d7f7c0e9957c0a615558839d535423fbd7b9babd5edf46a828d211aac7c
                                        
                                            GET /images/webtooltab/chiclets/firefoxinstall.png HTTP/1.1 
Host: akz.imgfarm.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hp.myway.com/unsupported/myway/index.html?p2=%5EBX1%5Exdm873%5ETTAB02%5Eno&n=7849F5F5&ptb=CDFB450B-DCFF-4D16-8785-DC2790923CF5&si=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&rd=unsupported

                                         
                                         95.101.174.236
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 06 Apr 2017 14:16:14 GMT
Etag: "6f62a8-df1-26cc4780"
Accept-Ranges: bytes
Content-Length: 3569
Cache-Control: max-age=263245939
Expires: Sun, 04 Apr 2027 14:15:36 GMT
Date: Fri, 30 Nov 2018 18:23:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image, 43 x 43, 8-bit/color RGBA, non-interlaced
Size:   3569
Md5:    755905933d8c299437cdad1f07cd3f3f
Sha1:   ff71686d372c5e29cafda3ea1aff551b20405947
Sha256: 23adfa67077f73c4b3ad84cdf45423f3b3cb9b3f8a0d1e4d1f2516ce3a264f1f
                                        
                                            GET /anx.gif?anxuu=03E63A22-2858-44C4-8359-AC518CE5DE15&anxa=WebTooltab&anxv=Wtt-Unsupported-Page-1.0.0&anxd=-&anxsn=&anxu=http%3A%2F%2Fhp.myway.com%2Funsupported%2Fmyway%2Findex.html&anxlv=0&anxrd=free.everydaylookup.com&anxrp=index.jhtml&anxrk=-&anxrm=referral&anxrb=-&anxrc=-&anxrs=-&anxsq=2&pageType=tab&anxe=PageView&anxr=2117468322 HTTP/1.1 
Host: anx.tb.ask.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hp.myway.com/unsupported/myway/index.html?p2=%5EBX1%5Exdm873%5ETTAB02%5Eno&n=7849F5F5&ptb=CDFB450B-DCFF-4D16-8785-DC2790923CF5&si=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&rd=unsupported

                                         
                                         74.113.233.187
HTTP/1.1 204 No Content
                                        
Server: nginx/1.0.10
Date: Fri, 30 Nov 2018 18:23:17 GMT
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, max-age=0


--- Additional Info ---
                                        
                                            GET /images/webtooltab/assets/logos/%5EBX1%5Exdm873%5ETTAB02%5Eno.png HTTP/1.1 
Host: akz.imgfarm.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hp.myway.com/unsupported/myway/index.html?p2=%5EBX1%5Exdm873%5ETTAB02%5Eno&n=7849F5F5&ptb=CDFB450B-DCFF-4D16-8785-DC2790923CF5&si=vol_9225325b-0778-4b3a-80bd-ad6f5b882333&rd=unsupported

                                         
                                         95.101.174.236
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Content-Length: 363
Date: Fri, 30 Nov 2018 18:23:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   363
Md5:    3a902151b81b56c0906618db35b4a41a
Sha1:   26542a5ba9962cd36a879fd5a2b39929b2a419ea
Sha256: 5649553cf0651b59c0d0deb62561186eff8db87a4dacb40018d9e7beb5ced84e
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: rotumal.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1543602194; OAID=b567935e59a9945f3e7d01f3829177a3; OFR=%7B%2218692%22%3A1%2C%2220910%22%3A1%7D; ltm_afu=1; f3d5bb63c9dbdcfb475795d659c65a4e=_WMxfpkefAKltkKnZhVdVDu_6xnDpYw-QurlBG6f94Q; ppucnt=1; ppucntstart=1543602195; allcnt=1; _OACCAP[1535558]=1; _OACBLOCK[1535558]=1543602195; _OXCCLK[1535558]=1; _OXPCLK[153140]=1

                                         
                                         188.72.213.221
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 30 Nov 2018 18:23:18 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---