0% found this document useful (0 votes)

55 views

Untitled

URL IP AS22489 Castle Access Inc Location Report completed Status Report complete. UrlQuery alerts No alerts detected Settings UserAgent Referer Pool Access Level public Intrusion Detection Systems Suricata / w Emerging Threats Pro Tim S Des Sou est ev tina rce am eri tion IP p ty IP 201 4-11 -07 1 05:3 3:25 Alert BROWSER-IE Microsoft Internet Explorer XSLT memory

Uploaded by

api-270543119

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

55 views

Untitled

Uploaded by

api-270543119

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 20

Overview

URL

cainsmedbilling.com/

69.43.161.164

ASN

AS22489 Castle Access Inc

Location

Australia

Report
completed

2014-11-07 05:33:55 CET

Status

Report complete.

urlQuery Alerts

No alerts detected

Settings
UserAgent

Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/4.0; InfoPath.2; SV1; .NET CLR
2.0.50727; WOW64)

Referer
Pool
Access Level

public

Intrusion Detection Systems

Snort /w
Sourcefire VRT

Suricata /w
Emerging
Threats Pro

Tim S
Des
Sou
est ev
tina
rce
am eri
tion
IP
p
ty
IP
201
4-11
-07 1
05:3
3:25

urlQ
141. uery
8.22 Clie
4.79 nt

Alert
BROWSER-IE
Microsoft Internet
Explorer XSLT
memory corruption
attempt

No alerts detected

Blacklists
Fortinet's Web
Filter /
fortiguard.com

No alerts detected

DNS-BH /
malwaredomain No alerts detected
s.com
PhishTank /
phishtank.com

No alerts detected

Spamhaus DBL No alerts detected

/ spamhaus.org

Files Captured
Suricata IDS

No files captured

Recent reports on same IP/ASN/Domain

Last 1 reports on IP: 69.43.161.164
Date

UQ /
IDS /
BL

URL

2014-100-030
0
12:56:07

777inter.net

69.43.16
1.164

Last 6 reports on ASN: AS22489 Castle Access Inc

Date

UQ /
IDS /
BL

URL

2014-110-008
0
23:23:02

tweetprocesor.com

69.43.16
0.163

2014-110-007
0
19:43:11

vfcu.com

69.43.16
0.151

2014-110-107
0
14:20:29

romance-site.com/

69.43.16
1.180

2014-110-007
0
14:18:19

fsr.dlinkddns.org

69.43.16
1.162

2014-110-007
0
03:27:16

appinstudent.com

69.43.16
1.174

2014-110-207
0
02:48:20

leenaenterprises.com/img/logo.gif?189a6=302322

69.43.16
1.171

JavaScript
Executed Scripts (26)
Executed Evals (1)
#1 JavaScript::Eval (size: 7912, repeated: 1)
({
"name": "master-1",
"slave-1-1": {
"clicktrackUrl":
"http://ww41.cainsmedbilling.com/rg-cltrack.php?&gr=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fgoogle.com%2F%3FRMGcaf%26
1415334804&gm=%2Bkco7TTyoqI4c43QfHDQ4pqlnqp6WFH0SAO3oC8z7445VkYJkgVaxJV52%2FK5T
WjmS%2FIisWxiykYPBUNZjyEepzcQEWh7ww25aeMVWzYRphJV8TwB6OqZEyLoJ63bGl00Pz2hk7SITrt
hf5t%2F6hKeGzNSz4Gmh1bPLUDpok7ICM6KSgv8ceKTdpnPgVvNFFYu&gc=1117162880404930418391
7&gi=vN2iaPKnIMq469YWSJ6iuS13NRNn%2F9jQM4Gd%2FPX3ApR3JeM0zNLoXZc80v160xLKCG%2FX
ea6%2Fi9MCK0aHJhrLsTBhCGFKFca2%2FJadJDXQIXWfs7C844m6Tpuq1IvyV2kmwId50FyEndoea3Gw

DoRpdr%2Fe0OXItP3BC83Lp8abPA5Sgy3qnqrZvc61kuZ8Aa%2Bs7NZxzoO7FQQkPPyGEwuZW6Xgbef
%2FzD2mpnrD5kryLPYCwbpwWb%2F9BwxWf9ag65OGEicYqd%2FyZ7OP%2BpqtLmVAYnlKLNek3pW
mTO5OmaHz1kLH57w%2BNauvB6HbQCYcvzFc",
"container": "searchbox",
"linkTarget": "_blank",
"lines": 3,
"colorBackground": "transparent",
"colorAttribution": "#72716f",
"fontFamily": "verdana",
"fontFamilyAttribution": "arial",
"fontSizeTitle": 18,
"fontSizeDescription": 14,
"fontSizeDomainLink": 16,
"fontSizeAttribution": "13px",
"fontSizePlusOnes": 13,
"fontSizeLocation": 13,
"adIconPageLocation": "ad-left",
"adIconLocation": "ad-left",
"plaFormat": "twoColumn",
"resultsPageBaseUrl":
"http://ww41.cainsmedbilling.com/?ga=CWkwcImcXUqhLjP4DvD3D1%2FPTQ2NX4DMe9u5DYJLKJs%2B
rHEB%2BHN54OJyIPkeDF1ILGNy%2F0XoAVKjOr5DFvpT%2FiO7U33EeQ3YrnzNMsNIViuwwP6CnsA%2
B3pHHjnEjM7E1vfY1Yv43wTihIjf9%2Bhn68pLPCPWetjQqk4TRdPdbnojKxSDhGqwxx9cHSiUni%2BuBRXy
AIPFnjatxd%2BUN3gU08w%3D%3D&gqsg=FSSOBizavm3rvoQ4CVVi6G%2B2gHQJxEjrdOTi1c%2Bsixpe
uizMZJFWQlPA6WB%2B0coM&maxads=0&gerf=H620eEcxyAk0vKc8LwzBDJg4pwNnfGYTCOMi%2B%2
BoVoyk%3D&",
"type": "searchbox",
"columns": 1,
"horizontalAlignment": "left",
"resultsPageQueryParam": "query",
"hideSearchInputBorder": false,
"hideSearchButtonBorder": false,
"colorSearchButton": "#e2e2e2",
"widthSearchInput": 215,
"fontSizeSearchInput": 16,
"fontSizeSearchButton": 13,
"searchBoxMethod": "get"
},
"slave-2-1": {
"clicktrackUrl":
"http://ww41.cainsmedbilling.com/rg-cltrack.php?&gr=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fgoogle.com%2F%3FRMGcaf%26
1415334804&gm=%2Bkco7TTyoqI4c43QfHDQ4pqlnqp6WFH0SAO3oC8z7445VkYJkgVaxJV52%2FK5T
WjmS%2FIisWxiykYPBUNZjyEepzcQEWh7ww25aeMVWzYRphJV8TwB6OqZEyLoJ63bGl00Pz2hk7SITrt
hf5t%2F6hKeGzNSz4Gmh1bPLUDpok7ICM6KSgv8ceKTdpnPgVvNFFYu&gc=1117162880404930418391
7&gi=vN2iaPKnIMq469YWSJ6iuS13NRNn%2F9jQM4Gd%2FPX3ApR3JeM0zNLoXZc80v160xLKCG%2FX
ea6%2Fi9MCK0aHJhrLsTBhCGFKFca2%2FJadJDXQIXWfs7C844m6Tpuq1IvyV2kmwId50FyEndoea3Gw
DoRpdr%2Fe0OXItP3BC83Lp8abPA5Sgy3qnqrZvc61kuZ8Aa%2Bs7NZxzoO7FQQkPPyGEwuZW6Xgbef
%2FzD2mpnrD5kryLPYCwbpwWb%2F9BwxWf9ag65OGEicYqd%2FyZ7OP%2BpqtLmVAYnlKLNek3pW
mTO5OmaHz1kLH57w%2BNauvB6HbQCYcvzFc",
"container": "rs",
"linkTarget": "_blank",
"verticalSpacing": 8,
"lines": 3,

"colorTitleLink": "#079ce9",
"colorBackground": "transparent",
"colorAttribution": "#999",
"fontFamily": "Arial",
"fontFamilyAttribution": "arial",
"fontSizeTitle": "14px",
"fontSizeDescription": 14,
"fontSizeDomainLink": 16,
"fontSizeAttribution": "13px",
"fontSizePlusOnes": 13,
"fontSizeLocation": 13,
"titleBold": false,
"rolloverLinkColor": "#00c800",
"noTitleUnderline": false,
"adIconPageLocation": "ad-left",
"adIconUrl": "http://afs.googleusercontent.com/dp-rookmedia/blublack-arrow-v1.gif",
"adIconWidth": 19,
"adIconHeight": 18,
"adIconLocation": "ad-left",
"adIconSpacingAbove": 4,
"adIconSpacingBefore": 10,
"adIconSpacingAfter": 10,
"lineHeightTitle": 26,
"plaFormat": "twoColumn",
"attributionSpacingBelow": 10,
"resultsPageBaseUrl":
"http://ww41.cainsmedbilling.com/?ga=CWkwcImcXUqhLjP4DvD3D1%2FPTQ2NX4DMe9u5DYJLKJs%2B
rHEB%2BHN54OJyIPkeDF1ILGNy%2F0XoAVKjOr5DFvpT%2FiO7U33EeQ3YrnzNMsNIViuwwP6CnsA%2
B3pHHjnEjM7E1vfY1Yv43wTihIjf9%2Bhn68pLPCPWetjQqk4TRdPdbnojKxSDhGqwxx9cHSiUni%2BuBRXy
AIPFnjatxd%2BUN3gU08w%3D%3D&gqsg=FSSOBizavm3rvoQ4CVVi6G%2B2gHQJxEjrdOTi1c%2Bsixpe
uizMZJFWQlPA6WB%2B0coM&maxads=0&gerf=H620eEcxyAk0vKc8LwzBDJg4pwNnfGYTCOMi%2B%2
BoVoyk%3D&",
"type": "relatedsearch",
"columns": 1,
"horizontalAlignment": "left",
"resultsPageQueryParam": "query",
"searchBoxMethod": "get",
"attributionBold": true
},
"slave-3-1": {
"clicktrackUrl":
"http://ww41.cainsmedbilling.com/rg-cltrack.php?&gr=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fgoogle.com%2F%3FRMGcaf%26
1415334804&gm=%2Bkco7TTyoqI4c43QfHDQ4pqlnqp6WFH0SAO3oC8z7445VkYJkgVaxJV52%2FK5T
WjmS%2FIisWxiykYPBUNZjyEepzcQEWh7ww25aeMVWzYRphJV8TwB6OqZEyLoJ63bGl00Pz2hk7SITrt
hf5t%2F6hKeGzNSz4Gmh1bPLUDpok7ICM6KSgv8ceKTdpnPgVvNFFYu&gc=1117162880404930418391
7&gi=vN2iaPKnIMq469YWSJ6iuS13NRNn%2F9jQM4Gd%2FPX3ApR3JeM0zNLoXZc80v160xLKCG%2FX
ea6%2Fi9MCK0aHJhrLsTBhCGFKFca2%2FJadJDXQIXWfs7C844m6Tpuq1IvyV2kmwId50FyEndoea3Gw
DoRpdr%2Fe0OXItP3BC83Lp8abPA5Sgy3qnqrZvc61kuZ8Aa%2Bs7NZxzoO7FQQkPPyGEwuZW6Xgbef
%2FzD2mpnrD5kryLPYCwbpwWb%2F9BwxWf9ag65OGEicYqd%2FyZ7OP%2BpqtLmVAYnlKLNek3pW
mTO5OmaHz1kLH57w%2BNauvB6HbQCYcvzFc",
"container": "footermenu",
"linkTarget": "_blank",
"lines": 3,

"colorTitleLink": "#079ce9",
"colorBackground": "transparent",
"colorAttribution": "#999",
"fontFamily": "verdana",
"fontFamilyAttribution": "Arial",
"fontSizeTitle": "14px",
"fontSizeDescription": 14,
"fontSizeDomainLink": 16,
"fontSizeAttribution": "13px",
"fontSizePlusOnes": 13,
"fontSizeLocation": 13,
"titleBold": false,
"rolloverLinkColor": "#00c800",
"noTitleUnderline": false,
"adIconPageLocation": "ad-left",
"adIconLocation": "ad-left",
"lineHeightTitle": 20,
"plaFormat": "twoColumn",
"resultsPageBaseUrl":
"http://ww41.cainsmedbilling.com/?ga=CWkwcImcXUqhLjP4DvD3D1%2FPTQ2NX4DMe9u5DYJLKJs%2B
rHEB%2BHN54OJyIPkeDF1ILGNy%2F0XoAVKjOr5DFvpT%2FiO7U33EeQ3YrnzNMsNIViuwwP6CnsA%2
B3pHHjnEjM7E1vfY1Yv43wTihIjf9%2Bhn68pLPCPWetjQqk4TRdPdbnojKxSDhGqwxx9cHSiUni%2BuBRXy
AIPFnjatxd%2BUN3gU08w%3D%3D&gqsg=FSSOBizavm3rvoQ4CVVi6G%2B2gHQJxEjrdOTi1c%2Bsixpe
uizMZJFWQlPA6WB%2B0coM&maxads=0&gerf=H620eEcxyAk0vKc8LwzBDJg4pwNnfGYTCOMi%2B%2
BoVoyk%3D&",
"type": "relatedsearch",
"columns": 1,
"columnSpacing": 10,
"horizontalFlow": true,
"horizontalAlignment": "left",
"resultsPageQueryParam": "query",
"searchBoxMethod": "get",
"attributionBold": true
},
"master-1": {
"clicktrackUrl":
"http://ww41.cainsmedbilling.com/rg-cltrack.php?&gr=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fgoogle.com%2F%3FRMGcaf%26
1415334804&gm=%2Bkco7TTyoqI4c43QfHDQ4pqlnqp6WFH0SAO3oC8z7445VkYJkgVaxJV52%2FK5T
WjmS%2FIisWxiykYPBUNZjyEepzcQEWh7ww25aeMVWzYRphJV8TwB6OqZEyLoJ63bGl00Pz2hk7SITrt
hf5t%2F6hKeGzNSz4Gmh1bPLUDpok7ICM6KSgv8ceKTdpnPgVvNFFYu&gc=1117162880404930418391
7&gi=vN2iaPKnIMq469YWSJ6iuS13NRNn%2F9jQM4Gd%2FPX3ApR3JeM0zNLoXZc80v160xLKCG%2FX
ea6%2Fi9MCK0aHJhrLsTBhCGFKFca2%2FJadJDXQIXWfs7C844m6Tpuq1IvyV2kmwId50FyEndoea3Gw
DoRpdr%2Fe0OXItP3BC83Lp8abPA5Sgy3qnqrZvc61kuZ8Aa%2Bs7NZxzoO7FQQkPPyGEwuZW6Xgbef
%2FzD2mpnrD5kryLPYCwbpwWb%2F9BwxWf9ag65OGEicYqd%2FyZ7OP%2BpqtLmVAYnlKLNek3pW
mTO5OmaHz1kLH57w%2BNauvB6HbQCYcvzFc",
"container": "ads",
"linkTarget": "_blank",
"verticalSpacing": 2,
"lines": 3,
"colorAdBorder": "#303030",
"colorText": "#868686",
"colorTitleLink": "#fff",
"colorDomainLink": "#079CE9",

"colorBackground": "transparent",
"colorAttribution": "#999",
"fontFamily": "Arial",
"fontFamilyAttribution": "arial",
"fontSizeTitle": "22px",
"fontSizeDescription": "16px",
"fontSizeDomainLink": "16px",
"fontSizeAttribution": "13px",
"fontSizePlusOnes": 13,
"fontSizeLocation": 13,
"rolloverLinkColor": "#00c800",
"noTitleUnderline": false,
"attributionText": "Ads",
"adBorderSelections": "bottom",
"adIconPageLocation": "ad-left",
"adIconUrl": "http://afs.googleusercontent.com/dp-rookmedia/blublack-arrow-v2.gif",
"adIconWidth": 14,
"adIconHeight": 23,
"adIconLocation": "ad-left",
"adIconSpacingAbove": 9,
"adIconSpacingBefore": 10,
"adIconSpacingAfter": 10,
"lineHeightTitle": 30,
"lineHeightDescription": 28,
"lineHeightDomainLink": 28,
"plaFormat": "twoColumn",
"resultsPageBaseUrl":
"http://ww41.cainsmedbilling.com/?ga=CWkwcImcXUqhLjP4DvD3D1%2FPTQ2NX4DMe9u5DYJLKJs%2B
rHEB%2BHN54OJyIPkeDF1ILGNy%2F0XoAVKjOr5DFvpT%2FiO7U33EeQ3YrnzNMsNIViuwwP6CnsA%2
B3pHHjnEjM7E1vfY1Yv43wTihIjf9%2Bhn68pLPCPWetjQqk4TRdPdbnojKxSDhGqwxx9cHSiUni%2BuBRXy
AIPFnjatxd%2BUN3gU08w%3D%3D&gqsg=FSSOBizavm3rvoQ4CVVi6G%2B2gHQJxEjrdOTi1c%2Bsixpe
uizMZJFWQlPA6WB%2B0coM&maxads=0&gerf=H620eEcxyAk0vKc8LwzBDJg4pwNnfGYTCOMi%2B%2
BoVoyk%3D&",
"type": "ads",
"columns": 1,
"horizontalAlignment": "left",
"resultsPageQueryParam": "query",
"searchBoxMethod": "get",
"attributionBold": true
}
})

Executed Writes (1)

#1 JavaScript::Write (size: 143, repeated: 2)
<script
src="//www.google.com/ads/search/module/ads/1.0/f989be5a68c10802dc25c103b04bdec3aa0777d4/n/d
omains.js"
type="text/javascript">
</script>

HTTP Transactions (21)

Request

Response

GET / HTTP/1.1
Host: cainsmedbilling.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept:
text/html,application/xhtml+xml,application/x
ml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
GET /rmgpsc/7867/logo1.png HTTP/1.1
Host: d.rmgserving.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate

69.43.161.164
HTTP/1.0 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
Date: Fri, 07 Nov 2014 04:33:23 GMT
Server: Apache
X-Powered-By: PHP/5.3.3-7+squeeze22
Location: http://ww41.cainsmedbilling.com/
Content-Length: 0
Connection: keep-alive

195.159.219.19
HTTP/1.0 200 OK
Content-Type: image/png
Server: nginx
Content-Length: 5019
Accept-Ranges: bytes
Last-Modified: Wed, 17 Jul 2013 12:37:08
GMT
Etag: "51e68ff4-139b"
Cache-Control: public, max-age=83918
Expires: Sat, 08 Nov 2014 00:54:41 GMT

Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/

GET /adsense/domains/caf.js HTTP/1.1

Host: www.google.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/

GET
/ads/search/module/ads/1.0/f989be5a68c1
0802dc25c103b04bdec3aa0777d4/n/dom
ains.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/

Date: Fri, 07 Nov 2014 01:36:03 GMT

Age: 10642
Connection: keep-alive

74.125.232.240
HTTP/1.0 200 OK
Content-Type: text/javascript;
charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 07 Nov 2014 04:33:25 GMT
Expires: Fri, 07 Nov 2014 04:33:25 GMT
Cache-Control: private, max-age=3600
X-Content-Type-Options: nosniff
Content-Disposition: attachment;
filename="f.txt"
Content-Encoding: gzip
Server: amfe
Content-Length: 215
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alternate-Protocol: 80:quic,p=0.01
Connection: keep-alive
74.125.232.240
HTTP/1.0 200 OK
Content-Type: text/javascript;
charset=UTF-8
Vary: Accept-Encoding
Date: Thu, 06 Nov 2014 14:14:20 GMT
Expires: Fri, 06 Nov 2015 14:14:20 GMT
Cache-Control: public,
max-age=31536000
Etag:
"mf989be5a68c10802dc25c103b04b
dec3aa0777d4"
X-Content-Type-Options: nosniff
Content-Disposition: attachment;
filename="f.txt"
Content-Encoding: gzip
Server: amfe
Content-Length: 59917
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

Alternate-Protocol: 80:quic,p=0.01
Age: 51545
Connection: keep-alive
GET /rmgpsc/7867/body-bg.gif HTTP/1.1
Host: d.rmgserving.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/
GET /rmgpsc/7867/header-bg.jpg
HTTP/1.1
Host: b.rmgserving.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/
GET /rmgpsc/7867/header-bg.jpg
HTTP/1.1
Host: a.rmgserving.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)

195.159.219.19
HTTP/1.0 200 OK
Content-Type: image/gif
Server: nginx
Content-Length: 1330
Last-Modified: Thu, 11 Jul 2013 12:19:05
GMT
Etag: "51dea2b9-532"
Accept-Ranges: bytes
Cache-Control: public, max-age=73725
Expires: Sat, 08 Nov 2014 00:55:11 GMT
Date: Fri, 07 Nov 2014 04:26:26 GMT
Age: 419
Connection: keep-alive

195.159.219.9
HTTP/1.0 200 OK
Content-Type: image/jpeg
Server: nginx
Content-Length: 12805
Accept-Ranges: bytes
Last-Modified: Thu, 11 Jul 2013 12:19:08
GMT
Etag: "51dea2bc-3205"
Cache-Control: public, max-age=81632
Expires: Sat, 08 Nov 2014 00:54:40 GMT
Date: Fri, 07 Nov 2014 02:14:08 GMT
Age: 8357
Connection: keep-alive

195.159.219.19
HTTP/1.0 200 OK
Content-Type: image/jpeg
Server: nginx
Content-Length: 12805
Last-Modified: Thu, 11 Jul 2013 12:19:08
GMT
Etag: "51dea2bc-3205"

Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/

GET / HTTP/1.1
Host: ww41.cainsmedbilling.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept:
text/html,application/xhtml+xml,application/x
ml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

GET /rmgdsc/newcaf.js?5.1 HTTP/1.1

Host: a.rmgserving.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: */*

Accept-Ranges: bytes
Cache-Control: public, max-age=73275
Expires: Sat, 08 Nov 2014 00:54:40 GMT
Date: Fri, 07 Nov 2014 04:33:25 GMT
Connection: keep-alive

141.8.224.79
HTTP/1.0 200 OK
Content-Type: text/html; charset=UTF-8
Date: Fri, 07 Nov 2014 04:33:24 GMT
Server: Apache
Set-Cookie:
gvc=917vr1628804048404183;
expires=Wed, 06-Nov-2019 04:33:24
GMT; path=/;
domain=ww41.cainsmedbilling.com;
httponly
Cache-Control: no-store, no-cache,
must-revalidate, post-check=0,
pre-check=0
Pragma: no-cache
X-Adblock-Key:
MFwwDQYJKoZIhvcNAQEBBQADSwAwS
AJBAKrfIMFkSaoTSqKmC+BrghK0CpDHc
0MuVzmMHin8LIORhpXbped+iYhSnZurW
nEO0zcKcVIrzp026LVc5pMB9bUCAwEAA
Q==_eHs+TY7yVEXdXGTfrFCJ2B/D4Eh0
qXy5IYr/LO7HQf1Usgv5KM9yb983Kf5NP
Zphn14fPfAORB3+uOpwKaFzvA==
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6699
Connection: keep-alive
195.159.219.19
HTTP/1.0 200 OK
Content-Type: application/x-javascript
Server: nginx
Content-Length: 8424
Last-Modified: Thu, 26 Jun 2014 07:13:55
GMT
Etag: "53abc833-20e8"

Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/

Accept-Ranges: bytes
Cache-Control: public, max-age=30903
Expires: Fri, 07 Nov 2014 13:08:28 GMT
Date: Fri, 07 Nov 2014 04:33:25 GMT
Connection: keep-alive

GET /static/caf/slave.html HTTP/1.1

Host: dp.g.doubleclick.net

173.194.112.205
HTTP/1.0 200 OK
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Wed, 18 Sep 2013
22:34:18 GMT
Content-Length: 706
Cache-Control: public, max-age=3600
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Google-Cookies-Blocked: test_cookie=
Date: Fri, 07 Nov 2014 03:34:56 GMT
Expires: Fri, 07 Nov 2014 04:34:56 GMT
Server: GFE/2.0
Alternate-Protocol: 80:quic,p=0.01
Age: 3508
Connection: keep-alive

User-Agent: Mozilla/5.0 (compatible; MSIE

10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept:
text/html,application/xhtml+xml,application/x
ml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/
GET
/domainads/tracking/caf.gif?ts=141533480
5221&rid=3594178 HTTP/1.1
Host: www.gstatic.com
GET
/domainads/tracking/caf.gif?ts=141533480
5221&rid=3594178 HTTP/1.1
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115

173.194.112.215
HTTP/1.0 200 OK
Content-Type: image/gif
Last-Modified: Fri, 01 Jun 2012 22:49:22
GMT
Date: Fri, 07 Nov 2014 04:33:25 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 43
X-XSS-Protection: 1; mode=block
Alternate-Protocol: 80:quic,p=0.01
Connection: keep-alive

Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/
GET
/apps/domainpark/domainpark.cgi?max_ra
dlink_len=40&r=m&fexp=21404&domain_n
ame=cainsmedbilling.com&client=dp-rookm
edia31_3ph_js&channel=030033&hl=no&a
dtest=off&type=0&kw=cains%2Bmed%2Bb
illing&drid=as-drid-2119573669289142&o
e=UTF-8&ie=UTF-8&format=p5%7Cs%7
Cr8%7Cr3&ad=a5&adrep=2&num=0&outp
ut=caf&v=3&allwcallad=1&adext=as1%2Cs
r1%2Cctc1&u_his=1&u_tz=60&dt=141533
4805231&u_w=1176&u_h=885&biw=1176
&bih=775&psw=1176&psh=282&frm=0&ui
o=uv3cs1ff1sa13fa2sl1sr1cc1-af3ff2st22s
d16sv16lt30ld28lv28--ff2st14lt26-fa2st14lt
20&rurl=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fww41.cainsmed
billing.com%2F HTTP/1.1
Host: dp.g.doubleclick.net
GET
/apps/domainpark/domainpark.cgi?max_ra
dlink_len=40&r=m&fexp=21404&
amp;domain_name=cainsmedbilling.com&a
mp;client=dp-rookmedia31_3ph_js&ch
annel=030033&hl=no&adtest=off
&type=0&kw=cains%2Bmed%2B
billing&drid=as-drid-21195736692891
42&oe=UTF-8&ie=UTF-8&f
ormat=p5%7Cs%7Cr8%7Cr3&ad=a5
&adrep=2&num=0&output=c
af&v=3&allwcallad=1&adext
=as1%2Csr1%2Cctc1&u_his=1&amp
;u_tz=60&dt=1415334805231&u
_w=1176&u_h=885&biw=1176&
amp;bih=775&psw=1176&psh=2
82&frm=0&uio=uv3cs1ff1sa13fa
2sl1sr1cc1-af3ff2st22sd16sv16lt30ld28lv2
8--ff2st14lt26-fa2st14lt20&rurl=http%
3A%2F%2Fww41.cainsmedbilling.com%2F
HTTP/1.1
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;

173.194.112.205
HTTP/1.0 200 OK
Content-Type: text/html; charset=UTF-8
P3P:
policyref="http://googleads.g.doublecli
ck.net/pagead/gcn_p3p_.xml",
CP="CURa ADMa DEVa TAIo PSAo
PSDo OUR IND UNI PUR INT DEM STA
PRE COM NAV OTC NOI DSP
COR"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Fri, 07 Nov 2014 04:33:25 GMT
Server: domainserver
Cache-Control: private
Content-Length: 3689
X-XSS-Protection: 1; mode=block
Alternate-Protocol: 80:quic,p=0.01
Set-Cookie:
test_cookie=CheckForPermission;
expires=Fri, 07-Nov-2014 04:48:25 GMT;
path=/; domain=.doubleclick.net
Expires: Fri, 07 Nov 2014 04:33:25 GMT
Connection: keep-alive

InfoPath.2; SV1; .NET CLR 2.0.50727;

WOW64)
Accept:
text/html,application/xhtml+xml,application/x
ml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/
GET
/favicon?q=tbn:ANd9GcTUIVliBcUfYAiz-CVPAzg0a8uddhrZwGnaVIFgw4oCGHV0Ax
ZMEPrvDu1qduhw7Oe7ddJ HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer:
http://dp.g.doubleclick.net/apps/domainpark/
domainpark.cgi?max_radlink_len=40&
r=m&fexp=21404&domain_name
=cainsmedbilling.com&client=dp-rook
media31_3ph_js&channel=030033&a
mp;hl=no&adtest=off&type=0&a
mp;kw=cains%2Bmed%2Bbilling&drid
=as-drid-2119573669289142&oe=UT
F-8&ie=UTF-8&format=p5%7Cs
%7Cr8%7Cr3&ad=a5&adrep=2&
amp;num=0&output=caf&v=3&a
mp;allwcallad=1&adext=as1%2Csr1%
2Cctc1&u_his=1&u_tz=60&
dt=1415334805231&u_w=1176&
u_h=885&biw=1176&bih=775&a

173.194.112.210
HTTP/1.0 200 OK
Content-Type: image/png
Last-Modified: Sat, 25 Oct 2014 21:48:58
GMT
Date: Wed, 29 Oct 2014 07:51:27 GMT
Expires: Thu, 29 Oct 2015 07:51:27 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 237
X-XSS-Protection: 1; mode=block
Cache-Control: public,
max-age=31536000
Age: 765718
Alternate-Protocol: 80:quic,p=0.01
Connection: keep-alive

mp;psw=1176&psh=282&frm=0&
amp;uio=uv3cs1ff1sa13fa2sl1sr1cc1-af3ff
2st22sd16sv16lt30ld28lv28--ff2st14lt26-fa
2st14lt20&rurl=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fww4
1.cainsmedbilling.com%2F

GET /dp-rookmedia/blublack-arrow-v1.gif
HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer:
http://dp.g.doubleclick.net/apps/domainpark/
domainpark.cgi?max_radlink_len=40&
r=m&fexp=21404&domain_name
=cainsmedbilling.com&client=dp-rook
media31_3ph_js&channel=030033&a
mp;hl=no&adtest=off&type=0&a
mp;kw=cains%2Bmed%2Bbilling&drid
=as-drid-2119573669289142&oe=UT
F-8&ie=UTF-8&format=p5%7Cs
%7Cr8%7Cr3&ad=a5&adrep=2&
amp;num=0&output=caf&v=3&a
mp;allwcallad=1&adext=as1%2Csr1%
2Cctc1&u_his=1&u_tz=60&
dt=1415334805231&u_w=1176&
u_h=885&biw=1176&bih=775&a
mp;psw=1176&psh=282&frm=0&
amp;uio=uv3cs1ff1sa13fa2sl1sr1cc1-af3ff
2st22sd16sv16lt30ld28lv28--ff2st14lt26-fa
2st14lt20&rurl=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fww4
1.cainsmedbilling.com%2F
GET
/favicon?q=tbn:ANd9GcRPEwQ4V2BH_R

173.194.112.203
HTTP/1.0 200 OK
Content-Type: image/gif
Last-Modified: Tue, 06 Aug 2013 20:41:18
GMT
Date: Fri, 07 Nov 2014 00:39:45 GMT
Expires: Fri, 07 Nov 2014 23:39:45 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 1391
X-XSS-Protection: 1; mode=block
Age: 14020
Cache-Control: public, max-age=82800
Alternate-Protocol: 80:quic,p=0.01
Connection: keep-alive

173.194.112.210
HTTP/1.0 200 OK

GUiC7QCTHgBCZL4lv92X_tBpZpP-IMmu
UUGFpdyUluDbp6yuJylrqY HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer:
http://dp.g.doubleclick.net/apps/domainpark/
domainpark.cgi?max_radlink_len=40&
r=m&fexp=21404&domain_name
=cainsmedbilling.com&client=dp-rook
media31_3ph_js&channel=030033&a
mp;hl=no&adtest=off&type=0&a
mp;kw=cains%2Bmed%2Bbilling&drid
=as-drid-2119573669289142&oe=UT
F-8&ie=UTF-8&format=p5%7Cs
%7Cr8%7Cr3&ad=a5&adrep=2&
amp;num=0&output=caf&v=3&a
mp;allwcallad=1&adext=as1%2Csr1%
2Cctc1&u_his=1&u_tz=60&
dt=1415334805231&u_w=1176&
u_h=885&biw=1176&bih=775&a
mp;psw=1176&psh=282&frm=0&
amp;uio=uv3cs1ff1sa13fa2sl1sr1cc1-af3ff
2st22sd16sv16lt30ld28lv28--ff2st14lt26-fa
2st14lt20&rurl=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fww4
1.cainsmedbilling.com%2F
GET
/favicon?q=tbn:ANd9GcQoitaZkKKlBTl9XF
pijdwl0mCt4fqcJ2JOsdmhEZifDyvKLUI0xe
Rb2ecpFvmPITlw5knj-lyH HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;

Content-Type: image/png
Last-Modified: Tue, 14 Oct 2014 21:12:13
GMT
Date: Wed, 29 Oct 2014 08:18:00 GMT
Expires: Thu, 29 Oct 2015 08:18:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 328
X-XSS-Protection: 1; mode=block
Cache-Control: public,
max-age=31536000
Age: 764125
Alternate-Protocol: 80:quic,p=0.01
Connection: keep-alive

173.194.112.212
HTTP/1.0 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 22 Oct 2014 13:02:12
GMT
Date: Wed, 29 Oct 2014 09:11:44 GMT
Expires: Thu, 29 Oct 2015 09:11:44 GMT
X-Content-Type-Options: nosniff
Server: sffe

InfoPath.2; SV1; .NET CLR 2.0.50727;

WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer:
http://dp.g.doubleclick.net/apps/domainpark/
domainpark.cgi?max_radlink_len=40&
r=m&fexp=21404&domain_name
=cainsmedbilling.com&client=dp-rook
media31_3ph_js&channel=030033&a
mp;hl=no&adtest=off&type=0&a
mp;kw=cains%2Bmed%2Bbilling&drid
=as-drid-2119573669289142&oe=UT
F-8&ie=UTF-8&format=p5%7Cs
%7Cr8%7Cr3&ad=a5&adrep=2&
amp;num=0&output=caf&v=3&a
mp;allwcallad=1&adext=as1%2Csr1%
2Cctc1&u_his=1&u_tz=60&
dt=1415334805231&u_w=1176&
u_h=885&biw=1176&bih=775&a
mp;psw=1176&psh=282&frm=0&
amp;uio=uv3cs1ff1sa13fa2sl1sr1cc1-af3ff
2st22sd16sv16lt30ld28lv28--ff2st14lt26-fa
2st14lt20&rurl=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fww4
1.cainsmedbilling.com%2F
GET
/favicon?q=tbn:ANd9GcQzhthBZqzoLstNL
JNsJ5MDFJasmuDb2tDHdmdpLIEg97KLt
PA-281umzg8wlUe4-TsYuzBYCM
HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate

Content-Length: 512
X-XSS-Protection: 1; mode=block
Cache-Control: public,
max-age=31536000
Age: 760901
Alternate-Protocol: 80:quic,p=0.01
Connection: keep-alive

173.194.112.208
HTTP/1.0 404 Not Found
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Fri, 07 Nov 2014 04:33:25 GMT
Server: sffe
Content-Length: 726
X-XSS-Protection: 1; mode=block
Alternate-Protocol: 80:quic,p=0.01
Connection: close

Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer:
http://dp.g.doubleclick.net/apps/domainpark/
domainpark.cgi?max_radlink_len=40&
r=m&fexp=21404&domain_name
=cainsmedbilling.com&client=dp-rook
media31_3ph_js&channel=030033&a
mp;hl=no&adtest=off&type=0&a
mp;kw=cains%2Bmed%2Bbilling&drid
=as-drid-2119573669289142&oe=UT
F-8&ie=UTF-8&format=p5%7Cs
%7Cr8%7Cr3&ad=a5&adrep=2&
amp;num=0&output=caf&v=3&a
mp;allwcallad=1&adext=as1%2Csr1%
2Cctc1&u_his=1&u_tz=60&
dt=1415334805231&u_w=1176&
u_h=885&biw=1176&bih=775&a
mp;psw=1176&psh=282&frm=0&
amp;uio=uv3cs1ff1sa13fa2sl1sr1cc1-af3ff
2st22sd16sv16lt30ld28lv28--ff2st14lt26-fa
2st14lt20&rurl=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fww4
1.cainsmedbilling.com%2F
GET
/favicon?q=tbn:ANd9GcTSGPllkUTRF4AA
H7LQsaC9AOT9Ndu_fVGmfmmfiwSBHnf
sGHkj2L_IwDmmSKixag HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer:
http://dp.g.doubleclick.net/apps/domainpark/
domainpark.cgi?max_radlink_len=40&

173.194.112.212
HTTP/1.0 404 Not Found
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Fri, 07 Nov 2014 04:33:25 GMT
Server: sffe
Content-Length: 726
X-XSS-Protection: 1; mode=block
Alternate-Protocol: 80:quic,p=0.01
Connection: close

r=m&fexp=21404&domain_name
=cainsmedbilling.com&client=dp-rook
media31_3ph_js&channel=030033&a
mp;hl=no&adtest=off&type=0&a
mp;kw=cains%2Bmed%2Bbilling&drid
=as-drid-2119573669289142&oe=UT
F-8&ie=UTF-8&format=p5%7Cs
%7Cr8%7Cr3&ad=a5&adrep=2&
amp;num=0&output=caf&v=3&a
mp;allwcallad=1&adext=as1%2Csr1%
2Cctc1&u_his=1&u_tz=60&
dt=1415334805231&u_w=1176&
u_h=885&biw=1176&bih=775&a
mp;psw=1176&psh=282&frm=0&
amp;uio=uv3cs1ff1sa13fa2sl1sr1cc1-af3ff
2st22sd16sv16lt30ld28lv28--ff2st14lt26-fa
2st14lt20&rurl=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttp%2Fww4
1.cainsmedbilling.com%2F
GET /favicon.ico HTTP/1.1
Host: ww41.cainsmedbilling.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: gvc=917vr1628804048404183
GET
/rg-logcafrep.php?lgky=Qlg3RmZHaWg3R
0oxRXFNSEplT0I3QjQzM252MkkyejBUcU
dkbjdKMVVlWllYN24vMFNETDc2b3RWa0
VYSFJvN3RnbnhRZ2duUEd1ZTE3WkNL
SXdoVTRRMW85QWJadkwvbERrQ3JoU
0xlMFNkSXJYMTRZNENUb05NVGpxSUx
WN2tPc2ZZSEo3Q3dobVFLMmtVbTRUZ
HRRPT0%3D&client=ca-dp-rookmedia31_
3ph_js&feed=afc&adult=false HTTP/1.1
Host: ww41.cainsmedbilling.com

141.8.224.79
HTTP/1.0 404 Not Found
Content-Type: text/html;
charset=iso-8859-1
Date: Fri, 07 Nov 2014 04:33:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30
Connection: close

141.8.224.79
HTTP/1.0 200 OK
Content-Type: text/javascript
Date: Fri, 07 Nov 2014 04:33:26 GMT
Server: Apache
Cache-Control: no-store, no-cache,
must-revalidate, post-check=0,
pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent

GET
/rg-logcafrep.php?lgky=Qlg3RmZHaWg3R
0oxRXFNSEplT0I3QjQzM252MkkyejBUcU
dkbjdKMVVlWllYN24vMFNETDc2b3RWa0
VYSFJvN3RnbnhRZ2duUEd1ZTE3WkNL
SXdoVTRRMW85QWJadkwvbERrQ3JoU
0xlMFNkSXJYMTRZNENUb05NVGpxSUx
WN2tPc2ZZSEo3Q3dobVFLMmtVbTRUZ
HRRPT0%3D&client=ca-dp-rookmedi
a31_3ph_js&feed=afc&adult=fals
e HTTP/1.1

Content-Encoding: gzip
Content-Length: 20
Connection: keep-alive

User-Agent: Mozilla/5.0 (compatible; MSIE

10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww41.cainsmedbilling.com/
Cookie: gvc=917vr1628804048404183
GET /favicon.ico HTTP/1.1
Host: ww41.cainsmedbilling.com
User-Agent: Mozilla/5.0 (compatible; MSIE
10.0; Windows NT 6.1; Trident/4.0;
InfoPath.2; SV1; .NET CLR 2.0.50727;
WOW64)
Accept:
text/html,application/xhtml+xml,application/x
ml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: gvc=917vr1628804048404183

Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming
From Everand
Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming
Matthew Hickey
3/5 (3)
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
From Everand
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
Redouane MEDDANE
No ratings yet
Hacking Connected Cars: Tactics, Techniques, and Procedures
From Everand
Hacking Connected Cars: Tactics, Techniques, and Procedures
Alissa Knight
No ratings yet
Coding Notes - Billing & Coding Pocket Guide
88% (8)
Coding Notes - Billing & Coding Pocket Guide
238 pages
Phpmyadmin Curs F Imp
No ratings yet
Phpmyadmin Curs F Imp
48 pages
Fundamentos de Seguridad de la Red
From Everand
Fundamentos de Seguridad de la Red
NUMA EDITORIAL
No ratings yet
SSL VPN : Understanding, evaluating and planning secure, web-based remote access
From Everand
SSL VPN : Understanding, evaluating and planning secure, web-based remote access
Tim Speed
No ratings yet
WordPress 3 Ultimate Security
From Everand
WordPress 3 Ultimate Security
Olly Connelly
4.5/5 (1)
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
From Everand
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
Allen Lee
4.5/5 (6)
The Complete Guide to Parrot OS: Ethical Hacking and Cybersecurity
From Everand
The Complete Guide to Parrot OS: Ethical Hacking and Cybersecurity
Robert Johnson
No ratings yet
Practical Guide to Penetration Testing: Breaking and Securing Systems
From Everand
Practical Guide to Penetration Testing: Breaking and Securing Systems
Peter Johnson
No ratings yet
Basic Setup of FortiGate Firewall
From Everand
Basic Setup of FortiGate Firewall
Dr. Hidaia Mahmood Alassouli
No ratings yet
Mastering Kali Linux for Advanced Penetration Testing
From Everand
Mastering Kali Linux for Advanced Penetration Testing
Robert W. Beggs
4/5 (1)
Tails Operating System Essentials: Definitive Reference for Developers and Engineers
From Everand
Tails Operating System Essentials: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
Eforensics and Signal Intelligence for Everyone
From Everand
Eforensics and Signal Intelligence for Everyone
Eamon P. Doherty
4/5 (1)
OPNsense Configuration and Deployment Guide: Definitive Reference for Developers and Engineers
From Everand
OPNsense Configuration and Deployment Guide: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
OpenStack Cloud Security
From Everand
OpenStack Cloud Security
Fabio Alessandro Locati
No ratings yet
Zorin OS Administration and User Guide: Definitive Reference for Developers and Engineers
From Everand
Zorin OS Administration and User Guide: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
JUNOS OS For Dummies
From Everand
JUNOS OS For Dummies
Walter J. Goralski
No ratings yet
Understanding TCP/IP
From Everand
Understanding TCP/IP
Alena KabelovÃ¡
4/5 (2)
Mastering Metasploit
From Everand
Mastering Metasploit
Nipun Jaswal
No ratings yet
IDS and IPS with Snort 3: Get up and running with Snort 3 and discover effective solutions to your security issues
From Everand
IDS and IPS with Snort 3: Get up and running with Snort 3 and discover effective solutions to your security issues
Ashley Thomas
No ratings yet
Microsoft Windows Security Essentials
From Everand
Microsoft Windows Security Essentials
Darril Gibson
5/5 (1)
FreeBSD Mastery: Jails: IT Mastery, #15
From Everand
FreeBSD Mastery: Jails: IT Mastery, #15
Michael W. Lucas
5/5 (2)
Kali Linux 2 – Assuring Security by Penetration Testing - Third Edition
From Everand
Kali Linux 2 – Assuring Security by Penetration Testing - Third Edition
Shakeel Ali
No ratings yet
Building Telephony Systems with OpenSIPS - Second Edition
From Everand
Building Telephony Systems with OpenSIPS - Second Edition
Goncalves Flavio E.
No ratings yet
Defense in Depth
From Everand
Defense in Depth
Qasim
No ratings yet
Python-Powered Ethical Hacking: Building Advanced Cybersecurity Tools
From Everand
Python-Powered Ethical Hacking: Building Advanced Cybersecurity Tools
Peter Johnson
No ratings yet
Network Security Guidebook: Protocols and Techniques
From Everand
Network Security Guidebook: Protocols and Techniques
Peter Johnson
No ratings yet
Advanced Python for Cybersecurity: Techniques in Malware Analysis, Exploit Development, and Custom Tool Creation
From Everand
Advanced Python for Cybersecurity: Techniques in Malware Analysis, Exploit Development, and Custom Tool Creation
Adam Jones
No ratings yet
List Anti Rootkit & AntiVirus For Ubuntu, Linux & BSD: Edition 2018
From Everand
List Anti Rootkit & AntiVirus For Ubuntu, Linux & BSD: Edition 2018
Dragon Promedia Studio
No ratings yet
TCP / IP For Dummies
From Everand
TCP / IP For Dummies
Candace Leiden
5/5 (1)
FreeSWITCH 1.2
From Everand
FreeSWITCH 1.2
Anthony Minessale
No ratings yet
The OpenVPN Handbook: Secure Your Networks with Virtual Private Networking
From Everand
The OpenVPN Handbook: Secure Your Networks with Virtual Private Networking
Robert Johnson
No ratings yet
Basic Setup of FortiGate Firewall
From Everand
Basic Setup of FortiGate Firewall
Dr. Hidaia Mahmood Alassoulii
No ratings yet
Security+ Boot Camp Study Guide
From Everand
Security+ Boot Camp Study Guide
Chad Russell
5/5 (1)
SteamOS Deployment and Configuration: Definitive Reference for Developers and Engineers
From Everand
SteamOS Deployment and Configuration: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
CompTIA CySA+ Study Guide: Exam CS0-002
From Everand
CompTIA CySA+ Study Guide: Exam CS0-002
Mike Chapple
No ratings yet
Expert Linux Development: Mastering System Calls, Filesystems, and Inter-Process Communication
From Everand
Expert Linux Development: Mastering System Calls, Filesystems, and Inter-Process Communication
Adam Jones
No ratings yet
Cyber Sleuthing with Python: Crafting Advanced Security Tools
From Everand
Cyber Sleuthing with Python: Crafting Advanced Security Tools
Peter Jones
No ratings yet
Kali Linux – Assuring Security by Penetration Testing
From Everand
Kali Linux – Assuring Security by Penetration Testing
Shakeel Ali
3.5/5 (2)
Mobile Forensics – Advanced Investigative Strategies
From Everand
Mobile Forensics – Advanced Investigative Strategies
Oleg Afonin
No ratings yet
Mastering Nikto: A Comprehensive Guide to Web Vulnerability Scanning: Security Books
From Everand
Mastering Nikto: A Comprehensive Guide to Web Vulnerability Scanning: Security Books
Erwin Dirks
No ratings yet
Hack into your Friends Computer
From Everand
Hack into your Friends Computer
Magelan Cyber Security
No ratings yet
All My IT Tech Posts
From Everand
All My IT Tech Posts
Stephen Edwards
No ratings yet
Free Antivirus And Antimalware Software For Ubuntu & Linux Mint
From Everand
Free Antivirus And Antimalware Software For Ubuntu & Linux Mint
Cyber Jannah Studio
No ratings yet
Kali Linux 2: Windows Penetration Testing
From Everand
Kali Linux 2: Windows Penetration Testing
Wolf Halton
5/5 (1)
Mastering System Center Configuration Manager
From Everand
Mastering System Center Configuration Manager
Vangel Krstevski
No ratings yet
Untangle Network Security
From Everand
Untangle Network Security
Abd El-Monem A. El-Bawab
No ratings yet
CompTIA CySA+ Study Guide: Exam CS0-003
From Everand
CompTIA CySA+ Study Guide: Exam CS0-003
Mike Chapple
2/5 (1)
Computer Forensics JumpStart
From Everand
Computer Forensics JumpStart
Michael G. Solomon
3.5/5 (2)
Mastering Windows Network Forensics and Investigation
From Everand
Mastering Windows Network Forensics and Investigation
Steve Anson
3.5/5 (3)
Tasmota Integration and Configuration Guide: Definitive Reference for Developers and Engineers
From Everand
Tasmota Integration and Configuration Guide: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
13 Surgery (Perioperative Client) Nursing Care Plans - Nurseslabs
No ratings yet
13 Surgery (Perioperative Client) Nursing Care Plans - Nurseslabs
31 pages
Tarsal Tunnel Syndrome
No ratings yet
Tarsal Tunnel Syndrome
33 pages
billing-quick-reference-sheet
No ratings yet
billing-quick-reference-sheet
5 pages
Dyspnea and Bronchospasm From Inappropriate Postexercise Hyperventilation - Annals of Internal Medicine
No ratings yet
Dyspnea and Bronchospasm From Inappropriate Postexercise Hyperventilation - Annals of Internal Medicine
3 pages
Summary: CPT Coding For Pain Management Is Really A Hectic Task and Outsourcing
No ratings yet
Summary: CPT Coding For Pain Management Is Really A Hectic Task and Outsourcing
4 pages
Who’s the Boss_ The Organizational Impact of Bypassing the Chain of Command - Journal of Urgent Care Medicine
No ratings yet
Who’s the Boss_ The Organizational Impact of Bypassing the Chain of Command - Journal of Urgent Care Medicine
4 pages
Print Coupon
No ratings yet
Print Coupon
1 page
Cms 700
No ratings yet
Cms 700
2 pages
WP Experiment 7 and 8: EXP 7: Read An XML File Using DOM Parser API - Java Program
No ratings yet
WP Experiment 7 and 8: EXP 7: Read An XML File Using DOM Parser API - Java Program
4 pages
University of Pune Te (Computer Engineering) Semester I
No ratings yet
University of Pune Te (Computer Engineering) Semester I
38 pages
Mongo DB Final Lab Manual
No ratings yet
Mongo DB Final Lab Manual
25 pages
What Kind of Data Can Be Mined
No ratings yet
What Kind of Data Can Be Mined
6 pages
20f208-Java Mini Project - Merged
No ratings yet
20f208-Java Mini Project - Merged
18 pages
Informatica Interview Questions and Answers
No ratings yet
Informatica Interview Questions and Answers
5 pages
Django Aggregation Tutorial
No ratings yet
Django Aggregation Tutorial
4 pages
Computer Networks-Lab: Hareem Aslam Hareem - Aslam@pucit - Edu.pk
No ratings yet
Computer Networks-Lab: Hareem Aslam Hareem - Aslam@pucit - Edu.pk
24 pages
Yysdk Yym180and
No ratings yet
Yysdk Yym180and
126 pages
Linux For Devops
No ratings yet
Linux For Devops
6 pages
Hamming Code Explanation 1
No ratings yet
Hamming Code Explanation 1
4 pages
MPMC Digtal Notes
No ratings yet
MPMC Digtal Notes
129 pages
Network Protocols Explained
No ratings yet
Network Protocols Explained
3 pages
MCS 051
No ratings yet
MCS 051
23 pages
The Union, Intersect, Minus Operators
No ratings yet
The Union, Intersect, Minus Operators
4 pages
The Ldap Protocol
No ratings yet
The Ldap Protocol
24 pages
2024 06 23 - Log
No ratings yet
2024 06 23 - Log
11 pages
Standards Institute, Standards Planning and Requirements Committee, Is An Abstract Design
No ratings yet
Standards Institute, Standards Planning and Requirements Committee, Is An Abstract Design
4 pages
An Introduction To Relational Database Management System
No ratings yet
An Introduction To Relational Database Management System
8 pages
MIRO User Exit During SAVE Read Items
No ratings yet
MIRO User Exit During SAVE Read Items
3 pages
A225521651 - 28838 - 11 - 2023 - Simulation Questions
No ratings yet
A225521651 - 28838 - 11 - 2023 - Simulation Questions
4 pages
High Performance PostgreSQL For Rails Beta Reliable Scalable Maintainable Database Applications Andrew Atkinson All Chapter Instant Download
100% (13)
High Performance PostgreSQL For Rails Beta Reliable Scalable Maintainable Database Applications Andrew Atkinson All Chapter Instant Download
70 pages
Atlanta New
No ratings yet
Atlanta New
8 pages
Machine - Learning - Using - Python - Ipynb - Colaboratory
No ratings yet
Machine - Learning - Using - Python - Ipynb - Colaboratory
11 pages
Summary Functional Dependency
No ratings yet
Summary Functional Dependency
16 pages
Using Conquest On LINUX - Version 1.5.0 Mar 14, 2020: Installation
No ratings yet
Using Conquest On LINUX - Version 1.5.0 Mar 14, 2020: Installation
11 pages
Siebel Join Application
No ratings yet
Siebel Join Application
4 pages
Web Cast of Powershell
No ratings yet
Web Cast of Powershell
37 pages
NT - Nettap: The Universal Gateway
No ratings yet
NT - Nettap: The Universal Gateway
2 pages

Untitled

Uploaded by

Untitled

Uploaded by

Overview

AS22489 Castle Access Inc

2014-11-07 05:33:55 CET

Intrusion Detection Systems

Spamhaus DBL No alerts detected

Recent reports on same IP/ASN/Domain

Last 6 reports on ASN: AS22489 Castle Access Inc

Executed Writes (1)

HTTP Transactions (21)

GET /adsense/domains/caf.js HTTP/1.1

Date: Fri, 07 Nov 2014 01:36:03 GMT

GET /rmgdsc/newcaf.js?5.1 HTTP/1.1

GET /static/caf/slave.html HTTP/1.1

User-Agent: Mozilla/5.0 (compatible; MSIE

InfoPath.2; SV1; .NET CLR 2.0.50727;

InfoPath.2; SV1; .NET CLR 2.0.50727;

User-Agent: Mozilla/5.0 (compatible; MSIE

You might also like