Overview

URL sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
IP64.136.20.36
ASNAS13446 Netzero,INC.
Location United States
Report completed2017-08-08 15:02:17 CEST
StatusLoading report..
urlQuery Alerts Detected suspicious URL pattern


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 64.136.20.36

Date UQ / IDS / BL URL IP
2017-10-20 01:46:42 +0200
0 - 1 - 0 shortcsd.bappy.com/chrisoc/wa0m.html 64.136.20.36
2017-10-15 18:32:43 +0200
0 - 1 - 0 doityohr.itgo.com/bou/jut.html 64.136.20.36
2017-10-04 15:24:51 +0200
0 - 1 - 0 raney682.tvheaven.com/asarm/estra1395.html 64.136.20.36
2017-10-02 17:27:50 +0200
2 - 0 - 0 remobonsi.tvheaven.com/38233.html 64.136.20.36
2017-10-02 11:21:05 +0200
0 - 1 - 0 hamptoep.00books.com/stnm/dressin8g.html 64.136.20.36
2017-09-11 11:44:59 +0200
0 - 0 - 4 www.wcmotc.freeservers.com/twinpoems.html 64.136.20.36
2017-09-10 16:57:35 +0200
0 - 0 - 5 shahidafridi.itgo.com/ 64.136.20.36
2017-09-05 19:36:05 +0200
0 - 0 - 4 umewwww.itgo.com/feed.html 64.136.20.36
2017-09-04 11:46:20 +0200
0 - 1 - 0 adultb3v.bappy.com/pu6/lavagirl-costume-ifr.html 64.136.20.36
2017-09-01 14:23:23 +0200
0 - 1 - 5 howdop6i.gqnu.net/how-d9/900cc-is-how3r.html 64.136.20.36

Last 10 reports on ASN: AS13446 Netzero,INC.

Date UQ / IDS / BL URL IP
2017-10-22 08:59:17 +0200
0 - 0 - 0 louis3004212.nstemp.net/ 64.136.20.37
2017-10-20 11:04:54 +0200
0 - 1 - 0 ghnwkeor.iwarp.com/phots/tchfuel313.html 64.136.20.43
2017-10-20 11:00:49 +0200
0 - 0 - 4 ndek20.reunionwatch.com/songsy/ 64.136.20.37
2017-10-20 10:06:00 +0200
0 - 1 - 0 springu9.cz28.com/gi-8r/carole-hunt-pfz.html 64.136.20.37
2017-10-20 10:00:16 +0200
0 - 1 - 0 pigroajt.worldbreak.com/p4g/traeger-rump-fn.html 64.136.20.33
2017-10-20 07:56:31 +0200
0 - 1 - 4 carving.mystarship.com/afrim6/dora-and97.html 64.136.20.44
2017-10-20 01:46:42 +0200
0 - 1 - 0 shortcsd.bappy.com/chrisoc/wa0m.html 64.136.20.36
2017-10-18 19:57:41 +0200
0 - 0 - 0 thirdpartyoffers.netzero.net/TGL3232/59e78f42 (...) 64.136.53.216
2017-10-18 14:26:32 +0200
0 - 0 - 0 webmaila.juno.com/webmail/new/21 64.136.53.84
2017-10-18 12:54:55 +0200
0 - 1 - 0 simple38.scriptmania.com/fruifo/carvingk5.html 64.136.20.31

No other reports on domain: .



JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (5)

#1 JavaScript::Write (size: 1658, repeated: 1) - SHA256: b41a144fcd5eac30e7f8fd9379b9a880c381917cb3559d9984013ba5bc059314

                                        < !DOCTYPE html > < html > < head > < title > OpenX < /title><base target='_top'/ > < /head><body style='margin:0;padding:0'><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / rr ? ts = 1 fHU9MXxyaWQ9NzNkOTIwNTUtMGMxZC00NWU2LWE5Y2UtYzFkNDM3ZWJhNWE3fHJ0PTE1MDIxOTczMDN8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0zM2FiN2ZjYi01MjViLTQxOGMtODhkOC0xOThjYzZlNTZkNzN8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1lZjZZeVRta2lz '/></div><script type='
text / javascript '> (function() {
    var spoutjs = document.createElement('script'),
        firstjs = document.getElementsByTagName('script')[0];
    spoutjs.async = 1;
    spoutjs.src = '//cdn.spoutable.com/ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js';
    firstjs.parentNode.insertBefore(spoutjs, firstjs)
})(); < /script><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / ri ? ts = 1 fHU9MXxyaWQ9NzNkOTIwNTUtMGMxZC00NWU2LWE5Y2UtYzFkNDM3ZWJhNWE3fHJ0PTE1MDIxOTczMDN8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0zM2FiN2ZjYi01MjViLTQxOGMtODhkOC0xOThjYzZlNTZkNzN8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1lZjZZeVRta2lz '/></div></body></html>
                                    

#2 JavaScript::Write (size: 347, repeated: 1) - SHA256: cf5dd2810c7c0f5c50ad6d1c1c952e0baef20afc17c65287320d3e4eefb72685

                                        < a href = 'http://www.liveinternet.ru/click;prostitut'
target = _blank > < img src = '//counter.yadro.ru/hit;prostitut?t11.1;r;s1176*885*24;uhttp%3A//sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html;0.3550551660602621'
alt = ''
title = 'LiveInternet: ?>:070=> G8A;> ?@>A<>B@>2 70 24 G0A0, ?>A5B8B5;59 70 24 G0A0 8 70 A53>4=O'
border = '0'
width = '88'
height = '31' > < /a>
                                    

#3 JavaScript::Write (size: 18, repeated: 1) - SHA256: e2b8f0350a42dcb3b5ad50eac76c66e9411b84ced96f23a5799eeff58f8be83e

                                        < br / > & nbsp; < /div>
                                    

#4 JavaScript::Write (size: 99, repeated: 1) - SHA256: 07306e0da1b2922ee64e0c777390d8b3549a533e5d249189a1f2a58c9c3ba6be

                                        < div id = "slashpage"
style = "position: absolute; z-index: 100; color: white; background-color:white" >
                                    

#5 JavaScript::Write (size: 114, repeated: 1) - SHA256: 8ff884bb533b0c84d28c3ae83474efafa1e112cdb8285dd9a9191949f94897ee

                                        < iframe name = "splashpage-iframe"
src = "about:blank"
style = "margin:0; padding:0; width:100%; height: 100%" > < /iframe>
                                    


HTTP Transactions (115)


Request Response
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         64.136.20.44
HTTP/1.1 200 Special Default
Content-Type: image/gif
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Wed, 27 Jul 2011 09:23:13 GMT
Content-Length: 1406
Keep-Alive: timeout=999999, max=999998
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1406
Md5:    d009cced4ed43383291700a3b7a18f86
Sha1:   eff142aafd81e111c728ccf1f1df36cf1c244dce
Sha256: 748f652b4067e9b431761049ae7e3b77e5cf4d3042b2cd7a3b5da379d95d8dab
                                        
                                            GET /w/1.0/jstag HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Vary: Accept-Encoding
Server: OXGW/11.99.7
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Tue, 08 Aug 2017 14:01:42 GMT
Date: Tue, 08 Aug 2017 13:01:42 GMT
Content-Length: 17276
Content-Encoding: gzip
Cache-Control: max-age=3600


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17276
Md5:    994d3f6b84dccedce872b00bf7f1100c
Sha1:   3fb980fa4316202cd1c7aeab62a970f2f4eaaa1d
Sha256: 824aae6e243547ad5e5f7425c6c3cd24a2992f92ef6064b558b633fa377310c5
                                        
                                            GET /gjhyj-ajnj-vfvrb.html HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Filter-Revision: 1.220
Last-Modified: Thu Feb 14 12:53:37 2013 GMT
Content-Length: 14454
Keep-Alive: timeout=999999, max=999998
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text
Size:   18550
Md5:    21cffc63905b84c5352e250bcff2b0b1
Sha1:   accce28838772a2e9832ce73deaf8ec78aec93fc
Sha256: 7019052be2331dbb2f25d28d9c02b7f41e23d5d7448eab94bb5d286eec380bb7
                                        
                                            GET /style.css HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:48 GMT
Etag: "2881cee-267-511cde5c"
Accept-Ranges: bytes
Content-Length: 615
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CR line terminators
Size:   615
Md5:    322ae528ca6f721fb4f5db5014d51e48
Sha1:   7357dc45bd9f26ce9b6269dc057b827d6d35b1bb
Sha256: 87aee55fab1890e0b233b9f52e3a9a84bea132fc45874bb5bf72188d5e2f3654
                                        
                                            GET /js/prostitut/menu6.js HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:41 GMT
Content-Length: 3298
Connection: keep-alive
Last-Modified: Tue, 24 Mar 2015 08:11:05 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   3298
Md5:    28fd08847654c2ad4bc7c210b9a8a2af
Sha1:   2b591f15f9deb8c6b447fb6dd2f102f3f4987359
Sha256: 122eb6f3dcbadcff49b547d8b56876e3474b1626c3dc483ab2707b8437bbdefd
                                        
                                            GET /logo.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:37 GMT
Etag: "2dc1524-ef9-511cde51"
Accept-Ranges: bytes
Content-Length: 3833
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   3833
Md5:    e00359a1736696a0ef1df647005a68f1
Sha1:   00bff441936066ca95256cbd1be435b0436a3ecf
Sha256: 3534a8f58144faa0f02d4232bfa7a0e110d47ef3a3ee3252d382923b4defe42e
                                        
                                            GET /fs_img/js/set_homepage.js HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Thu, 25 Jun 2009 09:12:35 GMT
Etag: "2ea18-6cb-4a433f83"
Accept-Ranges: bytes
Content-Length: 1739
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   1739
Md5:    65d1bd2fb6b2997618d4487d7f0c458b
Sha1:   e176f2620fb4c3b22e8877d0770f68bed8e1421f
Sha256: 24fcc4b766d9485b2e8276c0fd71fb9f129b0e2fbc90e073afbe8a7cbd3b199b
                                        
                                            GET /basic.css HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:35 GMT
Etag: "5aef09-1dd-511cde4f"
Accept-Ranges: bytes
Content-Length: 477
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text
Size:   477
Md5:    ab6ea158018bd132d5708f8f469b1888
Sha1:   6791bccf4b2917e2ee6af60c5b06b1bda89a8a23
Sha256: be71ff8fbcbb143fa3545aaf9267616401bc913c417df0921076371434a1b8d5
                                        
                                            GET /cgi-bin/image/images/bannertype/100X22.gif HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Fri, 20 Apr 2001 21:43:04 GMT
Content-Length: 651
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 22
Size:   651
Md5:    73da55db643b8c2941f91c7ff18d058c
Sha1:   4238810ca9811d5de2e1653bd1892444b7b39a60
Sha256: 8364c09db7f2da436f6a3a620c0709fc8a4cfb159614012865431a06807fc175
                                        
                                            GET /p10019.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:39 GMT
Etag: "b13847-e3f-511cde53"
Accept-Ranges: bytes
Content-Length: 3647
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3647
Md5:    16bf23209c338aafa692d10105675e1e
Sha1:   bca711047a969177d6fbb404f82fd903b51a0b7f
Sha256: 2d6ea0b72491e68bdb85f6ad968b3d21587091e96cc32dc7e4c3212bec3423dc
                                        
                                            GET /p10040.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:41 GMT
Etag: "b569d2-81b-511cde55"
Accept-Ranges: bytes
Content-Length: 2075
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   2075
Md5:    ad5a17c107e6fc2009e064baab0b49cd
Sha1:   845de0d45ad3b4e304d1e68f4d1bb9fca526aec2
Sha256: 7296438bca7a28aa2940583fed1e0b7ee724a8d08c31423d2c56fb9623e15cfd
                                        
                                            GET /p10063.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:44 GMT
Etag: "284bb28-9a3-511cde58"
Accept-Ranges: bytes
Content-Length: 2467
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   2467
Md5:    09e810d6fb8cf328679b491229dc4803
Sha1:   e4439623c3e286bae7f7372b486ed6ad5d7cd9fe
Sha256: 53f027ab310b325a7b04f19cd4a65e3f98b195c191926cb7e7c07946d7c6cb32
                                        
                                            GET /w/1.0/acj?ai=8dadddf9-02f5-4f1d-96a2-ee203045568e&o=946274156&callback=OX_946274156&ju=http%3A//sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html&jr=&auid=538771292&dims=1176x754&adxy=588%2C48&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=windows-1251&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         173.241.240.220
HTTP/1.1 302 Moved Temporarily
                                        
Set-Cookie: i=52e2b83f-80bf-08eb-38b4-5b5c145b45d6|1502197303; Version=1; Expires=Wed, 08-Aug-2018 13:01:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.99.7
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://uol-d.openx.net/w/1.0/acj?cc=1&ai=8dadddf9-02f5-4f1d-96a2-ee203045568e&o=946274156&callback=OX_946274156&ju=http%3A//sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html&jr=&auid=538771292&dims=1176x754&adxy=588%2C48&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=windows-1251&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1
Date: Tue, 08 Aug 2017 13:01:43 GMT
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /w/1.0/acj?cc=1&ai=8dadddf9-02f5-4f1d-96a2-ee203045568e&o=946274156&callback=OX_946274156&ju=http%3A//sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html&jr=&auid=538771292&dims=1176x754&adxy=588%2C48&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=windows-1251&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: i=52e2b83f-80bf-08eb-38b4-5b5c145b45d6|1502197303

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Vary: Accept
Set-Cookie: i=52e2b83f-80bf-08eb-38b4-5b5c145b45d6|1502197303; Version=1; Expires=Wed, 08-Aug-2018 13:01:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Tue, 08 Aug 2017 13:01:43 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   1013
Md5:    b43247638f3577915259824562cc929c
Sha1:   2cad430399e8736f2d514809e3ba3020609cbf29
Sha256: f6b934533ac2255ce1383ab57a409da2c731b4171ff3a3ff6adf8cb4ec22a11e
                                        
                                            GET /ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js HTTP/1.1 
Host: cdn.spoutable.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         104.20.68.222
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 08 Aug 2017 13:01:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d3d98172863b585f4fe7eeef6e8b3d0d41502197303; expires=Wed, 08-Aug-18 13:01:43 GMT; path=/; domain=.spoutable.com; HttpOnly
x-amz-id-2: hACpRr2GJNvsVv+IJ7Sco5kMePfwmedGIVW74XGDGzMzIWPFmikf8IMzfS42d/OCUn8gJrzRiM4=
x-amz-request-id: 321A101396FC25AA
Last-Modified: Mon, 07 Aug 2017 16:26:31 GMT
Etag: W/"55e3bd8aae6e3f8dfec6a30c6c00df80"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:43 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aa7c6186429d-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   830
Md5:    b93008db770708b345cf417cd87ab743
Sha1:   e47c0545c14b0c623064a6d0f967e85d596c1492
Sha256: f46788bdde3c0d172ac8b827d987d1b287d502a4f6f210dbd9239741081c2490
                                        
                                            GET /w/1.0/ri?ts=1fHU9MXxyaWQ9NzNkOTIwNTUtMGMxZC00NWU2LWE5Y2UtYzFkNDM3ZWJhNWE3fHJ0PTE1MDIxOTczMDN8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0zM2FiN2ZjYi01MjViLTQxOGMtODhkOC0xOThjYzZlNTZkNzN8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1lZjZZeVRta2lz HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: i=52e2b83f-80bf-08eb-38b4-5b5c145b45d6|1502197303

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Tue, 08 Aug 2017 13:01:43 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /p10058.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:43 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:43 GMT
Etag: "26cd9ff-e3f-511cde57"
Accept-Ranges: bytes
Content-Length: 3647
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3647
Md5:    16bf23209c338aafa692d10105675e1e
Sha1:   bca711047a969177d6fbb404f82fd903b51a0b7f
Sha256: 2d6ea0b72491e68bdb85f6ad968b3d21587091e96cc32dc7e4c3212bec3423dc
                                        
                                            GET /p1008.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:43 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:45 GMT
Etag: "1f532ad-db3-511cde59"
Accept-Ranges: bytes
Content-Length: 3507
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3507
Md5:    501a54c1dce559fc3135fe7826fedce8
Sha1:   5033824dffc8b74d1c22fcfc6e96adc95d0879e5
Sha256: add183a52c84577c1f6b51631c72c04976be27b5affc41f91fd398acbe16b681
                                        
                                            GET /w/1.0/rr?ts=1fHU9MXxyaWQ9NzNkOTIwNTUtMGMxZC00NWU2LWE5Y2UtYzFkNDM3ZWJhNWE3fHJ0PTE1MDIxOTczMDN8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0zM2FiN2ZjYi01MjViLTQxOGMtODhkOC0xOThjYzZlNTZkNzN8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1lZjZZeVRta2lz HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: i=52e2b83f-80bf-08eb-38b4-5b5c145b45d6|1502197303

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Timing-Allow-Origin: *
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Tue, 08 Aug 2017 13:01:43 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /p10014.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:43 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:38 GMT
Etag: "2dc152e-10f7-511cde52"
Accept-Ranges: bytes
Content-Length: 4343
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   4343
Md5:    15e52d11e2994b1512f16a333d501006
Sha1:   4b6041aeed94d3f395516cbf17d85aa6b94a4612
Sha256: 8023ad853c16580c28518e4b3e7d6f29d230f64b37435f5ba4f7d3d98fb2dead
                                        
                                            GET /p10032.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:43 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:40 GMT
Etag: "2efa626-ebc-511cde54"
Accept-Ranges: bytes
Content-Length: 3772
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3772
Md5:    adc2446d525b3d0f33a4dca26b2c2ba4
Sha1:   583b309bcea7532147a1d641e3dbe1ae12b26ca8
Sha256: e927d758e141a074358a305c9ae48f3dcfeab05466c8bb8e5abbd68548af6dbd
                                        
                                            GET /fs_img/js/pt.js HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 08 Aug 2017 13:01:43 GMT
Server: .V04 Apache
Last-Modified: Tue, 23 Dec 2008 06:18:16 GMT
Etag: "2ea17-133c-495082a8"
Accept-Ranges: bytes
Content-Length: 4924
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   4924
Md5:    5a579305a5ed446e5d235fdf055af4df
Sha1:   460970478d97e27013664cca14b24b312db5e837
Sha256: b7869a1ad7f1eec802fdbd1018fa315b26b3c92a13db66c9044dad80a8fc5b2f
                                        
                                            GET /p10050.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:42 GMT
Etag: "26cd9f7-92b-511cde56"
Accept-Ranges: bytes
Content-Length: 2347
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   2347
Md5:    bd629d95978a23903acae05970226240
Sha1:   819792d30edd1be0f387eff6923f589c4ecfb09d
Sha256: e8811667e55aa16213e678935ff0d6dcc5a418b7f3885f1bdb31be337fc58589
                                        
                                            GET /p10054.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:43 GMT
Etag: "26cd9fb-10f7-511cde57"
Accept-Ranges: bytes
Content-Length: 4343
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   4343
Md5:    15e52d11e2994b1512f16a333d501006
Sha1:   4b6041aeed94d3f395516cbf17d85aa6b94a4612
Sha256: 8023ad853c16580c28518e4b3e7d6f29d230f64b37435f5ba4f7d3d98fb2dead
                                        
                                            GET /p10023.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:39 GMT
Etag: "2efa61c-e55-511cde53"
Accept-Ranges: bytes
Content-Length: 3669
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3669
Md5:    18705e9ea51db7bfc23cbab8082b2db6
Sha1:   60de53f4867a57a279d23a770ec477afd846fbab
Sha256: 301dbf022ea7cf1b2a4eef3286d145f6252e3da4acfa9972c7471a8532bc58d0
                                        
                                            GET /p10053.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:42 GMT
Etag: "26cd9fa-96b-511cde56"
Accept-Ranges: bytes
Content-Length: 2411
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   2411
Md5:    a2542977807131013adb4022ca28b70b
Sha1:   a8a6ada82cda3bd0eb4a7d677c27dacc27d39d4f
Sha256: adf4575012b78d63a3d3d298a5fa139d0d795b1963b85ee7dc1850b912a3f24d
                                        
                                            GET /p1004.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:41 GMT
Etag: "b569d1-dc9-511cde55"
Accept-Ranges: bytes
Content-Length: 3529
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3529
Md5:    b66d1c1786ce890be9f53ada60ce1aa8
Sha1:   58bc773116139bf25359ef394d8f5abcaa67c9ab
Sha256: fe5cf3bc8eb61eec3880a0d9c331166b2740b80880d00b7092761ef42c7c8f8b
                                        
                                            GET /p10062.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:43 GMT
Etag: "1017619-874-511cde57"
Accept-Ranges: bytes
Content-Length: 2164
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   2164
Md5:    208556618759c0280fc4a4af2290315e
Sha1:   4a94f8757345d20b8af001877063f16cf8e36e3c
Sha256: e2737c74dd241306de9f0c30e1fbddd1a048b112ced880b0bcbf3bb28b0c15c5
                                        
                                            GET /p10047.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:41 GMT
Etag: "26cd9f3-df3-511cde55"
Accept-Ranges: bytes
Content-Length: 3571
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3571
Md5:    be1608e4e99ff05bd37aaa21e5af8320
Sha1:   8f945c4e56ce68478b5bcad82f0955e56e0be4f5
Sha256: 7d3025a17cf03ea15a90c015fced0cece71436b2d25609f97ec19a2f08c90cfd
                                        
                                            GET /p10046.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:41 GMT
Etag: "26cd9f2-bd4-511cde55"
Accept-Ranges: bytes
Content-Length: 3028
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3028
Md5:    440650f1c6331291b2cc967aab2d2477
Sha1:   4761e99424857a7d7866fcdad049d6b452fe5208
Sha256: e145eb2df232b235401b84cf951aed3605ff8ebb465770954f3f23aaea1533e2
                                        
                                            GET /fs_img/js/overlay.js HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 08 Aug 2017 13:01:42 GMT
Server: .V04 Apache
Last-Modified: Thu, 27 Aug 2009 10:08:37 GMT
Etag: "2ea14-1952-4a965b25"
Accept-Ranges: bytes
Content-Length: 6482
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   6482
Md5:    85f8bd82370a634fcb8f5aca3e407395
Sha1:   4065a0ff47a5b4f01df8c90adaa7a6781b4087c3
Sha256: 0c33d70a8a30833d45c2217aeaf8691b17d54c70c136593bf03f7b68109b84ed
                                        
                                            GET /p10052.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:42 GMT
Etag: "26cd9f9-ce7-511cde56"
Accept-Ranges: bytes
Content-Length: 3303
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3303
Md5:    341e4419ec2fd2c2e099c80d92a1add8
Sha1:   a1bfc870007bfd190c9dc6904536c6899db08326
Sha256: a16d84d92931022d0f7be946f326c17355b7aa3160c4c68c51a64066dc8f711d
                                        
                                            GET /p10036.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:40 GMT
Etag: "2efa62a-105a-511cde54"
Accept-Ranges: bytes
Content-Length: 4186
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   4186
Md5:    99d121132d515c3ab584aab03d91130b
Sha1:   b45918f6583913579ea6de16f92c6385c2ae14da
Sha256: af52d078e709978909221798ae709f70284f8713976a633cbd617c9426935e8b
                                        
                                            GET /p10018.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:38 GMT
Etag: "b13846-bcb-511cde52"
Accept-Ranges: bytes
Content-Length: 3019
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3019
Md5:    3c875ddfe47e91d2ea6fac920bf029ad
Sha1:   9edf8a7cdf0cc14487685bdc56096f24be8683e8
Sha256: 708bdcc38a3db469bf1ccaa3cd486048078fcbe405a7c08a82e7b2c3839bb55a
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 08 Aug 2017 11:03:59 GMT
Expires: Tue, 08 Aug 2017 13:03:59 GMT
Last-Modified: Tue, 01 Aug 2017 03:25:32 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 16022
Cache-Control: public, max-age=7200
Age: 7065


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16022
Md5:    09889dfa1a6bf800507b7a6799c45901
Sha1:   51b1c3f117a0874b6e5ea58bf9e8863c918db4aa
Sha256: 1c92948832be823e16d40195f5f66135368b5cb3f8a7833c3e25f558f16fecfb
                                        
                                            GET /hit;prostitut?t11.1;r;s1176*885*24;uhttp%3A//sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html;0.3550551660602621 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         88.212.196.103
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:43 GMT
Server: 0W/0.8c
Location: http://counter.yadro.ru/hit;prostitut?q;t11.1;r;s1176*885*24;uhttp%3A//sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html;0.3550551660602621
Content-Length: 32
Expires: Sun, 07 Aug 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: FTID=1PYROt1ydcfc1PYROt0022rI; path=/; expires=Tue, 07 Aug 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  HTML document text
Size:   32
Md5:    3e9c09a8c5a87f266e047a596f48578c
Sha1:   07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
Sha256: 57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
                                        
                                            GET /p10059.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:43 GMT
Etag: "26cda00-11c4-511cde57"
Accept-Ranges: bytes
Content-Length: 4548
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   4548
Md5:    c542a9c241e878f1197b18bbc15c51a9
Sha1:   b1aa6fa7c8bb425879f620a7b8c7641178471f2f
Sha256: c0d6ca99be119a39eba1bea9cccc6c7b7dd54fc05d2b35d0e1eedaa80428584a
                                        
                                            GET /r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1801859949&utmhn=sesdirere.faithweb.com&utmcs=windows-1251&utmsr=1176x885&utmvp=1176x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Gjhyj%20ajnj%20vfvrb%20-%20%D0%9F%D1%83%D1%82%D0%B0%D0%BD%D0%B0%20%D0%97%D0%B8%D0%BD%D0%B0%D0%B8%D0%B4%D0%B0&utmhid=1541205341&utmr=-&utmp=%2Fgjhyj-ajnj-vfvrb.html&utmht=1502197305098&utmac=UA-4601892-10&utmcc=__utma%3D1.61133030.1502197305.1502197305.1502197305.1%3B%2B__utmz%3D1.1502197305.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=81124309&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 08 Aug 2017 13:01:45 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /hit;prostitut?q;t11.1;r;s1176*885*24;uhttp%3A//sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html;0.3550551660602621 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: FTID=1PYROt1ydcfc1PYROt0022rI

                                         
                                         88.212.196.103
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 08 Aug 2017 13:01:44 GMT
Server: 0W/0.8c
Connection: Close
Content-Length: 565
Expires: Sun, 07 Aug 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: VID=0Q-zEg11nm9c1PYROu0022sK; path=/; expires=Tue, 07 Aug 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  GIF image data, version 89a, 88 x 31
Size:   565
Md5:    8ae759066cb36d981c42583fb4008ac6
Sha1:   1638ebdad7a9dbaab360b7cbdeefec634dba9348
Sha256: 37e5040ddf2330cfb46aa71dd88e40183fb9578c923551e26f7c417efca22883
                                        
                                            GET /best/go.php?sid=21 HTTP/1.1 
Host: ammagama.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         91.219.194.36
HTTP/1.1 302 Found
Content-Type: text/html; charset=Windows-1251
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:46 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/5.3.29
Set-Cookie: goggle=goggle; expires=Tue, 08-Aug-2017 13:03:26 GMT
Location: /best/got.php?sid=21


--- Additional Info ---

Alerts:
  urlquery:
    - Detected suspicious URL pattern
                                        
                                            GET /p10035.jpg HTTP/1.1 
Host: sesdirere.faithweb.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: OX_ssn=5724780835; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 08 Aug 2017 13:01:43 GMT
Server: .V04 Apache
Last-Modified: Thu, 14 Feb 2013 12:53:40 GMT
Etag: "2efa629-cb7-511cde54"
Accept-Ranges: bytes
Content-Length: 3255
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   3255
Md5:    09f63964dc4ce4c5e4ad4319416e1dee
Sha1:   e3ef130c949ef692ea8278a8e74b72938abe2203
Sha256: 4453a63b1d31581551d2c94f797f7b7ac95b05daaf29e63ba9915bd297488291
                                        
                                            GET /best/got.php?sid=21 HTTP/1.1 
Host: ammagama.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: goggle=goggle

                                         
                                         91.219.194.36
HTTP/1.1 302 Found
Content-Type: text/html; charset=Windows-1251
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:46 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/5.3.29
Set-Cookie: schema21=true; expires=Wed, 09-Aug-2017 13:01:46 GMT visited21=41; expires=Wed, 09-Aug-2017 13:01:46 GMT
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Location: http://allfreedating.ru/js/webcam/1/webcam.html


--- Additional Info ---

Alerts:
  urlquery:
    - Detected suspicious URL pattern
                                        
                                            GET /js/webcam/1/webcam.html HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: text/html; charset=Windows-1251
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:46 GMT
Content-Length: 6028
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:27:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   6028
Md5:    637db5b872f54734c3d3d3eae4d5c487
Sha1:   91b360172221af410150149e57d4d022179f043b
Sha256: f164b135e846edee35df93d031d3d281c16f540cd4cc9454c3a3e28add756951
                                        
                                            GET /js/webcam/1/images/fancybox.css HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 4875
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text
Size:   4875
Md5:    a6f5443ad36af580d508034c7a6589ab
Sha1:   7d4bf4597254db61c56e251bab3e0a3042bb78d6
Sha256: 5bcd7d71152b2bcc7b1cd5781389cbda0347fed229c622c8b65f6db1091bac56
                                        
                                            GET /js/webcam/1/images/main_sty.css HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 11720
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   11720
Md5:    82173edec0f126cdbe91532eefb723f0
Sha1:   b69acdbf7798c9a3b4c8af65036a41a7d30c37a0
Sha256: bf6d2d34e79f466cc5e07a645d2a1c5adbc83296a785a9f8378fddbaee2565e5
                                        
                                            GET /js/webcam/1/images/css00000.css HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 146
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   146
Md5:    a4ac0f436c99c055c5fd74c33074aa24
Sha1:   dbbadd1ce4b1b796dc2fefeb423ae6b25ee19030
Sha256: 890aee3595958eb803d8d2746196db78137cc2d0e5a96dae9dc5b90927e9a6cd
                                        
                                            GET /js/webcam/1/images/css00001.css HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 747
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   747
Md5:    b0b30db19291e18952337b1250a1fe86
Sha1:   73baacf5411f44cbc008465b1b8a1eba60c790c3
Sha256: 7695e5b5a7c71ca0e97c457ee3a4d34deb04fadec5aea38466434de9be6c5895
                                        
                                            GET /js/webcam/1/images/13515373.jpg HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 132386
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   132386
Md5:    63cb34cdcdd1124d2f4306482a331f5a
Sha1:   38f1899592abc4b8dd4fdbae9d6b5dbc02a8752d
Sha256: f60c8f2da8c6439d342cc1183ef0b8d3271fc867d78118760b7a8d289ccab1a8
                                        
                                            GET /js/webcam/1/images/common-v.css HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 38757
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text
Size:   38757
Md5:    ef460894ac2d2b17b76d3a29e2264f24
Sha1:   c0916f95ce1413288b9d4e62da166de113f3bd44
Sha256: 12a9802355a36f86d8c074f22501288305015d729d18a558d73fa5bd9a75c9c3
                                        
                                            GET /js/webcam/1/images/header-h.png HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 8712
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 799 x 152, 8-bit/color RGBA, non-interlaced
Size:   8712
Md5:    46a1373b35192b4099b5c97e2785dd0c
Sha1:   1fb87b2b6944c19f4823f6c1d48f8b8ac7f13196
Sha256: 599a6751c0b9289c67b4fdbfde502ec98ba9709e97fee3c967ead00e76f737c5
                                        
                                            GET /js/webcam/1/images/dark0000.png HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 33662
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 100 x 160, 8-bit/color RGB, non-interlaced
Size:   33662
Md5:    259beeff0d37c7af8b8d3bb5f322880c
Sha1:   52b954791f02eb868c363ff7251c1c4a0b787bfb
Sha256: aab3122a645c4d2ee9a1c2d159a5795e32a652ecfb0d9cc7c6e863c1628e98fe
                                        
                                            GET /js/webcam/1/images/main-sha.png HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 1019
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 954 x 2, 8-bit/color RGBA, non-interlaced
Size:   1019
Md5:    2d8cb0909e1aac17e1e6ace44735c65c
Sha1:   c2ba655a482af20a2bc35ae03fa2f8843dfe2c89
Sha256: c370536f378f580f61ef41714d45c2393bbd6b2e78aef3676a3c1ba6580be457
                                        
                                            GET /js/webcam/1/images/banner-t.txt HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         91.219.194.36
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 202
Connection: keep-alive
Location: http://google.com/


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   202
Md5:    797bb434fa519999ef96344ad88b07e1
Sha1:   710ff1cedf87536e02d2066541b32c4df7f2d75f
Sha256: 75ff10750a3c866b4a04bb2f629823f34d93fad7465feca23f28c11cfdac5180
                                        
                                            GET /js/webcam/1/images/floral00.png HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 8039
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 120 x 120, 8-bit/color RGBA, non-interlaced
Size:   8039
Md5:    a0132f7a84fadeb15906bbfa81f17f18
Sha1:   757cff49e13b48a189307ae9aca01a49a583f9e0
Sha256: 01d22fa3eb472598fd598cc3d8977acd4ac2aba1651eb0291427dc0dc674774e
                                        
                                            GET /js/webcam/1/images/nav-bg00.png HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 8309
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 1060 x 76, 8-bit/color RGBA, non-interlaced
Size:   8309
Md5:    1a9a7c6c68c6445ba80b88456df18853
Sha1:   d4d75febbe05a704175ff0128e7b17a496422e04
Sha256: 1cac7d86b65f11e54321648990a3c6c9f3dfa9e01bfee1df9af4bf6d45c252c9
                                        
                                            GET /js/webcam/1/images/kteN-TiU.ttf HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/css00000.css

                                         
                                         91.219.194.36
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 202
Connection: keep-alive
Location: http://google.com/


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   202
Md5:    797bb434fa519999ef96344ad88b07e1
Sha1:   710ff1cedf87536e02d2066541b32c4df7f2d75f
Sha256: 75ff10750a3c866b4a04bb2f629823f34d93fad7465feca23f28c11cfdac5180
                                        
                                            GET /js/webcam/1/images/button_l.png HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 7925
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 400 x 252, 8-bit/color RGBA, non-interlaced
Size:   7925
Md5:    c4bda6d916a734467d4b11b8eadda4a8
Sha1:   698fa793f8deccf877f55d8b544fd5a18b2a0d77
Sha256: 41bf083aa1c36eae41f4a3bf552a36af2bf856aa053deebec96f840b0fafe83c
                                        
                                            GET /js/webcam/1/images/footer-w.png HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 112
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 2 x 1, 8-bit/color RGB, non-interlaced
Size:   112
Md5:    00760332b90747a2f9a93595e25aa6c5
Sha1:   b685b8495e5310e57b9d30296c6c650bee02b996
Sha256: cfde342b4c6cacc3c047f68b09c92e64345a3bc2602582dd078e036c87836819
                                        
                                            GET /js/webcam/1/images/main-bot.png HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         91.219.194.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:47 GMT
Content-Length: 3911
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2016 15:15:44 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 954 x 92, 8-bit/color RGBA, non-interlaced
Size:   3911
Md5:    0c8b2b0f672b0a35931d2fd17507b02a
Sha1:   d05767c0bb9817aa2108f65e5e50a6e9036bd7fa
Sha256: c690b586dcd49852c0a619c743fa8c453bbb8f3a2b05d71f8e4b1f0781165820
                                        
                                            GET / HTTP/1.1 
Host: google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         216.58.211.142
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Cache-Control: private
Referrer-Policy: no-referrer
Location: http://www.google.no/?gfe_rd=cr&ei=PLaJWcGuINOq8wexkIGIBw
Content-Length: 258
Date: Tue, 08 Aug 2017 13:01:48 GMT


--- Additional Info ---
Magic:  HTML document text
Size:   258
Md5:    caf2c728015408e7def6d03277e2681e
Sha1:   57234d3b2dc177a3981f54eb74069f7a7d65b74e
Sha256: 49212cb95ec30feabfc2487770234fb043bc3e83d9150271178e5fed6d7a8fa5
                                        
                                            GET / HTTP/1.1 
Host: google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/css00000.css
Origin: http://allfreedating.ru

                                         
                                         216.58.211.142
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Cache-Control: private
Referrer-Policy: no-referrer
Location: http://www.google.no/?gfe_rd=cr&ei=PLaJWe39IMOq8weklAE
Content-Length: 255
Date: Tue, 08 Aug 2017 13:01:48 GMT


--- Additional Info ---
Magic:  HTML document text
Size:   255
Md5:    f60fd69d339e9c1373bf8fce90dc48c9
Sha1:   e2b66e77f27b1d1fe820e762ac408c8f26a8b783
Sha256: b6f635f2f7999995a7cf3f6485b6b25e31e91e64aa24f40eaf93fe881bed68f3
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:49 GMT
Content-Length: 162
Connection: keep-alive
Set-Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309; expires=Wed, 08-Aug-18 13:01:49 GMT; path=/; domain=.runetki.com; HttpOnly
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:49 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa2d42a427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /?gfe_rd=cr&ei=PLaJWcGuINOq8wexkIGIBw HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/main_sty.css

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 08 Aug 2017 13:01:49 GMT
Expires: -1
Cache-Control: private, max-age=0
P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/answer/151657?hl=en for more info."
Content-Encoding: gzip
Server: gws
Content-Length: 15435
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: NID=109=K2oBsZG0onZvj2WdRmpEhFfbVnDNjnQD1Jf7R_yCStGgHcRrttVMTw1L5EY-XirrMQ9B7gmLU75LSc-iVGqmHH-P5YFwsbTZFKi86wcV6I6pgIdXgoYagl9P9nEHnna_; expires=Wed, 07-Feb-2018 13:01:49 GMT; path=/; domain=.google.no; HttpOnly


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   15435
Md5:    44e29ba9940a99e91e2df9ab2deb7eac
Sha1:   0ba600f3eac244c54cc318ed998ec83b39a3baaa
Sha256: 45b5437682b63672a0ac09ef0bbd445b2fcb21dda8c71f139951707a3afc9e96
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa35464427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa39479427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa3d496427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa424bb427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa434c6427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa454d4427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa474e5427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa494f4427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa4c503427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa4e516427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa50522427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa51528427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa5b570427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa5d57c427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa5e7b54273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa5f589427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa617c74273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa61595427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa627d44273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/std/banners/4fc63db609d13.swf?srv=runetki.com&bid=112&lng=ru&cmp=&id=1312&cmp=903681&tp=4
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:50 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aaa635a5427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sesdirere.faithweb.com/gjhyj-ajnj-vfvrb.html
Cookie: i=52e2b83f-80bf-08eb-38b4-5b5c145b45d6|1502197303

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Set-Cookie: i=52e2b83f-80bf-08eb-38b4-5b5c145b45d6|1502197303; Version=1; Expires=Wed, 08-Aug-2018 13:01:50 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1502197310|9D; Version=1; Expires=Wed, 23-Aug-2017 13:01:50 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server: OXGW/11.99.7
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Tue, 08 Aug 2017 13:01:50 GMT
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   138
Md5:    86ae984fe6b6754953199e155dd12c7b
Sha1:   a267e1e3990e96ab36e8b2cf0fdb9502d81fd316
Sha256: bc82f91682568c744b476b276198aa4227c1d986ff50a4a4242fa06a728bd3e4
                                        
                                            GET /pop.php?src=a583c57d266af63cec1db9f7f41016a2&delay=7&duration=10&expiration=1&poptype=up HTTP/1.1 
Host: tools.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.7.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 162
Connection: keep-alive
Set-Cookie: secret=YmY1MDU5MDA0MWNmMmJlODgzODVkMjhmZTIyZGVjYjBfMzc3Mjg4OTA0; Expires=Wed, 09-Aug-17 13:01:50 GMT; Path=/
Location: /pop.php?src=a583c57d266af63cec1db9f7f41016a2&delay=7&duration=10&expiration=1&poptype=up
Server: cloudflare-nginx
CF-RAY: 38b2aaa67362426d-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /pop.php?src=a583c57d266af63cec1db9f7f41016a2&delay=7&duration=10&expiration=1&poptype=up HTTP/1.1 
Host: tools.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309; secret=YmY1MDU5MDA0MWNmMmJlODgzODVkMjhmZTIyZGVjYjBfMzc3Mjg4OTA0

                                         
                                         104.20.7.232
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 08 Aug 2017 13:01:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.31
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Server: cloudflare-nginx
CF-RAY: 38b2aaa6f3a6426d-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3393
Md5:    c84847f798637563853036e106f1a978
Sha1:   0506617588a3bfc499d25c761e507d3da11c30a0
Sha256: 6a9dad26a9d012e720a66dbc4fcf81e99f21ae9a69de9cb26645c770f4bbbef9
                                        
                                            GET /pixel?google_nid=openx&google_cm&google_sc HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909

                                         
                                         216.58.209.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
Date: Tue, 08 Aug 2017 13:01:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 292
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 08-Aug-2017 13:16:50 GMT; path=/; domain=.doubleclick.net


--- Additional Info ---
Magic:  HTML document text
Size:   292
Md5:    b6e453661d0ddf68898fe6de8bf77403
Sha1:   b5ada9403c9838f483e1ab74f2b4ac290bc5e26e
Sha256: 0cebcca4b12681a67614eb3055af0918df4f03b11d0ec0394a4c39e13d791829
                                        
                                            GET /pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.209.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB6F4pzU6GLPLJHUyTK2VOM&google_cver=1
Date: Tue, 08 Aug 2017 13:01:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 294
X-XSS-Protection: 1; mode=block
Set-Cookie: id=276850ff99706a94||t=1502197310|et=730|cs=002213fd486bc6835c226574df; expires=Thu, 08-Aug-2019 13:01:50 GMT; path=/; domain=.doubleclick.net test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUnAgPyyIB2Ycps2MXap51ExaaLzZLFrpa3Jjg6Litxq0iTk3Ik_cg; expires=Thu, 08-Aug-2019 13:01:50 GMT; path=/; domain=.doubleclick.net; HttpOnly


--- Additional Info ---
Magic:  HTML document text
Size:   294
Md5:    bd88ab7245ca2d43a00b29225d04992b
Sha1:   d8359185379d26bea3a22ed45567fc921bf3d0ca
Sha256: 6e8c5794315b2c5e4f9e7fc1df11f1a3b05f69dbef56c037cdd341d23a046244
                                        
                                            GET /pstylerunetki.css HTTP/1.1 
Host: tools.runetki.co
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html

                                         
                                         5.79.69.210
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.11.13
Date: Tue, 08 Aug 2017 13:01:50 GMT
Last-Modified: Wed, 19 Jul 2017 13:35:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"596f6021-988"
Cache-Control: max-age=1800
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   587
Md5:    968344966e3cce374ff620edc17394ba
Sha1:   d825cf6c7174fb14ffffeb63fbd56c58878b7403
Sha256: 71ca9c832b100f31ea50e17ae3bdd29d061b31d34682b9bbf1925d15e38e6fa6
                                        
                                            GET /w/1.0/sd?id=537072991&val=CAESEB6F4pzU6GLPLJHUyTK2VOM&google_cver=1 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909
Cookie: i=52e2b83f-80bf-08eb-38b4-5b5c145b45d6|1502197303; pd=v2|1502197310|9D

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Server: OXGW/11.99.7
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Tue, 08 Aug 2017 13:01:50 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   460
Md5:    1b142030abfffb157012d212e141ce1f
Sha1:   a5cd47aae66c145b8060931c5e8cd7cdc83af369
Sha256: edde1995f66ac6856c2a4faaf8d909b11d5ee70cd5a6cf25e135561356fb5c24
                                        
                                            GET /js/webcam/1/images/kteN-TiU.ttf HTTP/1.1 
Host: allfreedating.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/css00000.css

                                         
                                         91.219.194.36
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.12.0
Date: Tue, 08 Aug 2017 13:01:50 GMT
Content-Length: 202
Connection: keep-alive
Location: http://google.com/


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   202
Md5:    797bb434fa519999ef96344ad88b07e1
Sha1:   710ff1cedf87536e02d2066541b32c4df7f2d75f
Sha256: 75ff10750a3c866b4a04bb2f629823f34d93fad7465feca23f28c11cfdac5180
                                        
                                            GET / HTTP/1.1 
Host: google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/images/css00000.css
Origin: http://allfreedating.ru

                                         
                                         216.58.211.142
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Cache-Control: private
Referrer-Policy: no-referrer
Location: http://www.google.no/?gfe_rd=cr&ei=PraJWZyrMcOq8weklAE
Content-Length: 255
Date: Tue, 08 Aug 2017 13:01:50 GMT


--- Additional Info ---
Magic:  HTML document text
Size:   255
Md5:    cb39d9ede63c1b0db8603ee82b68ea5b
Sha1:   cc5bfed1661d7a851e22f120652307dc6240a83d
Sha256: 39df6a123926ab688566944fd2864f11bfef2b9b7fbbb16554e3030fce71367a
                                        
                                            GET /res/swf/a583c57d266af63cec1db9f7f41016a2/v.swf?rn=6 HTTP/1.1 
Host: tools.runetki.co
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://allfreedating.ru/js/webcam/1/webcam.html

                                         
                                         5.79.69.210
HTTP/1.1 200 OK
Content-Type: application/x-shockwave-flash
                                        
Server: nginx/1.11.13
Date: Tue, 08 Aug 2017 13:01:57 GMT
Content-Length: 443
Connection: keep-alive
Last-Modified: Thu, 28 Feb 2013 10:01:41 GMT
Etag: "512f2b05-1bb"
Cache-Control: max-age=120
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Macromedia Flash data, version 5
Size:   443
Md5:    fe3a8010701d59c6b4a0fb674b91327e
Sha1:   6bf534cb5df065aeca1535c8937ef1eb2c7efa92
Sha256: 0b62677a1af9b76189dee5598ce76d24316466622ec78b35a01f73fe0e619f5f
                                        
                                            GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 
Host: fpdownload2.macromedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         195.159.219.18
HTTP/1.1 200 OK
Content-Type: text/xml
                                        
Server: Apache
Last-Modified: Tue, 08 Aug 2017 08:33:41 GMT
Etag: "60c-55639d2111c20"
Accept-Ranges: bytes
Content-Length: 1548
Date: Tue, 08 Aug 2017 13:01:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  XML document text\012 XML document text
Size:   1548
Md5:    11bdb5b3d02154ce4ac35345c8e41314
Sha1:   0133c7cdcd9afa9960ab75c8cc3afd8521cc51c3
Sha256: 85b85ca5a3b05180175f2eee1fb2dd7a735b8a310f12cbb701329a147ca8442a
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:57 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:57 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad3f7d94273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:57 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:57 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad466b5427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:57 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:57 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad4c0374273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad697ae427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad6b0ea4273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad6d7c4427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad6f1044273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad737e9427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad7411d4273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad76000427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad7713a4273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad7a018427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad7d15f4273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad7f038427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad821884273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad84059427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad8519f4273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad8606c427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad881bc4273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad8a086427f-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1
                                        
                                            GET /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1 HTTP/1.1 
Host: promo.runetki.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dfc6d384ba8d22e260d5e2a47c27959051502197309

                                         
                                         104.20.6.232
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 08 Aug 2017 13:01:58 GMT
Content-Length: 162
Connection: keep-alive
Location: /res/tpl/im.swf?id=1312&bid=8518&server=runetki.com&langs=ru&campaign=720928&delay=7&duration=10&expiration=1&mediatype=1&header=1&poptype=up&sound=off&target=_blank&linkdest=model&bbgstyle=grad&bbggrad=shiny_white&btextcolor=CC0000&mbordercolor=666666&mhovercolor=FF0033&bfontfamily=Arial&mtextalign=left&category=2,3,4,6,7,8,9,10,11,12,14,15&dev=1
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 08 Aug 2017 15:01:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38b2aad8b1cc4273-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   162
Md5:    24cfe36ae484a6ee3c11174005860e98
Sha1:   477ae488b059f255d8b69318888f124febabfa7d
Sha256: 402425e502518e0a95cc8d9be3dc14586c6ab9625f4fe5ee2a371d9458fae4a1