Overview

URL thewylds.com/wp-includes/js/tinymce/plugins/wpemoji/
IP74.91.252.2
ASNAS32392 Ecommerce Corporation
Location United States
Report completed2017-10-13 01:04:57 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-10-13 2 www.30dagersendring.vip.advertproff.com/js/jquery.min.js Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/js/bootstrap.min.js Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/js/general.js Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/js/main1.js Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/js/jquery.fancybox.js Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/fonts/cJZKeOuBrn4kERxqtaUH3T8E0i7KZ (...) Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/fonts/xmB9oJNpSFKa3qTF2JABPj8E0i7KZ (...) Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/fonts/qZpi6ZVZg3L2RL_xoBLxWXhCUOGz7 (...) Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/js/commonJs.js Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/fonts/k3k702ZOKiLJc3WVjuplzHhCUOGz7 (...) Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/fonts/ah9xtUy9wLQ3qnWa2p-piXhCUOGz7 (...) Malware
2017-10-13 2 www.30dagersendring.vip.advertproff.com/js/getdetector.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 74.91.252.2

Date UQ / IDS / BL URL IP
2017-10-05 22:21:07 +0200
0 - 0 - 1 julianneseverson.com/ 74.91.252.2
2017-09-14 06:17:55 +0200
0 - 0 - 1 hosannahome.com/wordpress/ 74.91.252.2
2017-09-09 05:55:24 +0200
0 - 0 - 1 hosannahome.com/wordpress/ 74.91.252.2
2017-09-09 03:01:41 +0200
0 - 0 - 1 home.julianneseverson.com/74bb/huopx/function (...) 74.91.252.2
2017-09-05 22:38:56 +0200
0 - 0 - 1 home.julianneseverson.com/74bb/huopx/papkr342 (...) 74.91.252.2
2017-09-05 21:03:30 +0200
0 - 0 - 1 home.julianneseverson.com/74bb/huopx/32b3/tin (...) 74.91.252.2
2017-09-04 14:50:23 +0200
0 - 0 - 1 home.julianneseverson.com/74bb/huopx/papkr342 (...) 74.91.252.2
2017-09-04 12:35:31 +0200
0 - 0 - 1 home.julianneseverson.com/74bb/huopx/function (...) 74.91.252.2
2017-09-04 10:13:20 +0200
0 - 0 - 1 home.julianneseverson.com/74bb/huopx/alopr/co (...) 74.91.252.2
2017-09-04 09:48:44 +0200
0 - 0 - 1 home.julianneseverson.com/74bb/huopx/editors. (...) 74.91.252.2

Last 10 reports on ASN: AS32392 Ecommerce Corporation

Date UQ / IDS / BL URL IP
2017-12-13 23:13:20 +0100
0 - 1 - 0 angelbyheart.com/ 76.162.176.108
2017-12-13 23:04:05 +0100
0 - 0 - 2 africanitelife.com/domian/chaseonline.chase.c (...) 69.49.247.85
2017-12-13 23:02:43 +0100
0 - 0 - 1 www.1flexnaturalbodybuilding.com/contestupdat (...) 72.41.248.209
2017-12-13 23:02:01 +0100
0 - 0 - 1 www.africanitelife.com/domian/chaseonline.cha (...) 69.49.247.85
2017-12-13 22:59:55 +0100
0 - 0 - 1 prodistrales.com/www/includes/impots 72.41.199.2
2017-12-13 22:56:26 +0100
0 - 0 - 1 abuzaghleh.com/Menu/bnp/ID-2036587618311/Clie (...) 72.41.70.2
2017-12-13 22:54:58 +0100
0 - 0 - 1 etolly.com/administrator/compte/compt/kxfpsd 50.6.113.122
2017-12-13 22:54:03 +0100
0 - 0 - 1 amghamdi.com/OneDrive 72.41.61.248
2017-12-13 22:24:57 +0100
0 - 0 - 1 nocostincome.brubeckemkt.com/paypal.services. (...) 50.6.60.2
2017-12-13 22:22:25 +0100
0 - 0 - 1 nocostincome.brubeckemkt.com/paypal.services. (...) 50.6.60.2

No other reports on domain: thewylds.com



JavaScript

Executed Scripts (31)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (69)


Request Response
                                        
                                            GET /wp-includes/js/tinymce/plugins/wpemoji/ HTTP/1.1 
Host: thewylds.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         74.91.252.2
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Thu, 12 Oct 2017 23:04:20 GMT
Server: Apache
Last-Modified: Fri, 06 Oct 2017 17:14:02 GMT
Etag: "2a0db09-66-55ae3f79eaa80"
Accept-Ranges: bytes
Content-Length: 102
Keep-Alive: timeout=3, max=120
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   102
Md5:    3156b0a752f9c6c95d71bdc6390816ab
Sha1:   d5f0dd97a357520577d42b8ffc1b6d420586ee41
Sha256: 90a1c0972c701c36b9e8f2089c5c17f0e28788abe37fda94400269a8506c298f
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: thewylds.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         74.91.252.2
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Thu, 12 Oct 2017 23:04:20 GMT
Server: Apache
Last-Modified: Thu, 04 Dec 2014 11:52:31 GMT
Etag: "1e8019c-1f1-5096298597dc0"
Accept-Ranges: bytes
Content-Length: 497
Keep-Alive: timeout=3, max=119
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   497
Md5:    e740b24e157b396d9ec1780ead3eedeb
Sha1:   2d45865dd178b8b54b3ddbaf1258243097bdd2e8
Sha256: 13263644374f11bb5b3ce19e036541b5ca271db63b0a45e990eaea25c30d306f
                                        
                                            GET /tracker?smart_link_id=2&aff_id=149 HTTP/1.1 
Host: vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         47.88.59.187
HTTP/1.1 302 Found
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:21 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0
Via: 1.0 proxy_track


--- Additional Info ---
                                        
                                            GET /?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0 HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:22 GMT
Content-Length: 9140
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Mon, 14 Aug 2017 08:37:50 GMT
Etag: "91b6-556b293fae3cb-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   9140
Md5:    d7567914084e1d292b45741344353ba2
Sha1:   a28882468edf7a7c1bac7d9819c7a5c3e5c15370
Sha256: e2be84aee718728b66cf8407954fb3bab51b114933b5f4727d9e9f40708cc82a
                                        
                                            GET /css/css.css HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:23 GMT
Content-Length: 1356
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:27:30 GMT
Etag: "2949-555617b34af93-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1356
Md5:    d1ffe66db51a042599b3e74297fa7ba5
Sha1:   e56543a59f0a0bcb0c9f56ce3b044e0f69c07d37
Sha256: 3d86b4d21a0eefe80233a9960f4bb6997fb71b768895611c3160355aef1080ca
                                        
                                            GET /css/jquery.fancybox.css HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:23 GMT
Content-Length: 1430
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:27:31 GMT
Etag: "135b-555617b4086c6-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1430
Md5:    557c29a4f424dc35fc9f1f639861642e
Sha1:   a9e0b8128c4936dbe1b611e4beb1760aa6513501
Sha256: f7cf467cf3da2933b1388c3a2b7c4483edb0ce7680252bf1922f68c272446554
                                        
                                            GET /css/main.css HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:23 GMT
Content-Length: 4319
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:27:32 GMT
Etag: "5935-555617b4c5df9-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4319
Md5:    d255f23262f62b260e1fd3ed20913f3f
Sha1:   bb55f841997ee252a087a71beb3eaea6e0c0b944
Sha256: 2afbb6b0d945d521c326f4a218e586d45876fbc2e65c4cbf4ecc5f33c2575be9
                                        
                                            GET /images/favicon.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:23 GMT
Content-Length: 6520
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:11 GMT
Etag: "1978-555617da4b2d8"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced
Size:   6520
Md5:    efbe23ee30f076430b3902d1d4654b8c
Sha1:   485918310f16d01eacf84e7156df51a6bde4712c
Sha256: 34cb28bc7163cf3e3bbb843780bf0dfb3ded9475f1bb2b96d8eb609f0d56fc0b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: thewylds.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=0-
If-Range: "1e8019c-1f1-5096298597dc0"

                                         
                                         74.91.252.2
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Thu, 12 Oct 2017 23:04:23 GMT
Server: Apache
Last-Modified: Thu, 04 Dec 2014 11:52:31 GMT
Etag: "1e8019c-1f1-5096298597dc0"
Accept-Ranges: bytes
Content-Length: 497
Keep-Alive: timeout=3, max=120
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   497
Md5:    e740b24e157b396d9ec1780ead3eedeb
Sha1:   2d45865dd178b8b54b3ddbaf1258243097bdd2e8
Sha256: 13263644374f11bb5b3ce19e036541b5ca271db63b0a45e990eaea25c30d306f
                                        
                                            GET /css/bootstrap.min.css HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:23 GMT
Content-Length: 17160
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:27:30 GMT
Etag: "18678-555617b34ced3-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17160
Md5:    d52e4a39d65511c0e588d05cca5ae177
Sha1:   b7115b0ac9d3c516f476add4bf944f96a8924346
Sha256: dff6a28eb7f0719e18726665201b4aa3c1103e2258a089203a1daeb216068b27
                                        
                                            GET /js/jquery.min.js HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:23 GMT
Content-Length: 29497
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:28:30 GMT
Etag: "14915-555617ebe4f5c-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   29497
Md5:    5de8769c7ab306a22dc48d88d2af952b
Sha1:   bd8a7f0404cbdcb9c03ab876af55adfb8da1d629
Sha256: c0710b9760862129ed30e4422843de6c59b288985211a9e828647ea72d8526b8

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /css/loading-bar.css HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:23 GMT
Content-Length: 2008
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:27:31 GMT
Etag: "4d1e-555617b40b5a6-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2008
Md5:    a0b94d749175081aba007d27425a0e5c
Sha1:   0412012d20053a88d1a9bc07781edecf9cd0646c
Sha256: 9f4c435197bb04490d9e180efff6b5f58416ee2f6c746182a632d73bedc0ec11
                                        
                                            GET /js/bootstrap.min.js HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 7679
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:28:27 GMT
Etag: "71b6-555617e9a9ae4-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7679
Md5:    18c650acaadcdf582747aea91bebda89
Sha1:   254df0d455514d4888e4906993b3e72d5f56d2d0
Sha256: cd2d43b5075c59279839a156425c64abefa206144a4e7ee4a9c35c1157e1217a

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /js/general.js HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 1533
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:28:28 GMT
Etag: "f22-555617ea652d7-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1533
Md5:    8901d74323346336a59f1aec68c2500b
Sha1:   4d5b12da522438ea21c10871f2c94bed7a627742
Sha256: c1c79e09a2c8db45f1c4ffaf499505a45a8495fbe7b38176369347e4165a9545

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /js/main1.js HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 4237
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:28:30 GMT
Etag: "2c36-555617eca362e-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4237
Md5:    8880a108a59c47fbf0e7fb129051dacf
Sha1:   3e7795b12431fdbaf65b5fe7626cbc825045e82b
Sha256: c7fcd7e333e143d7b46de14aa1871f7f072e894fbde8107ded29975deb173194

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /embed/ljmlZnay8d4?autoplay=1&controls=0&disablekb=0&loop=1&modestbranding=0&rel=0&showinfo=0&playlist=ljmlZnay8d4 HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         172.217.22.174
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Content-Length: 0
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
X-Content-Type-Options: nosniff
Expires: Tue, 27 Apr 1971 19:44:06 EST
X-XSS-Protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
Location: https://www.youtube.com/embed/ljmlZnay8d4?autoplay=1&controls=0&disablekb=0&loop=1&modestbranding=0&rel=0&showinfo=0&playlist=ljmlZnay8d4
Cache-Control: no-cache
Date: Thu, 12 Oct 2017 23:04:24 GMT
Server: YouTube Frontend Proxy
Set-Cookie: VISITOR_INFO1_LIVE=VITHrUll1Pw; path=/; domain=.youtube.com; expires=Wed, 13-Jun-2018 10:57:24 GMT; httponly YSC=2lKmLgfN9j0; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=VITHrUll1Pw; path=/; domain=.youtube.com; expires=Wed, 13-Jun-2018 10:57:24 GMT; httponly


--- Additional Info ---
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.31.74.124
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 1570
Connection: keep-alive
Set-Cookie: __cfduid=d9be2af327a5a038317ca6d8b1ad0d65d1507849464; expires=Fri, 12-Oct-18 23:04:24 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Thu, 12 Oct 2017 19:00:22 GMT
Expires: Mon, 16 Oct 2017 19:00:22 GMT
Etag: "41c8f04513c6a50d2e56c5c875c114a1d6ba3ea5"
Cache-Control: public, no-transform, must-revalidate
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3acdb2b1c3b04273-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    2605fb7479b805cb90045dd022ca135b
Sha1:   41c8f04513c6a50d2e56c5c875c114a1d6ba3ea5
Sha256: fa3fe1c91ee128a1cde646b0e562901aaec241798769ce928eba9d5065926dd4
                                        
                                            GET /images/logo.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 13172
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:15 GMT
Etag: "3374-555617ddd46f8"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 326 x 58, 8-bit/color RGBA, non-interlaced
Size:   13172
Md5:    0fc5f8d6b5c059e360972e09ccb1c968
Sha1:   c50c6d66f5d334075f4b72a0b1eab504f59ff221
Sha256: a10f982acbb209f22ff78d33bc9a8e9f18eb5b5c382089de5f7950229127ccdc
                                        
                                            GET /js/jquery.fancybox.js HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 13922
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:28:29 GMT
Etag: "be42-555617eb2b6a9-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13922
Md5:    711e2ae0ba4411cc4bb74bd9b04807f0
Sha1:   b33f3c310875a4854605c4069742ef4da52e1251
Sha256: 9c8d84c1d9442efa552a20abc517f5b6b66ce92e7edcc66f93b3c8de0474bb31

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/no_cc.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 5297
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:17 GMT
Etag: "14b1-555617e039b4d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 383 x 47, 8-bit colormap, non-interlaced
Size:   5297
Md5:    115e36f8928d406782b3d889492b70b0
Sha1:   0ee9497da976e864b2b321c1612cfd2c1f273ac3
Sha256: 7985e5a252773a731e7df4e4da1dc5f2f4bd910df4aa09ec3cb938d0a8bef6fd
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 12 Oct 2017 23:04:24 GMT
Expires: Mon, 16 Oct 2017 23:04:24 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    442e230201d5fb9579831804608d0c26
Sha1:   054436b2a24a54e955b8beca6d116ca9c8d68a0a
Sha256: 8d8f86ffb2f324d7641d23589c2dd875dfa64495f3d636f7b52359c89d1d51a7
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=351085, public, no-transform, must-revalidate
Last-Modified: Tue, 10 Oct 2017 00:34:08 GMT
Expires: Tue, 17 Oct 2017 00:34:08 GMT
Date: Thu, 12 Oct 2017 23:04:24 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    fccd40351d25d6f5eecda73fdef9b3d8
Sha1:   0d2d2f37814bb53b7dca796acc9ee278ef6297ba
Sha256: 23e276d6aa20791de9110019cb7992bae490040d4cc3a06678449d1b3f2063e4
                                        
                                            GET /iap/33b928570125e321 HTTP/1.1 
Host: pixel.sitescout.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         66.155.71.150
HTTP/1.1 302 Found
                                        
Set-Cookie: cookietest3=123; Domain=.sitescout.com
Location: http://pixel.sitescout.com/iap/33b928570125e321?cookieQ=1
Content-Length: 0
Date: Thu, 12 Oct 2017 23:04:24 GMT
Server: AC1.1


--- Additional Info ---
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 12 Oct 2017 21:50:39 GMT
Expires: Thu, 12 Oct 2017 23:50:39 GMT
Last-Modified: Thu, 28 Sep 2017 22:31:34 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14089
Cache-Control: public, max-age=7200
Age: 4425
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14089
Md5:    7b1f226d2f5f01597e62889513d4bc8c
Sha1:   ff78ed289a65fa3c91b0ff470fb0c6536bcab745
Sha256: 80eeeea7639a7b6a6205b8862b9060a7c60da47855e8dd9c74e64b0a0fce8b9a
                                        
                                            GET /iap/33b928570125e321?cookieQ=1 HTTP/1.1 
Host: pixel.sitescout.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0
Cookie: cookietest3=123

                                         
                                         66.155.71.150
HTTP/1.1 204 No Content
                                        
Cache-Control: max-age=0,no-cache,no-store
Pragma: no-cache
Expires: Tue, 11 Oct 1977 12:34:56 GMT
P3P: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Set-Cookie: ssi=e0b6fdc7-4460-4f3c-a3a0-b181fd638cc7; Domain=.sitescout.com; Expires=Fri, 12-Oct-2018 23:04:24 GMT; Path=/
Date: Thu, 12 Oct 2017 23:04:24 GMT
Server: AC1.1


--- Additional Info ---
                                        
                                            GET /images/jack.jpg HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 13555
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:13 GMT
Etag: "34f3-555617db9a220"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   13555
Md5:    b3773859f71c53793db9c1ddcbd6ed3a
Sha1:   9d11ab4b8cd10c0f9302ef40e2bffb0c4b53a838
Sha256: c1e3079ef3ced62b0f5b166b055f3fd71504288491d81a860fc37723ccf2c6dd
                                        
                                            GET /images/uk.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 2223
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:23 GMT
Etag: "8af-555617e566e10"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 30 x 20, 8-bit colormap, non-interlaced
Size:   2223
Md5:    39c18ee431fe1c6e6602e2cc74550820
Sha1:   41d73c26927253f5e9b0dddd3a581526a541d9c2
Sha256: 755af97d7980f73bab4be59067cdbde87e5f749d44e6f91c08b51adb48833208
                                        
                                            GET /images/badges.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 34786
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:05 GMT
Etag: "87e2-555617d436905"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 575 x 90, 8-bit/color RGBA, non-interlaced
Size:   34786
Md5:    f2bb8e35e9ee8ed5c1541783eaf8ddfe
Sha1:   ccec96129a46b9915d6cfa627e25ed46e51ef277
Sha256: 70fd0a6277f87c0dd9f46f9cb9763d207a8013f386f0ad4425555b031c49ce57
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 12 Oct 2017 23:04:25 GMT
Expires: Mon, 16 Oct 2017 23:04:25 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    4b45a06f488bc36f590ba9b61921b7d7
Sha1:   7611da687b1cb01236a61dfc29e35b2fc0ced459
Sha256: ca121f756e9fe64bc134d1c894236af096bcc89bfa9e49ed9fa20858b09384eb
                                        
                                            GET /metrika/watch.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         87.250.250.119
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.8.1
Date: Thu, 12 Oct 2017 23:04:24 GMT
Content-Length: 31070
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Last-Modified: Wed, 11 Oct 2017 15:46:07 GMT
Content-Encoding: gzip
Expires: Fri, 13 Oct 2017 00:04:24 GMT
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=31536000


--- Additional Info ---
Magic:  gzip compressed data, was "_metrika.js", from Unix, last modified: Wed Sep 20 15:59:28 2017
Size:   31070
Md5:    a4350063ff24c8473564d542455ec40c
Sha1:   f2b21568b1a574f4609da06be50d3acec1c11090
Sha256: 010dafc502cfeb744bc32ec88db8307fa3510a4901be77037da1d89f6b2ab185
                                        
                                            GET /collect?v=1&_v=j64&a=1109889777&t=pageview&_s=1&dl=http%3A%2F%2Fwww.30dagersendring.vip.advertproff.com%2F%3Fsession%3D58352713b3114a2eb42341aba9de4657%26aff_id%3D149%26l%3D0%26pl%3D0&ul=en-us&de=UTF-8&dt=30DayChange&sd=24-bit&sr=1176x885&vp=1159x754&je=1&fl=10.0%20r45&_u=IGBAgMQ~&jid=1594174363&gjid=1035260057&cid=612033094.1507849465&tid=UA-98871266-10&_gid=851829805.1507849465&z=1427128406 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Thu, 12 Oct 2017 18:15:21 GMT
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Cache-Control: no-cache, no-store, must-revalidate
Age: 17344
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /fonts/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/css/css.css

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:25 GMT
Content-Length: 20248
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:27:36 GMT
Etag: "4f18-555617b8ffe2d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  data
Size:   20248
Md5:    ce659615885f33d928eb7fe276574106
Sha1:   84f97fc997632d2fffb788cd07c92241f178a9a1
Sha256: 819747b05df4938922997e60e199603ecb04f4d987331ba5c3f7db30a835c3bd

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /watch/45611652?wmode=5&callback=_ymjsp541379650&page-url=http%3A%2F%2Fwww.30dagersendring.vip.advertproff.com%2F%3Fsession%3D58352713b3114a2eb42341aba9de4657%26aff_id%3D149%26l%3D0%26pl%3D0&ut=noindex&browser-info=ti%3A6%3Aj%3A1%3As%3A1176x885x24%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1159x754%3Az%3A120%3Ai%3A20171013010425%3Aet%3A1507849466%3Aen%3Autf-8%3Av%3A897%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A668764196036%3Arqn%3A1%3Arn%3A25620094%3Ahid%3A597106273%3Awn%3A54816%3Ahl%3A1%3Arqnl%3A1%3Ast%3A1507849466%3Au%3A1507849466656813080%3At%3A30DayChange HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         87.250.250.119
HTTP/1.1 302 Found
                                        
Server: nginx/1.8.1
Date: Thu, 12 Oct 2017 23:04:25 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Last-Modified: Thu, 12 Oct 2017 23:04:25 GMT
Expires: Thu, 12 Oct 2017 23:04:25 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: yandexuid=8160580731507849465; domain=.yandex.ru; path=/; expires=Sun, 10-Oct-2027 23:04:25 GMT yp=1823209465.yrts.1507849465; domain=.yandex.ru; path=/; expires=Sun, 10-Oct-2027 23:04:25 GMT yabs-sid=444181611507849465; path=/ i=sE36b4VoAly2aC8mhvrnBs0atzgEzH8mJI6Z08JK//e4UUaE3YIEV+iq6ly87Y9SedQMYqofK32kDdnq9UF0y5yu900=; Expires=Sun, 10-Oct-2027 23:04:25 GMT; Domain=.yandex.ru; Path=/; HttpOnly
Location: https://mc.yandex.ru/watch/45611652/1?wmode=5&callback=_ymjsp541379650&page-url=http%3A%2F%2Fwww.30dagersendring.vip.advertproff.com%2F%3Fsession%3D58352713b3114a2eb42341aba9de4657%26aff_id%3D149%26l%3D0%26pl%3D0&ut=noindex&browser-info=ti%3A6%3Aj%3A1%3As%3A1176x885x24%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1159x754%3Az%3A120%3Ai%3A20171013010425%3Aet%3A1507849466%3Aen%3Autf-8%3Av%3A897%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A668764196036%3Arqn%3A1%3Arn%3A25620094%3Ahid%3A597106273%3Awn%3A54816%3Ahl%3A1%3Arqnl%3A1%3Ast%3A1507849466%3Au%3A1507849466656813080%3At%3A30DayChange
X-XSS-Protection: 1; mode=block


--- Additional Info ---
                                        
                                            GET /fonts/xmB9oJNpSFKa3qTF2JABPj8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/css/css.css

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:25 GMT
Content-Length: 24064
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:27:58 GMT
Etag: "5e00-555617cdc7218"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  data
Size:   24064
Md5:    398d1b52d285f6757e8001748fa3cdcb
Sha1:   e4bce8648864998df0df471b319c27118c3a9b89
Sha256: cda6bc1eed3323a97dd9afccca2f940f221302ffcce82d8ec368a1cc952cce94

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /fonts/qZpi6ZVZg3L2RL_xoBLxWXhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/css/css.css

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:25 GMT
Content-Length: 24008
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:27:54 GMT
Etag: "5dc8-555617ca0ff9b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  data
Size:   24008
Md5:    499d382694c5bf65f72b0dd7230ecc1c
Sha1:   3a76590dbc04d1c1a65e40fc69e89e1b50b0393c
Sha256: 823586b88caa4a2b83a4487236941c8074e2118ee596b775623962cd00a60acb

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 12 Oct 2017 23:04:25 GMT
Expires: Mon, 16 Oct 2017 23:04:25 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    d38b66396bd72b1ee7812bd711f1d738
Sha1:   ba1cdba7c65bf0c75d29c292b3550afa7e12192f
Sha256: e93b664fe314ec2af081654cfbd9ee956b88b0798609795bbd53409beba32c52
                                        
                                            GET /embed/ljmlZnay8d4?autoplay=1&controls=0&disablekb=0&loop=1&modestbranding=0&rel=0&showinfo=0&playlist=ljmlZnay8d4 HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0
Cookie: VISITOR_INFO1_LIVE=VITHrUll1Pw; YSC=2lKmLgfN9j0

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
Date: Thu, 12 Oct 2017 23:04:25 GMT
Server: YouTube Frontend Proxy
Set-Cookie: PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 13-Jun-2018 10:57:25 GMT
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14083
Md5:    f09f400e7ed0051d7b492c2c34a47b3c
Sha1:   5fcb9aabb545e28fa3fcf8897a6a9c306aa5572c
Sha256: c7ade40986b2dc13eeca02e20b010179efca5c41082cd65ecf4d93114a0ee660
                                        
                                            GET /watch/45611652/1?wmode=5&callback=_ymjsp541379650&page-url=http%3A%2F%2Fwww.30dagersendring.vip.advertproff.com%2F%3Fsession%3D58352713b3114a2eb42341aba9de4657%26aff_id%3D149%26l%3D0%26pl%3D0&ut=noindex&browser-info=ti%3A6%3Aj%3A1%3As%3A1176x885x24%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1159x754%3Az%3A120%3Ai%3A20171013010425%3Aet%3A1507849466%3Aen%3Autf-8%3Av%3A897%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A668764196036%3Arqn%3A1%3Arn%3A25620094%3Ahid%3A597106273%3Awn%3A54816%3Ahl%3A1%3Arqnl%3A1%3Ast%3A1507849466%3Au%3A1507849466656813080%3At%3A30DayChange HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0
Cookie: yandexuid=8160580731507849465; yp=1823209465.yrts.1507849465; yabs-sid=444181611507849465; i=sE36b4VoAly2aC8mhvrnBs0atzgEzH8mJI6Z08JK//e4UUaE3YIEV+iq6ly87Y9SedQMYqofK32kDdnq9UF0y5yu900=

                                         
                                         87.250.250.119
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.8.1
Date: Thu, 12 Oct 2017 23:04:25 GMT
Content-Length: 132
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Last-Modified: Thu, 12 Oct 2017 23:04:25 GMT
Expires: Thu, 12 Oct 2017 23:04:25 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   132
Md5:    0f4b06c33158deb0088db46784aceed3
Sha1:   8b3d882265047510573936f6c6843ec2aa7b5149
Sha256: ee502534f8f1e7c3918cc13ca51ba9f9b78aceb6c2cd32acf9fa0dc3adcb7541
                                        
                                            GET /js/commonJs.js HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:25 GMT
Content-Length: 704
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Thu, 21 Sep 2017 16:10:41 GMT
Etag: "61e-559b5557cd176-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   704
Md5:    1a81707a526d4a050c65b4d5ba1bf1dc
Sha1:   d2996e62c46c532e9b9c9ab020c7d045051cb2ff
Sha256: f9131308c5d188f7caf1bbe0f7dbcb0a3ac215ee84818555a669135ac15dfb9e

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /fonts/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/css/css.css

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:25 GMT
Content-Length: 21028
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:27:47 GMT
Etag: "5224-555617c30063a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  data
Size:   21028
Md5:    72862e7cf19603ad24f26baf86dd0e08
Sha1:   4bd3f3f26f7a8eb357a09da8636390a28a21f826
Sha256: 16c11e59500457a4d210e5584e57cdce82015483c1199119b562120e6510a67a

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /fonts/ah9xtUy9wLQ3qnWa2p-piXhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/css/css.css

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:25 GMT
Content-Length: 23100
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:27:35 GMT
Etag: "5a3c-555617b84175a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  data
Size:   23100
Md5:    95342748e5b408240b0cace35526840b
Sha1:   1d191a723ba179efba577bb40efbbe44f3bfdd8e
Sha256: 73a6c17ff4c88d7fe7298f81d58e56c7ef9ec39de89b85b8ca552816715bc992

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /r/collect?t=dc&aip=1&_r=3&v=1&_v=j64&tid=UA-98871266-10&cid=612033094.1507849465&jid=1594174363&gjid=1035260057&_gid=851829805.1507849465&_u=IGBAgMQ~&z=1565278003 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         173.194.220.155
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Thu, 12 Oct 2017 23:04:26 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /yts/cssbin/www-player-vflITOHz1.css HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/ljmlZnay8d4?autoplay=1&controls=0&disablekb=0&loop=1&modestbranding=0&rel=0&showinfo=0&playlist=ljmlZnay8d4
Cookie: VISITOR_INFO1_LIVE=VITHrUll1Pw; YSC=2lKmLgfN9j0; PREF=f1=50000000

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 45058
Date: Tue, 10 Oct 2017 01:17:25 GMT
Expires: Wed, 10 Oct 2018 01:17:25 GMT
Last-Modified: Mon, 09 Oct 2017 23:44:45 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 251221
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   45058
Md5:    8eb5b34ffe71b36386a23250a8b38ce5
Sha1:   874284afa9735f95aa5bcf0b41c1bbf81883ee85
Sha256: 0aa932821f3f2d2f8bdb52d98b924eec3923aeda4ea735d59b56bdb06fcc0395
                                        
                                            GET /yts/jsbin/www-embed-player-vflWYCwde/www-embed-player.js HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/ljmlZnay8d4?autoplay=1&controls=0&disablekb=0&loop=1&modestbranding=0&rel=0&showinfo=0&playlist=ljmlZnay8d4
Cookie: VISITOR_INFO1_LIVE=VITHrUll1Pw; YSC=2lKmLgfN9j0; PREF=f1=50000000

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 31835
Date: Thu, 12 Oct 2017 18:15:26 GMT
Expires: Fri, 20 Oct 2017 18:15:26 GMT
Last-Modified: Thu, 12 Oct 2017 10:55:44 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=691200
Age: 17340
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   31835
Md5:    804bd76b540bd6eac8cea253e363a286
Sha1:   fbb2fdd65ea698d8b0eb94d8af5cc25e11e56010
Sha256: 4d97e45b6696a722a63f435ea9354b67907a9e2df40b140ed9103f38c69d7426
                                        
                                            GET /js/getdetector.js HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:26 GMT
Content-Length: 173
Connection: keep-alive
Vary: Host,Accept-Encoding
Last-Modified: Fri, 28 Jul 2017 14:28:29 GMT
Etag: "e0-555617eb1dbea-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   173
Md5:    1d908a9cf6daa0088e56a08486349da6
Sha1:   78d458e960fcb015bf89b90f53a5075109581594
Sha256: c342ba30119646967e4f36b0fb99e6bb5bc61288dded75482602a325b2328de9

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/fr.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:26 GMT
Content-Length: 1139
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:12 GMT
Etag: "473-555617db08a0a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 30 x 20, 8-bit colormap, non-interlaced
Size:   1139
Md5:    099e5201af58eb3d27733134d9f28c18
Sha1:   5eaa95b37bd766e864f34bf7f3c3c11da2ced38d
Sha256: 8f9652cbd4b087c7c6ac6d72db19071f1064ed66490c87ca16a939f86085bf53
                                        
                                            GET /images/click_proof.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:26 GMT
Content-Length: 2017
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:08 GMT
Etag: "7e1-555617d72f4af"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 290 x 50, 8-bit colormap, non-interlaced
Size:   2017
Md5:    3b7b6c785c77c8285ad7159f2cd4417b
Sha1:   4c818e18431fa10ac9f42e72c6a65a192c0c49b4
Sha256: 773d0652e6f3cae8e66e87747c9aa968c14bcfa44769400bf411be8eefa7d23b
                                        
                                            GET /images/alberto.jpg HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:26 GMT
Content-Length: 15166
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:02 GMT
Etag: "3b3e-555617d1fd3cd"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   15166
Md5:    bd6b06ecdf3192eefb163d56d6e61628
Sha1:   1cbea969d8b4d7e7137e41b6601302a9270745f4
Sha256: 5123f7f5bac2f00b9ab500410bf93327ca9587b7b988ecd741e76f91e52d933b
                                        
                                            GET /images/es.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:26 GMT
Content-Length: 1027
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:09 GMT
Etag: "403-555617d7eaca2"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 30 x 20, 8-bit colormap, non-interlaced
Size:   1027
Md5:    ec751faaf38edf4972e40821cb9e8af0
Sha1:   f28afce0755cf47004a47c62a0fad288c637bfa0
Sha256: 74c170d9ffd9c79b972522538efc710a4587d7b407940351a6cd0b8771326c44
                                        
                                            GET /images/lauren.jpg HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:26 GMT
Content-Length: 17736
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:13 GMT
Etag: "4548-555617dc57953"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   17736
Md5:    b86eb0be049ee3c5b084f3121428ef85
Sha1:   33232e4a09e96777be660df8bb0a076f9417b5c9
Sha256: 0245a7c02eceb48b11f3132723d38e5b197841989c78a884f975ebec3c1d29de
                                        
                                            GET /yts/jsbin/player-vflwcUIMe/en_US/base.js HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/ljmlZnay8d4?autoplay=1&controls=0&disablekb=0&loop=1&modestbranding=0&rel=0&showinfo=0&playlist=ljmlZnay8d4
Cookie: VISITOR_INFO1_LIVE=VITHrUll1Pw; YSC=2lKmLgfN9j0; PREF=f1=50000000

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 429306
Date: Wed, 11 Oct 2017 23:03:18 GMT
Expires: Thu, 19 Oct 2017 23:03:18 GMT
Last-Modified: Wed, 11 Oct 2017 08:17:20 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=691200
Age: 86468
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   429306
Md5:    3471ec883431a5620ea506a6c07eea92
Sha1:   4729f83fbea27c289bd43043fe053ba7a59d2974
Sha256: 0e3fe033611a5cc3c947b76fa9d58da773df13a10f2e35f1aaa014abd6b669eb
                                        
                                            GET /images/za.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:27 GMT
Content-Length: 1997
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:24 GMT
Etag: "7cd-555617e6b2e79"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 30 x 20, 8-bit colormap, non-interlaced
Size:   1997
Md5:    3f872aaabf270a82bdcad1c320ef8e19
Sha1:   1902d0f502afefab7747d3d63be8f67fe059c0d7
Sha256: 12452dc48a4e2ae113b5f7dc311efaac411e1a6d5296b2d007213321f25ccbef
                                        
                                            GET /s/roboto/v16/2UX7WLTfW3W8TclTUvlFyQ.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/ljmlZnay8d4?autoplay=1&controls=0&disablekb=0&loop=1&modestbranding=0&rel=0&showinfo=0&playlist=ljmlZnay8d4
Origin: https://www.youtube.com

                                         
                                         172.217.22.163
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18904
Date: Thu, 12 Oct 2017 18:15:34 GMT
Expires: Fri, 12 Oct 2018 18:15:34 GMT
Last-Modified: Mon, 17 Apr 2017 21:22:19 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 17332
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   18904
Md5:    a9fc51fd0214c75ee5953dda0f2a06a6
Sha1:   7a4ddb6733c33dfe9ec94c82a5e7f5da885f5182
Sha256: 8740f04a97202a2483d54a5781598c30cceac029a1522b6c5dd270250b9d1a17
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0
Cookie: yandexuid=8160580731507849465; yp=1823209465.yrts.1507849465; yabs-sid=444181611507849465; i=sE36b4VoAly2aC8mhvrnBs0atzgEzH8mJI6Z08JK//e4UUaE3YIEV+iq6ly87Y9SedQMYqofK32kDdnq9UF0y5yu900=

                                         
                                         87.250.250.119
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.8.1
Date: Thu, 12 Oct 2017 23:04:27 GMT
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Expires: Thu, 05 Sep 2047 23:04:27 GMT
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /images/michael.jpg HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:27 GMT
Content-Length: 14777
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:16 GMT
Etag: "39b9-555617debfc88"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   14777
Md5:    c56d5838cba3bbfec4dda484a00af0de
Sha1:   e9aea140947635c859aded351937878a2914ea08
Sha256: 6436abffeed0748cbbb4cfa32a8302b372be024e72bc1a2db2d5c2dcf1772c1f
                                        
                                            GET /images/us.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:27 GMT
Content-Length: 1722
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:23 GMT
Etag: "6ba-555617e5f66e6"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 30 x 20, 8-bit colormap, non-interlaced
Size:   1722
Md5:    84409b73f528c7acdbd55ba81ebd22c4
Sha1:   5e275c756af58f84327228e4db2f25a9e083888a
Sha256: 8c0f214e09e38183553ae4057a7ebc483f67f080f8245c93d74dfdc987579435
                                        
                                            GET /images/malinda.jpg HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:27 GMT
Content-Length: 18404
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:16 GMT
Etag: "47e4-555617de91e2b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   18404
Md5:    2ff04fd21050645dacc7c672b662574b
Sha1:   97ee2b548ebf5234896a51f5ec63bf02cd583d7a
Sha256: ce0adf90e4e6be0d105d77464bd3575b4c81c5468c803a84860a06369e4b18dc
                                        
                                            GET /images/alert_small_red.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:27 GMT
Content-Length: 1460
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:03 GMT
Etag: "5b4-555617d2bba9f"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   1460
Md5:    95ea128249fd3386001bc99f75ca99e5
Sha1:   a6505d1ed55639324447a512a26e0cf572e6f430
Sha256: a2fca42ad4b81429244d13cc0e486c873065ad9ad139f5a08a2bc2ece382cb05
                                        
                                            GET /images/no_cc_black.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:28 GMT
Content-Length: 10732
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:18 GMT
Etag: "29ec-555617e0cc303"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 380 x 45, 8-bit/color RGB, non-interlaced
Size:   10732
Md5:    b65bb7f704fa9d052da54ce79ad92bd2
Sha1:   878df747f9a4c2a9ebd00fbc55d5378cec7cfebf
Sha256: 7d7365593ea4e3a4d1fbc82f748ab4bc082e10ae9de15a943c8250ffba362e31
                                        
                                            GET /images/badges_gray.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:27 GMT
Content-Length: 23541
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:06 GMT
Etag: "5bf5-555617d4f3098"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 575 x 90, 8-bit/color RGBA, non-interlaced
Size:   23541
Md5:    c1b6b0a1c1a08eb7fe223b0a2dab4dc3
Sha1:   102f4b880f6e1598b3281e662a189aedbb2bf62f
Sha256: e2bcff1cfec4222febd19ba1e1be9753e8d6bfa01c35a0c25da45a38d60208b9
                                        
                                            GET /images/james.jpg HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:27 GMT
Content-Length: 74156
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:13 GMT
Etag: "121ac-555617dbc70dd"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   74156
Md5:    516dc9c6ba01f503c9c421b0be23ee87
Sha1:   5e96e6686e38b2a6f79ef5e47d66447bd73f55a4
Sha256: 65b906950b1ef128896492e3491508e0673d1efc73b3ce89f2cf146e7a718645
                                        
                                            GET /images/stamp.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:27 GMT
Content-Length: 24210
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:21 GMT
Etag: "5e92-555617e3c102e"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 225 x 225, 8-bit/color RGBA, non-interlaced
Size:   24210
Md5:    f4a8076b25cb70347377d0ee3c7c42e1
Sha1:   bb72c4f94eed1b8da1c0e2e51568bf81e004ecd9
Sha256: 428d0d9819d8c542fc93348fcb0a84d90b02154d6fc960127c2838711a149a83
                                        
                                            GET /images/logo_small.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:28 GMT
Content-Length: 6954
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:15 GMT
Etag: "1b2a-555617de02555"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 160 x 36, 8-bit/color RGBA, non-interlaced
Size:   6954
Md5:    0d8fa6a65b5fe7507c7e56fb99da74c9
Sha1:   62831060321424a93301be7b4d0a0221d66186a4
Sha256: 2b169f43bfad474efb1ac878843b45f60f86533f8809bf1b146bb72d2cab4455
                                        
                                            GET /images/star.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/css/main.css

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:28 GMT
Content-Length: 1331
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:21 GMT
Etag: "533-555617e3e718b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 24 x 24, 8-bit/color RGBA, non-interlaced
Size:   1331
Md5:    e3de6efde2c4e686eedfbd75dfbd1d2a
Sha1:   7a4edb375a10cabb9cfec2ed84d35d00fe810e0c
Sha256: aecdbe78344978207cff6e193576563a15fec624fc55e4babc17eb94a7140c82
                                        
                                            GET /images/flip.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/css/main.css

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:29 GMT
Content-Length: 18517
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:12 GMT
Etag: "4855-555617dadbb4d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 210 x 35, 8-bit/color RGBA, non-interlaced
Size:   18517
Md5:    5761ee6e0f80999680b55fb75f813ab5
Sha1:   d26b9356748abedd30d71aa89c9bd9acea03a4ae
Sha256: 008cb4a44e35d2f485aff783caaa3149ae3ea8827c01b0e825df8407fbba9c03
                                        
                                            GET /images/bg.png HTTP/1.1 
Host: www.30dagersendring.vip.advertproff.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/css/main.css

                                         
                                         47.88.59.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:04:28 GMT
Content-Length: 147635
Connection: keep-alive
Vary: Host
Last-Modified: Fri, 28 Jul 2017 14:28:06 GMT
Etag: "240b3-555617d5b270a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 1920 x 846, 8-bit/color RGB, non-interlaced
Size:   147635
Md5:    11570ad13c648b3d35cfc17339ffb274
Sha1:   3d74a6cc7d53c9e06dfcc8376bd1fb4590a4894c
Sha256: e9e01135ec692e22848e2e10a406c244aec52bcb908dbe5e1c2596c3e049843d
                                        
                                            GET /j/roundtrip.js HTTP/1.1 
Host: a.adroll.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0

                                         
                                         195.159.219.9
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: QSA5r6cF5lxAEDe8vAil7fvng4Ezx9VnWlnLzJDkJI83cN963ICWDrhMzZjpYUwd2GgoW4AiGOU=
x-amz-request-id: 1834009ACE1B06A0
Last-Modified: Thu, 12 Oct 2017 22:23:12 GMT
Etag: "8175dd78fc145b7d1ecf50ffcd1fe6fd"
Cache-Control: max-age=300, must-revalidate
x-amz-version-id: 8yFv9xgSzAi31ncUZOrpLpuzR1kmF6KS
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 12 Oct 2017 23:04:30 GMT
Content-Length: 8975
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   8975
Md5:    26d525cf699fa1a8d8a2b9a63a4500c5
Sha1:   a378bbe90c6589608066f77f10f839fb0a860b6a
Sha256: b2edae5b35716a522ea6f9e5c441a575f68a1979ad48d53ebc2cb1b0fc589c14
                                        
                                            OPTIONS /watch/45611652?page-url=http%3A%2F%2Fwww.30dagersendring.vip.advertproff.com%2F%3Fsession%3D58352713b3114a2eb42341aba9de4657%26aff_id%3D149%26l%3D0%26pl%3D0&browser-info=ti%3A7%3Aj%3A1%3As%3A1176x885x24%3Aadb%3A2%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1159x754%3Az%3A120%3Ai%3A20171013010440%3Aet%3A1507849481%3Aen%3Autf-8%3Av%3A897%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A405%3Als%3A668764196036%3Arqn%3A2%3Arn%3A483136029%3Ahid%3A597106273%3Arqnl%3A1%3Ast%3A1507849481%3Au%3A1507849466656813080 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Origin: http://www.30dagersendring.vip.advertproff.com
Access-Control-Request-Method: POST

                                         
                                         87.250.250.119
HTTP/1.1 200 OK
                                        
Server: nginx/1.8.1
Date: Thu, 12 Oct 2017 23:04:41 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
X-XSS-Protection: 1; mode=block


--- Additional Info ---
                                        
                                            GET /watch/45611652?page-url=http%3A%2F%2Fwww.30dagersendring.vip.advertproff.com%2F%3Fsession%3D58352713b3114a2eb42341aba9de4657%26aff_id%3D149%26l%3D0%26pl%3D0&browser-info=ti%3A4%3Aj%3A1%3As%3A1176x885x24%3Aadb%3A2%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1159x754%3Az%3A120%3Ai%3A20171013010440%3Aet%3A1507849481%3Aen%3Autf-8%3Av%3A897%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A405%3Als%3A668764196036%3Arqn%3A2%3Arn%3A483136029%3Ahid%3A597106273%3Arqnl%3A1%3Ast%3A1507849481%3Au%3A1507849466656813080 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.30dagersendring.vip.advertproff.com/?session=58352713b3114a2eb42341aba9de4657&aff_id=149&l=0&pl=0
Cookie: yandexuid=8160580731507849465; yp=1823209465.yrts.1507849465; yabs-sid=444181611507849465; i=sE36b4VoAly2aC8mhvrnBs0atzgEzH8mJI6Z08JK//e4UUaE3YIEV+iq6ly87Y9SedQMYqofK32kDdnq9UF0y5yu900=

                                         
                                         87.250.250.119
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.8.1
Date: Thu, 12 Oct 2017 23:04:41 GMT
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Last-Modified: Thu, 12 Oct 2017 23:04:41 GMT
Expires: Thu, 12 Oct 2017 23:04:41 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87