Overview

URL askdots.com/
IP34.254.128.141
ASNAS22717 Halliburton Company
Location United States
Report completed2019-03-21 12:40:31 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-03-21 2 win.stack-prizes01.com/proc.php?5d6a2d4b74a42b0999f0f1b5a8a5e738bef04e82 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 34.254.128.141

Date UQ / IDS / BL URL IP
2019-02-28 19:23:52 +0100
0 - 0 - 0 cooffr.com/?a=3421&c=19366&s1=&s2=5e414004-c7 (...) 34.254.128.141
2019-02-24 01:12:37 +0100
0 - 0 - 1 https://afff.site/?a=3658 34.254.128.141

Last 10 reports on ASN: AS22717 Halliburton Company

Date UQ / IDS / BL URL IP
2019-04-17 00:28:18 +0200
0 - 0 - 1 iphoneoppgoa.jp/vpp 34.254.1.203
2019-04-07 23:02:18 +0200
0 - 0 - 1 paklina.org/index.php/profil/pengurus/dpp/dpd (...) 34.254.1.203
2019-04-04 07:07:28 +0200
0 - 0 - 1 apple.com.icloud.jp-server.jp/dxx 34.254.1.203
2019-04-02 14:39:34 +0200
0 - 0 - 0 www.seikotsu110.com/wp-content/themes/yoshika (...) 34.254.1.203
2019-04-01 17:02:26 +0200
0 - 0 - 1 icloud.jp-server.jp/jdr 34.254.1.203
2019-03-31 00:47:15 +0100
0 - 0 - 1 amazonidh.jp/49jhq 34.254.1.203
2019-03-30 03:14:30 +0100
0 - 0 - 2 box-jpn.com/IlOysTgNjFrGtHtEAwVo/index.php 34.254.1.203
2019-03-30 02:17:02 +0100
0 - 0 - 2 box-jpn.com/pjj 34.254.1.203
2019-03-30 01:49:48 +0100
0 - 0 - 2 box-jpn.com/bvv 34.254.1.203
2019-03-30 01:49:46 +0100
0 - 0 - 1 box-jpn.com/xrr 34.254.1.203

Last 1 reports on domain: askdots.com

Date UQ / IDS / BL URL IP
2019-04-08 05:06:14 +0200
0 - 0 - 1 askdots.com/ 52.214.2.140


JavaScript

Executed Scripts (18)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (37)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: askdots.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.214.2.140
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Date: Thu, 21 Mar 2019 11:39:58 GMT
Location: http://win.stack-prizes01.com/?utm_medium=0f9976f518c19bbfd969893fd3105db2fa2af9bb&utm_campaign=FB-G-NORS&1=-1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=LGTeau4zIPLVk4yvJ5mm4CkLT2OaYbWmhGpi6rKakLqvZAVVRDLHkw==; domain=.askdots.com; path=/; HttpOnly trk=kjNSOVDBB48dw+Y/P7aGBCkLT2OaYbWmhGpi6rKakLqvZAVVRDLHkw==; domain=.askdots.com; expires=Thu, 21-Mar-2024 18:39:58 GMT; path=/; HttpOnly
Content-Length: 235


--- Additional Info ---
Magic:  HTML document text
Size:   235
Md5:    21275da0af07aba40c2f503cb20f6a60
Sha1:   eca43c0ca22a8ea92136c6ec376243edfe7ebbc1
Sha256: 32deccc42bd0bfb5b5836d72c04b01963fe93c2066649df6f1e06d6e8dd32021
                                        
                                            GET /?utm_medium=0f9976f518c19bbfd969893fd3105db2fa2af9bb&utm_campaign=FB-G-NORS&1=-1 HTTP/1.1 
Host: win.stack-prizes01.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         198.143.165.219
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 21 Mar 2019 11:39:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: u=e4950a7c4df7b1eebdb2fb25b4e0bc3d; expires=Fri, 20-Mar-2020 11:39:58 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3698
Md5:    bf5f7b149fb361057996daa8210a76fb
Sha1:   f2a72557d5708ccdad85e0bbb5d12ac147ecc1d9
Sha256: 93d9442ccc34547f0d093b339ed5a68bfde7e428edf5d450842a4f9aa6151729
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: win.stack-prizes01.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: u=e4950a7c4df7b1eebdb2fb25b4e0bc3d

                                         
                                         198.143.165.219
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Thu, 21 Mar 2019 11:39:59 GMT
Content-Length: 1150
Last-Modified: Wed, 04 Oct 2017 19:16:17 GMT
Connection: keep-alive
Etag: "59d53381-47e"
Expires: Fri, 22 Mar 2019 11:39:59 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1150
Md5:    91abe01116ab422c598e9c8af72cf4da
Sha1:   0f2815fe8e067d48537ad168225ab4674271fa27
Sha256: b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
                                        
                                            GET /?utm_term=6670807474624266551&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab5b882b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafcfdf255 HTTP/1.1 
Host: win.stack-prizes01.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://win.stack-prizes01.com/?utm_medium=0f9976f518c19bbfd969893fd3105db2fa2af9bb&utm_campaign=FB-G-NORS&1=-1
Cookie: u=e4950a7c4df7b1eebdb2fb25b4e0bc3d

                                         
                                         198.143.165.219
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 21 Mar 2019 11:39:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1728
Md5:    f7aa8c5cc61e1f75cb394366e90810ca
Sha1:   ea8010084abd269debf0029459d4e9671fb3da93
Sha256: 378027da162337c16ff6152495e6397ec3c676150c2234526f436dbf09cf3359
                                        
                                            GET /proc.php?5d6a2d4b74a42b0999f0f1b5a8a5e738bef04e82 HTTP/1.1 
Host: win.stack-prizes01.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://win.stack-prizes01.com/?utm_term=6670807474624266551&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab5b882b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafcfdf255
Cookie: u=e4950a7c4df7b1eebdb2fb25b4e0bc3d

                                         
                                         198.143.165.219
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 21 Mar 2019 11:39:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tracking.marketing/e7acd77b-6484-4010-bef0-64552b7907f1?partner_id=672&pid=672-de47b151&payout=[[amount]]&clickid=6670807474624266551


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.217.43
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Mar 2019 21:07:48 GMT
Etag: 9C459F9D5D124380E70EE1C00BB069ACAA421F31
X-OCSP-Responder-ID: mcdpcaocsp12
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=292611
Expires: Sun, 24 Mar 2019 20:56:51 GMT
Date: Thu, 21 Mar 2019 11:40:00 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    eb5e48e557d61788fc48ba15c8542f60
Sha1:   9c459f9d5d124380e70ee1c00bb069acaa421f31
Sha256: ca5e61687903ff7a6755887298babd3796fc8c8fb82244198a86b1f42d1ff24d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.217.43
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Mar 2019 23:19:13 GMT
Etag: 0861053B8CDE8B73281393714A17EE670AD5353C
X-OCSP-Responder-ID: mcdpcaocsp5
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=300541
Expires: Sun, 24 Mar 2019 23:09:01 GMT
Date: Thu, 21 Mar 2019 11:40:00 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    e8b7143ae3df54f76d9478727827a4e7
Sha1:   0861053b8cde8b73281393714a17ee670ad5353c
Sha256: d89511de185cf1d5fbd6a146580a887b65c2e98f33b7ddd988f3910d407a3f6d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.217.81
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Mar 2019 23:19:13 GMT
Etag: 96669D3885A81C7CA4E86F0AA5BBC80F76195C71
X-OCSP-Responder-ID: mcdpcaocsp11
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=300493
Expires: Sun, 24 Mar 2019 23:08:13 GMT
Date: Thu, 21 Mar 2019 11:40:00 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e6107de1283b3f7949fd6524e0ccf6eb
Sha1:   96669d3885a81c7ca4e86f0aa5bbc80f76195c71
Sha256: 01a2ad4a38a4209bb14cba646a276935a9768b4dcbdb7fcf751721668aa82c3a
                                        
                                            GET /e7acd77b-6484-4010-bef0-64552b7907f1?partner_id=672&pid=672-de47b151&payout=[[amount]]&clickid=6670807474624266551 HTTP/1.1 
Host: tracking.marketing
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://win.stack-prizes01.com/?utm_term=6670807474624266551&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab5b882b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafcfdf255

                                         
                                         18.184.38.55
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Thu, 21 Mar 2019 11:40:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://www.microsoft.com-windows-fast-pc.live/tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=Dsm4xB2ZAallnzTWyJov66ks78poY4iql2JeBOqDzjAHTKGNglMRBUxfLOrD9H3KJpxQ-e7HB4fNqPsjdS77azDV0dTzKZuzmWy_j_n5tTkOAE_DNp3zsBzYJwi6rA6TAtwsYbytauTViMVnalYP1CbsQ_4YrInJq-wyfxDSOPQ1g9SqLDcxz3qXlPk6_0buLfXGpj3Pu5_FC6aCTB4DsFb_xBaQsLXbUI_5W14J5ar_4xplZLwhDpo9BecD5NU1&partner_id=672&pid=672-de47b151&payout=%5B%5Bamount%5D%5D&clickid=6670807474624266551
Pragma: no-cache
Set-Cookie: e7acd77b-6484-4010-bef0-64552b7907f1-v4=e7acd77b-6484-4010-bef0-64552b7907f1;domain=tracking.marketing;path=/;HttpOnly cep-v4=i_8Kli082mX_QDe5QhjpQkdKuRCea5_XAUyCWdd4v6bXApknbd7j-vJ6yppJbhC-1VkeRL-dJIf-9elF4D8H6OaGaRFSsRyadq9mbFm2a5HbkXm007pULAAGqOnxEsFm5ndbEsWgvh4c2t-393Wu7y9pSMLTmMMGckTAuJNd4hKaAMVfehiN1YF_LTxo8iiaux5bnlKKgN8X0BCTdKgwxjYt7l8G8_dicf6_2jxRV8rEJZmXYtFy6wmjnXZilRjl;Max-Age=86400;Expires=Fri, 22-Mar-2019 11:40:00 GMT;domain=tracking.marketing;path=/;HttpOnly


--- Additional Info ---
                                        
                                            GET /tonic2/?campid=e7acd77b-6484-4010-bef0-64552b7907f1&model=Desktop&os=Windows%207&city=Oslo&zn=672&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ip=77.40.129.123&ua=Mozilla%2F5.0%20%28Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13%29%20Gecko%2F20101203%20Firefox%2F3.6.13&browser=Firefox&browserversion=Firefox%203&lang=en&connection=XDSL&isp=Broadnet%20AS&carrier=&cep=Dsm4xB2ZAallnzTWyJov66ks78poY4iql2JeBOqDzjAHTKGNglMRBUxfLOrD9H3KJpxQ-e7HB4fNqPsjdS77azDV0dTzKZuzmWy_j_n5tTkOAE_DNp3zsBzYJwi6rA6TAtwsYbytauTViMVnalYP1CbsQ_4YrInJq-wyfxDSOPQ1g9SqLDcxz3qXlPk6_0buLfXGpj3Pu5_FC6aCTB4DsFb_xBaQsLXbUI_5W14J5ar_4xplZLwhDpo9BecD5NU1&partner_id=672&pid=672-de47b151&payout=%5B%5Bamount%5D%5D&clickid=6670807474624266551 HTTP/1.1 
Host: www.microsoft.com-windows-fast-pc.live
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://win.stack-prizes01.com/?utm_term=6670807474624266551&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab5b882b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafcfdf255

                                         
                                         94.237.87.169
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 0
Location: http://tracking.marketing/bfa3dd87-cad5-454b-abdf-56fda85b6d57?zoneid=&campaignid=&visitor_id=&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&zn=672
Content-Length: 0
Date: Thu, 21 Mar 2019 13:34:51 GMT
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
                                        
                                            GET /bfa3dd87-cad5-454b-abdf-56fda85b6d57?zoneid=&campaignid=&visitor_id=&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&zn=672 HTTP/1.1 
Host: tracking.marketing
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://win.stack-prizes01.com/?utm_term=6670807474624266551&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab5b882b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafcfdf255
Cookie: e7acd77b-6484-4010-bef0-64552b7907f1-v4=e7acd77b-6484-4010-bef0-64552b7907f1; cep-v4=i_8Kli082mX_QDe5QhjpQkdKuRCea5_XAUyCWdd4v6bXApknbd7j-vJ6yppJbhC-1VkeRL-dJIf-9elF4D8H6OaGaRFSsRyadq9mbFm2a5HbkXm007pULAAGqOnxEsFm5ndbEsWgvh4c2t-393Wu7y9pSMLTmMMGckTAuJNd4hKaAMVfehiN1YF_LTxo8iiaux5bnlKKgN8X0BCTdKgwxjYt7l8G8_dicf6_2jxRV8rEJZmXYtFy6wmjnXZilRjl

                                         
                                         18.184.38.55
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Thu, 21 Mar 2019 11:40:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1
Pragma: no-cache
Set-Cookie: bfa3dd87-cad5-454b-abdf-56fda85b6d57-v4=bfa3dd87-cad5-454b-abdf-56fda85b6d57;domain=tracking.marketing;path=/;HttpOnly cc-v4=oD%2BvHesVNRJ3Xtp9lgGqoDoXiaJ9BV45DRDDeTyZm5gGdL%2Bh84gR2eV3uK3F6I%2BaAgS3TYqqKsUo1ouLdyt2qNe8PopPH%2BzGjd%2BE3s0dixeVbzpaup6twMuaO3XN4k3wGgP%2FPwTbV9JEu%2BlHAWIzNA%3D%3D;Max-Age=31536000;Expires=Fri, 20-Mar-2020 11:40:00 GMT;domain=tracking.marketing;path=/;HttpOnly


--- Additional Info ---
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 21 Mar 2019 11:22:27 GMT
Expires: Thu, 21 Mar 2019 13:22:27 GMT
Last-Modified: Wed, 16 Jan 2019 20:01:45 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17168
Cache-Control: public, max-age=7200
Age: 1054


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=515711425&utmhn=www.tunetoppc.live&utmcs=UTF-8&utmsr=1176x885&utmvp=1176x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmhid=41736491&utmr=http%3A%2F%2Fwin.stack-prizes01.com%2F%3Futm_term%3D6670807474624266551%26clickverify%3D1%26utm_content%3Dfdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab5b882b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafcfdf255&utmp=%2Flp%2Ffxmrkt%2F%3Ffd%3Dqbsc%26x-context%3Dw1GLIGH9ESMTFR6LHVN2TS9K%26utm_source%3Dwfxmrkt%26utm_campaign%3Dwfxmrkt%26pxl%3DWFX3591_WFX3519_RUNT%26utm_pubid%3D672%26x-at%3D9b83ef8a-3a8b-42d7-b17a-f753d436b450%26override%3D1&utmht=1553168401031&utmac=UA-107063444-1&utmcc=__utma%3D11459249.417237410.1553168401.1553168401.1553168401.1%3B%2B__utmz%3D11459249.1553168401.1.1.utmcsr%3Dwfxmrkt%7Cutmccn%3Dwfxmrkt%7Cutmcmd%3D(not%2520set)%3B&utmjid=1987193193&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Thu, 21 Mar 2019 11:40:01 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 21 Mar 2019 11:40:01 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    bb97e9acf739205d3bd1c763630056f2
Sha1:   f28eebd75463ee71032117b824d98c37ab1d0aa9
Sha256: 894662babb5561d1350745202c9a296123da312060b7c47b4b0172d5b919a45b
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 21 Mar 2019 11:40:01 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=163564
Date: Thu, 21 Mar 2019 11:40:01 GMT
Etag: "5c934dee-1d7"
Expires: Sat, 23 Mar 2019 09:06:05 GMT
Last-Modified: Thu, 21 Mar 2019 08:40:14 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    7ceb2436488f4d1e4e8ad9125fc427a8
Sha1:   1de04a232709c91c5d9492fd1341785fecef30b7
Sha256: 62736dfec3994391e04e3af6e62069b9eeef5b03bf773bd8a591140ec58e7d37
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=141812
Date: Thu, 21 Mar 2019 11:40:01 GMT
Etag: "5c92db31-1d7"
Expires: Sat, 23 Mar 2019 03:03:33 GMT
Last-Modified: Thu, 21 Mar 2019 00:30:41 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    ea7a9a1ef34ba296cdc96cdb18ac4125
Sha1:   66bfd0529799e9d3076262938c31de724f8f71ed
Sha256: e3fb8bf93318eb0c2298a32ef7d5c3c64b91b96a7037e3a6e332e93cd745bb84
                                        
                                            POST / HTTP/1.1 
Host: s.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1754
Content-Transfer-Encoding: binary
Cache-Control: max-age=579172, public, no-transform, must-revalidate
Last-Modified: Thu, 21 Mar 2019 04:28:32 GMT
Expires: Thu, 28 Mar 2019 04:28:32 GMT
Date: Thu, 21 Mar 2019 11:40:01 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1754
Md5:    8d7b8279498ae213ff4075bb1c513f63
Sha1:   371fbd14d8dcdfd630f3f0ba8f71cf8e1f97c258
Sha256: 7cadb22f65a39e08981634f5ceed96375e859c36e508ed334a7758e460ac4062
                                        
                                            GET /css?family=Open+Sans+Condensed:700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         172.217.21.170
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 21 Mar 2019 11:40:01 GMT
Date: Thu, 21 Mar 2019 11:40:01 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   232
Md5:    83d2f8950353f2087e1c15aeb283535e
Sha1:   8b5b745e29557f025f116e8a92e59f59ff96272c
Sha256: 30934aad35a68171672952345611293da764f9cbfa5ba37b22a6fedd6bb84f98
                                        
                                            GET /lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1 HTTP/1.1 
Host: www.tunetoppc.live
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://win.stack-prizes01.com/?utm_term=6670807474624266551&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd83828787b68081818aa6beb98ebab5b882b1b0b0b2b7b7b4ababa8aaa8aba49da3939091969794a7deebdaddeeefec99909685e1e6e7d5d4cdcdf8c1c6cafcfdf255

                                         
                                         63.143.46.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=guo3un2dwrpe4wwsxj00skdp; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 21 Mar 2019 11:40:05 GMT
Content-Length: 76455


--- Additional Info ---
Magic:  UTF-8 Unicode HTML document text, with very long lines, with CRLF, LF line terminators
Size:   76455
Md5:    9246b96256e77d8ee506deaa3b7048f8
Sha1:   5a2adf7366f674f02ff2f9fe383da0182fe38d40
Sha256: 26109f2ba79c6ec35ff27b9ade31b3390e62db6d711cc5f6a1b10fcb1d42cd07
                                        
                                            GET /qbsc/lp/w/26/qbsc/fav.ico HTTP/1.1 
Host: d3ooh7n2f0ku5s.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         143.204.47.20
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Content-Length: 1150
Connection: keep-alive
Last-Modified: Fri, 15 Mar 2019 06:46:34 GMT
x-amz-meta-s3b-last-modified: 20190221T095726Z
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 21 Mar 2019 04:24:51 GMT
Etag: "c695357461a380484d6c1dfeb50ff031"
Age: 26111
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990971.cloudfront.net (CloudFront)
X-Amz-Cf-Id: cbjbQGGtRw-tcCIUJ1vaImV0N5piPJea0Jh4yEa8sZKWtdGGPxHE8w==


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1150
Md5:    c695357461a380484d6c1dfeb50ff031
Sha1:   c224c3191ab940864137d3c485b77b42888f071b
Sha256: 7db486b13219ac7ee5d541fb42e1d009e608583ebcf17dee2135c8dedaf418f0
                                        
                                            GET /lp/js/jquery.min.js HTTP/1.1 
Host: www.tunetoppc.live
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1
Cookie: ASP.NET_SessionId=guo3un2dwrpe4wwsxj00skdp

                                         
                                         63.143.46.130
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 11 Jul 2018 11:05:26 GMT
Accept-Ranges: bytes
Etag: "0df1d12719d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 21 Mar 2019 11:40:05 GMT
Content-Length: 33394


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   33394
Md5:    1800f174f05abfa463d7a9435c9ff605
Sha1:   9438749c041b328a6da83189827be47874994f63
Sha256: 6ce74f3560c83646a4a9f251dceaf47f80ba3eea261c26a8811c81ce6e86725f
                                        
                                            GET /qbsc/lp/w/26/qbsc/norton.jpg HTTP/1.1 
Host: d3ooh7n2f0ku5s.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         143.204.47.20
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 5147
Connection: keep-alive
Last-Modified: Fri, 15 Mar 2019 06:46:33 GMT
x-amz-meta-s3b-last-modified: 20180711T110526Z
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 21 Mar 2019 03:28:46 GMT
Etag: "8dc1f3efcbd7fcd69ac9f90e0b8732f8"
Age: 29476
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990971.cloudfront.net (CloudFront)
X-Amz-Cf-Id: gs6aPdx-itQLFNBAz4JL9gE9ENijIMtDkv44d2Ure2sqVtoZOO6Cnw==


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   5147
Md5:    8dc1f3efcbd7fcd69ac9f90e0b8732f8
Sha1:   5da77379386c6925c1c69abfa7ab5122e220f295
Sha256: ddb143e0347a1275e48fa66ac69e42ed33e561dd4fd41954769385ff820590bf
                                        
                                            GET /qbsc/lp/w/26/qbsc/maafee.jpg HTTP/1.1 
Host: d3ooh7n2f0ku5s.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         143.204.47.20
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 4223
Connection: keep-alive
Last-Modified: Fri, 15 Mar 2019 06:46:33 GMT
x-amz-meta-s3b-last-modified: 20180711T110526Z
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 21 Mar 2019 03:28:46 GMT
Etag: "4234d1ecab4a8868489e071da5e8b934"
Age: 29476
X-Cache: Hit from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714d.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 22056l1xenbx9ren7McSUMtIyWr7nMKgsjFULKSiXBysYsboUcj3vQ==


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   4223
Md5:    4234d1ecab4a8868489e071da5e8b934
Sha1:   9aa4d66a0632a0ab89e27fc8c4447774681bc747
Sha256: 96fb69957d90746dcb198b3e1c2496b4654ccf660d72ba1da0446058dca14d69
                                        
                                            GET /qbsc/lp/w/26/qbsc/plus.png HTTP/1.1 
Host: d3ooh7n2f0ku5s.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         143.204.47.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 15170
Connection: keep-alive
Last-Modified: Fri, 15 Mar 2019 06:46:34 GMT
x-amz-meta-s3b-last-modified: 20180711T110526Z
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 21 Mar 2019 03:28:46 GMT
Etag: "2a31fe8f5e579dc178cda4b6015246d9"
Age: 29476
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990971.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 6VWcGCv7Vq448J5Ao3jkzY4OY-tLYS_IraZLIo_Qz5C4UdxDZtyFkw==


--- Additional Info ---
Magic:  PNG image, 25 x 25, 8-bit/color RGBA, non-interlaced
Size:   15170
Md5:    2a31fe8f5e579dc178cda4b6015246d9
Sha1:   e4baab1b0442d95bb629d861393c5d0942a020ad
Sha256: 2a2a438bc27e48e44a4f28b71fd8c35ae86f7f26dfe6fa68af66f816d2fd4ca7
                                        
                                            GET /qbsc/lp/w/indicator/logo/qbsc.png HTTP/1.1 
Host: d3ooh7n2f0ku5s.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         143.204.47.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 4491
Connection: keep-alive
Last-Modified: Fri, 15 Mar 2019 11:17:41 GMT
x-amz-meta-s3b-last-modified: 20190221T094502Z
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 21 Mar 2019 03:28:46 GMT
Etag: "906e6c2a7777e7422f4667c84d703948"
Age: 29476
X-Cache: Hit from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714d.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CUIY-iR9YMOqEXHaRbu4d23jBIlAlcy1uj7RPZI417i-8_H5ryZqRQ==


--- Additional Info ---
Magic:  PNG image, 20 x 22, 8-bit/color RGBA, non-interlaced
Size:   4491
Md5:    906e6c2a7777e7422f4667c84d703948
Sha1:   1f43c5a1bd915ae61ad296a72575808507aa6e18
Sha256: 6e83b7763b1fc00580a6d8e5ad7f4e35e973b44a4dc41a05e2973fc8b3d76ab1
                                        
                                            GET /lp/indicator/indicator.js HTTP/1.1 
Host: www.tunetoppc.live
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1
Cookie: ASP.NET_SessionId=guo3un2dwrpe4wwsxj00skdp; __utma=11459249.417237410.1553168401.1553168401.1553168401.1; __utmb=11459249.1.10.1553168401; __utmc=11459249; __utmz=11459249.1553168401.1.1.utmcsr=wfxmrkt|utmccn=wfxmrkt|utmcmd=(not%20set); __utmt=1

                                         
                                         63.143.46.130
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Wed, 11 Jul 2018 11:05:26 GMT
Accept-Ranges: bytes
Etag: "85d3f12719d41:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 21 Mar 2019 11:40:06 GMT
Content-Length: 2278


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   2278
Md5:    585e14cfb0c9697940a2793e25fad34f
Sha1:   ddc78942fac93464d0bec5abcb474862d504e68e
Sha256: 6d154c8ccb35538560c0c0eb22a991f4534cf4923df38de8a712219a22cd1e0b
                                        
                                            GET /qbsc/lp/w/26/qbsc/Windows_7.png HTTP/1.1 
Host: d3ooh7n2f0ku5s.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         143.204.47.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 9349
Connection: keep-alive
Date: Tue, 19 Mar 2019 16:54:10 GMT
Last-Modified: Fri, 15 Mar 2019 06:46:34 GMT
Etag: "7854d1e36d5cde71e6d77a7b59ae79ca"
x-amz-meta-s3b-last-modified: 20180711T110526Z
Accept-Ranges: bytes
Server: AmazonS3
Age: 67410
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3f.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Sr50R4nrJXK3zbDrtFO-PbEsCWcBadXsICxsWYkTQmkq4bmdNYRHFA==


--- Additional Info ---
Magic:  PNG image, 64 x 64, 8-bit/color RGBA, non-interlaced
Size:   9349
Md5:    7854d1e36d5cde71e6d77a7b59ae79ca
Sha1:   a9fa36cc80d0896ea425c6c57f0e7330eb9844eb
Sha256: 2e2cfcf39ab533b50eb0c827ddab4f3d575b2faaf7499df3ef4d7f11456b9331
                                        
                                            GET /lp/lp/lp26/lp26.js HTTP/1.1 
Host: www.tunetoppc.live
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1
Cookie: ASP.NET_SessionId=guo3un2dwrpe4wwsxj00skdp; __utma=11459249.417237410.1553168401.1553168401.1553168401.1; __utmb=11459249.1.10.1553168401; __utmc=11459249; __utmz=11459249.1553168401.1.1.utmcsr=wfxmrkt|utmccn=wfxmrkt|utmcmd=(not%20set); __utmt=1

                                         
                                         63.143.46.130
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 11 Jul 2018 11:05:25 GMT
Accept-Ranges: bytes
Etag: "80488511719d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 21 Mar 2019 11:40:06 GMT
Content-Length: 1162


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   1162
Md5:    f2a052ea5c1b6cd25f0ba6801ddd493f
Sha1:   de3d09850dc850593faa212e22a0641085e92373
Sha256: 543ea649167e28e19fda18ad51378965c197cf0a9c811fa863e35ede758fd62e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.217.43
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Mar 2019 15:43:12 GMT
Etag: 89F357D4A8DF8C4033192ADE799CE5032C824D90
X-OCSP-Responder-ID: mcdpcaocsp4
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=273217
Expires: Sun, 24 Mar 2019 15:33:38 GMT
Date: Thu, 21 Mar 2019 11:40:01 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e7e183436d1312ba61da1e854a6eb66f
Sha1:   89f357d4a8df8c4033192ade799ce5032c824d90
Sha256: 06f7baaf7e96396cbe38f4eb0e02936b3208b14c4c68b1607b975af65c31665c
                                        
                                            GET /qbsc/lp/w/26/qbsc/Download-Now.gif HTTP/1.1 
Host: d3ooh7n2f0ku5s.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         143.204.47.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 1635
Connection: keep-alive
Last-Modified: Fri, 15 Mar 2019 06:46:33 GMT
x-amz-meta-s3b-last-modified: 20180711T110526Z
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 21 Mar 2019 03:28:46 GMT
Etag: "203a5d4d1b0c8b7c3588da6529a8b94b"
Age: 29476
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fbb.cloudfront.net (CloudFront)
X-Amz-Cf-Id: wmoQEiyce957ycKfr3geDxGcfQe_G4DSvtgnBdm4ea5nUr98aqZOgA==


--- Additional Info ---
Magic:  GIF image data, version 89a, 26 x 31
Size:   1635
Md5:    203a5d4d1b0c8b7c3588da6529a8b94b
Sha1:   a6aca5afd9262b221594e04ca0ed90068535335d
Sha256: 8f094338ef7773d0c57d1d53f171af40044599ec43ce5c3a3f9ed72d07638ee1
                                        
                                            GET /qbsc/lp/w/26/qbsc/minus.png HTTP/1.1 
Host: d3ooh7n2f0ku5s.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         143.204.47.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 15103
Connection: keep-alive
Last-Modified: Fri, 15 Mar 2019 06:46:33 GMT
x-amz-meta-s3b-last-modified: 20180711T110526Z
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 21 Mar 2019 03:28:46 GMT
Etag: "3d1c2900ef2b31da0efb76bec6ed0244"
Age: 29476
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Id: vWbvT_2rvqp-wztoZkAi4CRTdk46hyrNciZtZLe_9SJWQo22pRoMUA==


--- Additional Info ---
Magic:  PNG image, 25 x 25, 8-bit/color RGBA, non-interlaced
Size:   15103
Md5:    3d1c2900ef2b31da0efb76bec6ed0244
Sha1:   3593eb8067ba170aada7ad28efe2f009f8814149
Sha256: dab00997015f0c57a666785c43c9afbede66339ecf81ba661adf510feefc2eaf
                                        
                                            GET /jquery-migrate-1.0.0.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         205.185.208.52
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Thu, 21 Mar 2019 11:40:01 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 5347
Last-Modified: Fri, 24 Oct 2014 00:16:08 GMT
Server: nginx
Etag: W/"54499a48-3d75"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1553168401.dop009.sk1.t,1553168401.cds057.sk1.shn,1553168401.dop009.sk1.t,1553168401.cds063.sk1.c


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5347
Md5:    5921e5de37563c5de9aa73cc4cd94dc7
Sha1:   1fb632cdfc35b783394b2ba623981578e0a98f0a
Sha256: ef505a6d11d7cd7c6196877a62420f4499261b27269b9fe6c6829d3ec4a11f5e
                                        
                                            GET /lp/js/custom.js HTTP/1.1 
Host: www.tunetoppc.live
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1
Cookie: ASP.NET_SessionId=guo3un2dwrpe4wwsxj00skdp; __utma=11459249.417237410.1553168401.1553168401.1553168401.1; __utmb=11459249.1.10.1553168401; __utmc=11459249; __utmz=11459249.1553168401.1.1.utmcsr=wfxmrkt|utmccn=wfxmrkt|utmcmd=(not%20set); __utmt=1

                                         
                                         63.143.46.130
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 11 Jul 2018 11:05:26 GMT
Accept-Ranges: bytes
Etag: "0df1d12719d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 21 Mar 2019 11:40:06 GMT
Content-Length: 1446


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   1446
Md5:    16f0fb9988114b22cafda7e94cdedbce
Sha1:   ec04e3ee07b7f258227f1e7503e567bd291b545d
Sha256: 5d818c7e2f444b4cc0821fc60f8415532a460cd95b67686cff4416ee31edc7f3
                                        
                                            GET /lp/lang/indicator/en.json HTTP/1.1 
Host: www.tunetoppc.live
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1
Cookie: ASP.NET_SessionId=guo3un2dwrpe4wwsxj00skdp; __utma=11459249.417237410.1553168401.1553168401.1553168401.1; __utmb=11459249.1.10.1553168401; __utmc=11459249; __utmz=11459249.1553168401.1.1.utmcsr=wfxmrkt|utmccn=wfxmrkt|utmcmd=(not%20set); __utmt=1

                                         
                                         63.143.46.130
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Last-Modified: Wed, 11 Jul 2018 11:05:24 GMT
Accept-Ranges: bytes
Etag: "eae02011719d41:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 21 Mar 2019 11:40:06 GMT
Content-Length: 1812


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) English text, with CRLF, LF line terminators
Size:   1812
Md5:    73b4b2cccdd14e62b86efb186cc73be0
Sha1:   712c47830ea10960cdab2746d75e12b33c6d12dd
Sha256: 70e4dcf8cce0b56e3fc11dc6496bd26fd05e4b4b521f37e20cc05bdea3b67a64
                                        
                                            GET /qbsc/lp/w/26/qbsc/bluedownload.png HTTP/1.1 
Host: d3ooh7n2f0ku5s.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1

                                         
                                         143.204.47.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1225
Connection: keep-alive
Last-Modified: Fri, 15 Mar 2019 06:46:33 GMT
x-amz-meta-s3b-last-modified: 20180711T110526Z
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 21 Mar 2019 03:28:46 GMT
Etag: "00b3a2e88c2050798f1f48c06e40abec"
Age: 29476
X-Cache: Hit from cloudfront
Via: 1.1 f7b07679ea4f3642f4316819f86992ab.cloudfront.net (CloudFront)
X-Amz-Cf-Id: mD6g8dJKNpauzjhQuwt-0E6kZ0p4ZUtcYhiIPzgkzMyfrgFMzQIqqg==


--- Additional Info ---
Magic:  PNG image, 21 x 20, 8-bit/color RGBA, non-interlaced
Size:   1225
Md5:    00b3a2e88c2050798f1f48c06e40abec
Sha1:   b470cecf0e3e457551305a1b085dbb67860549fe
Sha256: dc7d17ea28c4a7d631119ef96652f417ecd3fd136bd0837378b9af68b6315803
                                        
                                            POST /lp/ajax/Default.aspx/TrackLpView HTTP/1.1 
Host: www.tunetoppc.live
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Referer: http://www.tunetoppc.live/lp/fxmrkt/?fd=qbsc&x-context=w1GLIGH9ESMTFR6LHVN2TS9K&utm_source=wfxmrkt&utm_campaign=wfxmrkt&pxl=WFX3591_WFX3519_RUNT&utm_pubid=672&x-at=9b83ef8a-3a8b-42d7-b17a-f753d436b450&override=1
Content-Length: 230
Cookie: ASP.NET_SessionId=guo3un2dwrpe4wwsxj00skdp; __utma=11459249.417237410.1553168401.1553168401.1553168401.1; __utmb=11459249.1.10.1553168401; __utmc=11459249; __utmz=11459249.1553168401.1.1.utmcsr=wfxmrkt|utmccn=wfxmrkt|utmcmd=(not%20set); __utmt=1
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         63.143.46.130
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Cache-Control: private, max-age=0
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 21 Mar 2019 11:40:06 GMT
Content-Length: 21


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   21
Md5:    d1d1d6c7cd37835bd317612e857e1097
Sha1:   73f7494d311bd548a11d1c9b21e2c942882427f6
Sha256: 83b68d422dab4ab088db41cf93da331e97af250ebf8964f1b5f1e8527f090ea5