Overview

URL compreviews.net/
IP160.153.93.105
ASNAS26496 GoDaddy.com, LLC
Location United States
Report completed2018-03-14 06:07:20 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-03-14 2 blowredinn.com/click/D4foUI?sub1=8044-12197-0-6bc78354120869aa68ef77ec7e4595df1 Phishing
2018-03-14 2 click.mylink-today.com/proc.php?78499ad88f2ba55425e786da82eab0dde800910f Malware
2018-03-14 2 click.mylink-today.com/proc.php?686402648c4eac4ec7aa77d8c03ebc54857decb2 Malware
2018-03-14 2 click.mylink-today.com/proc.php?57102a0b85de86e478a0a04ba8ef598cfe8a63bc Malware
2018-03-14 2 click.mylink-today.com/proc.php?08dc67d00073c35adb8046864aa67837dbf65a7b Malware
2018-03-14 2 click.mylink-today.com/proc.php?4648dd98c7efaa8535968bc3fde8d67d0c6184d8 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 1 reports on IP: 160.153.93.105

Date UQ / IDS / BL URL IP
2018-01-21 00:22:05 +0100
2 - 0 - 1 compreviews.net/ 160.153.93.105

Last 10 reports on ASN: AS26496 GoDaddy.com, LLC

Date UQ / IDS / BL URL IP
2018-09-26 07:44:17 +0200
0 - 0 - 13 saborzuliano.com/index.php/images/templates/i (...) 184.168.58.1
2018-09-26 07:40:59 +0200
0 - 0 - 1 hitsuinfotech.com/counter/?id=555C505E1D10140 (...) 182.50.151.35
2018-09-26 07:40:58 +0200
0 - 0 - 1 hitsuinfotech.com/counter/?id=555C505E1717101 (...) 182.50.151.35
2018-09-26 07:39:14 +0200
0 - 0 - 1 wallstreetallstars.com/flirting-with-ytd-losses 184.168.191.1
2018-09-26 07:38:24 +0200
0 - 0 - 14 saborzuliano.com/index.php/images/templates/i (...) 184.168.58.1
2018-09-26 07:35:59 +0200
0 - 2 - 1 www.kvkkalikiri-angrau.org/administrator/comp (...) 203.124.119.1
2018-09-26 07:32:45 +0200
0 - 0 - 3 www.tinarayna.ca/blog/tag/fishing/ 50.63.202.95
2018-09-26 07:29:26 +0200
0 - 0 - 2 install.multinstaller.com/3?wmid=wbsm_334_sftport 68.178.213.61
2018-09-26 07:27:08 +0200
0 - 0 - 5 mma.us/tag/owen-thomas/ 184.168.189.150
2018-09-26 07:24:17 +0200
0 - 0 - 33 class.tax/tax-forms/lost-password 107.180.28.183

Last 2 reports on domain: compreviews.net

Date UQ / IDS / BL URL IP
2018-01-21 00:22:05 +0100
2 - 0 - 1 compreviews.net/ 160.153.93.105
2017-11-20 02:02:39 +0100
0 - 0 - 3 compreviews.net/ 160.153.50.132


JavaScript

Executed Scripts (64)


Executed Evals (2)

#1 JavaScript::Eval (size: 5258, repeated: 1) - SHA256: 847f6a895681edae9f59251c842a9184de97150e61648bfc22fff5bf6b869622

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_SAH').value = d.SAH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_CW').value = d.CW
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
    try {
        document.getElementById('ci_NW').value = d.NW
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.SAH = window.screen.availHeight
} catch (e) {
    QC.SAH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.CW = document.documentElement.clientWidth
} catch (e) {
    QC.CW = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = window.callPhantom !== undefined || window._phantom !== undefined ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof navigator.sendBeacon === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = navigator.geolocation !== undefined ? 1 : 0
} catch (e) {
    QC.NG = -1
}
try {
    QC.NW = 'webdriver' in navigator ? 1 : 0
} catch (e) {
    QC.NW = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

#2 JavaScript::Eval (size: 613, repeated: 1) - SHA256: 7d79d7f17504a461320f713188b82fa5a1fdfd154969db17892e75294035c861

                                        var a;
var b;
var ix;
if (typeof window.innerWidth != 'undefined') {
    a = window.innerWidth;
    b = window.innerHeight
} else if (typeof document.documentElement != 'undefined' && typeof document.documentElement.clientWidth != 'undefined' && document.documentElement.clientWidth != 0) {
    a = document.documentElement.clientWidth;
    b = document.documentElement.clientHeight
} else {
    a = document.getElementsByTagName('body')[0].clientWidth;
    b = document.getElementsByTagName('body')[0].clientHeight
}
try {
    ix = window.self !== window.top ? 1 : 0
} catch (e) {
    ix = 2
}
document.getElementById('a').value = a;
document.getElementById('b').value = b;
document.getElementById('ix').value = ix;
                                    

Executed Writes (4)

#1 JavaScript::Write (size: 261, repeated: 1) - SHA256: 6925aca4e49c3933c502f0cf291d6a2519b974de7485941df7dd2e8cc990674f

                                        < iframe id = "bsIframebxnqo9mu62373287427533688"
style = "undefined"
src = "//cdn.bannersnack.com/banners/bxnqo9mu6/embed/index.html?t=1516886594&userId=33997741"
width = "728"
height = "90"
frameborder = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen > < /iframe>
                                    

#2 JavaScript::Write (size: 173, repeated: 1) - SHA256: 09bf6a8deab368f85dcd63d371777e0aea6150d70e5609ccb52ddcb0a8608469

                                        < img src = "serve/ptp.php?var1=6432&var2=http%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D6432&var3=acffccecfd&var4=1521004322"
width = "0"
height = "0"
style = "width: 0px; height: 0px;" >
                                    

#3 JavaScript::Write (size: 152, repeated: 1) - SHA256: f74867d977bc35ee55a6ee94b51697d7b268cb1960423c323f7d908876e1286a

                                        < script src = "https://static-assets.strikinglycdn.com/jquery-8098bd3eea9a8d9d5db1d6947945e4485aa8d691b06d3668d447faba778b8244.js"
defer = "defer" > < /script>
                                    

#4 JavaScript::Write (size: 111, repeated: 1) - SHA256: 31ed850ed2576dc1ccf76885e16566cdb4aa4b647a2812905ec39e5ea0542713

                                        < style id = "hide-section-contents-style" >
    .s - section.container {
        visibility: hidden;
    } < /style>
                                    


HTTP Transactions (156)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         160.153.93.105
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 14 Mar 2018 05:13:13 GMT
Server: Apache
Location: http://www.compreviews.net/
Content-Length: 235
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   235
Md5:    e789e691f5a980640523a62d6dc2cd4e
Sha1:   0e504cbaa63a1c238c0bf905b3ac7619369228ff
Sha256: b3a8ef9952f1122747368e94c2de1c4e75b7edc97c33e1b160dfeb042f4f4123
                                        
                                            GET / HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 14 Mar 2018 05:13:13 GMT
Server: Apache
Last-Modified: Fri, 05 Jan 2018 21:44:09 GMT
Etag: "20011a-28da-5620e593cbc33-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2823
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2823
Md5:    3075bc0ab3cb93a15a289d90639220eb
Sha1:   5b1b1718dc8306c5a833d804236e0fcefc7050eb
Sha256: 75c60ec156c04420b02509f6ce6f6fc88b569d1078c6a13018c9741af4713c00
                                        
                                            GET /css?family=Roboto+Condensed HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Wed, 14 Mar 2018 05:13:13 GMT
Date: Wed, 14 Mar 2018 05:13:13 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   211
Md5:    cee56de4d70959bb1d9c0a97acd713b5
Sha1:   ff5b500046e68c92cf7ed7f2fef299bfddf9ead8
Sha256: 5ac7917e86b53b2a708e4dc85f935dc465ca66b455b8b436fa4d9082c0f5e8fd
                                        
                                            GET /css?family=Pathway+Gothic+One HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Wed, 14 Mar 2018 05:13:13 GMT
Date: Wed, 14 Mar 2018 05:13:13 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   228
Md5:    39fd5c056750b6507ab5ffb9e5ca3366
Sha1:   70467a0c56faccefa860c463807bc216841756c9
Sha256: 49edb16f28700b0ec98068e9ef955c6a5eba6fd71eb8530d21e6da17cbab01cc
                                        
                                            GET /style.css HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 14 Mar 2018 05:13:13 GMT
Server: Apache
Last-Modified: Fri, 20 Jun 2014 18:15:20 GMT
Etag: "200126-1e37-4fc4879e8fe00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1546
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1546
Md5:    bf1f31c063f88b6d2e3b19e7d873100e
Sha1:   31f9701071390fe1acec472ea7caa527e2db3b86
Sha256: 236b898f7888754a2726683fe03b53345b82c600915adcb7e8c94caa58ee0732
                                        
                                            GET /images/comprevs_09.png HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Mar 2018 05:13:14 GMT
Server: Apache
Last-Modified: Fri, 20 Jun 2014 18:15:08 GMT
Etag: "2000fd-ad-4fc487931e300"
Accept-Ranges: bytes
Content-Length: 173
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 173 x 4, 8-bit/color RGBA, interlaced
Size:   173
Md5:    53c9febf0b93960378773e16af9d3c0e
Sha1:   9304a297cccf43bf5f09e609196f83a931d9137f
Sha256: 3c02d12d16876d43acae8f04d37af08b44621bdd39c94b5da1e2c2a42aec88ca
                                        
                                            GET /s/robotocondensed/v16/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7Cw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Roboto+Condensed
Origin: http://www.compreviews.net

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19716
Date: Tue, 27 Feb 2018 15:15:26 GMT
Expires: Wed, 27 Feb 2019 15:15:26 GMT
Last-Modified: Wed, 11 Oct 2017 18:25:04 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1259868


--- Additional Info ---
Magic:  data
Size:   19716
Md5:    6da41a0de9bcf1627a01686cb1cd0d31
Sha1:   23d89b2609f314167ce3f29232b9881a8986c106
Sha256: 7f13afb794a79e345e954c28ee5fa5def27c084819335540e0d87eafc271d2d3
                                        
                                            GET /ifr.js HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 14 Mar 2018 05:13:14 GMT
Server: Apache
Last-Modified: Wed, 10 Jan 2018 15:30:42 GMT
Etag: "200116-47f-5626db6e55381-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 545
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   545
Md5:    d99ec34720ea4316ae3bca4e17621701
Sha1:   ee6f7e23db70a3bf7747405335886595719b20e8
Sha256: 3bb9b541b1672db52e7a83126be28c7af8f08da1edcc7dbd286d196e30c37bbf
                                        
                                            GET /images/Think.png HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Mar 2018 05:13:14 GMT
Server: Apache
Last-Modified: Tue, 07 Mar 2017 06:15:02 GMT
Etag: "200106-86dd-54a1deea74580"
Accept-Ranges: bytes
Content-Length: 34525
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 728 x 90, 8-bit/color RGB, non-interlaced
Size:   34525
Md5:    d4bf0d85db331350bc7d897b918ae8f6
Sha1:   ca9fac23a6030b66d868ce1af71a04e4217f5abe
Sha256: 430b8f11bbce5ecec47cf076da5efd47bf7cdbc8e3406aa6555bd6cfdbb4ffb2
                                        
                                            GET /images/comprevs_07.png HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Mar 2018 05:13:14 GMT
Server: Apache
Last-Modified: Fri, 20 Jun 2014 18:15:08 GMT
Etag: "2000fc-a6d-4fc487931e300"
Accept-Ranges: bytes
Content-Length: 2669
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 205 x 283, 8-bit/color RGBA, interlaced
Size:   2669
Md5:    3a3e89eaf8a4726e2a065acaabbae5d9
Sha1:   13723a669754264058e42496ed341ac14763bd24
Sha256: 2988a6bd32c6de686aa7908cff1bf9c03812a66f233b24c89e58b0957d97942f
                                        
                                            GET /images/comprevs_01.jpg HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 14 Mar 2018 05:13:14 GMT
Server: Apache
Last-Modified: Fri, 20 Jun 2014 18:15:06 GMT
Etag: "2000fb-27e-4fc4879135e80"
Accept-Ranges: bytes
Content-Length: 638
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   638
Md5:    b095b4cac9fde23d11cd41621679e480
Sha1:   b802cc34a71c8cb84ace91bf99bfc5643d9ef471
Sha256: 32004215c5943c56ae8a9a04abe7f548f603e94e1ffa82a09070fdf9bf218b2b
                                        
                                            GET /images/Sap.png HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Mar 2018 05:13:14 GMT
Server: Apache
Last-Modified: Tue, 07 Mar 2017 06:15:34 GMT
Etag: "200102-1e056-54a1df08f8d80"
Accept-Ranges: bytes
Content-Length: 122966
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 159 x 600, 8-bit/color RGB, non-interlaced
Size:   122966
Md5:    fdf25fa8941345cdd675f09a2700ca87
Sha1:   fdde4d63dbf40813828b7c598438c22a9cfa5c1a
Sha256: f5459559ac3d5d227e5523fd36eb4a75890b9f7f8b9bc41c0286281bb3f04bcb
                                        
                                            GET /images/divider.png HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Mar 2018 05:13:14 GMT
Server: Apache
Last-Modified: Fri, 20 Jun 2014 18:15:08 GMT
Etag: "2000ff-9e-4fc487931e300"
Accept-Ranges: bytes
Content-Length: 158
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 16 x 6, 8-bit/color RGBA, interlaced
Size:   158
Md5:    7bd2553c1e163e56c5f9fe9156bebdc1
Sha1:   f58c8244e9025c7170d8509d03339b6ffccf0341
Sha256: 466d517e2c8991acd59c6d75c525ff94dcb1268a71db6f5d4e9d320307f3c738
                                        
                                            GET /images/Cell.png HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Mar 2018 05:13:14 GMT
Server: Apache
Last-Modified: Mon, 06 Mar 2017 09:06:12 GMT
Etag: "2000fa-20177-54a0c34f3a900"
Accept-Ranges: bytes
Content-Length: 131447
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 299 x 250, 8-bit/color RGB, non-interlaced
Size:   131447
Md5:    14864804a1c961a258c1bc9922db81da
Sha1:   1910ab9071abfed806ba92292b218967a7ef45af
Sha256: 9f44a9c712530468b83b0f295bf1d2850eff9de72661a717fe316c1865a5c087
                                        
                                            GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 
Host: fpdownload2.macromedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         91.135.34.8
HTTP/1.1 200 OK
Content-Type: text/xml
                                        
Server: Apache
Last-Modified: Tue, 13 Mar 2018 08:56:22 GMT
Etag: "60e-567476ec57ca0"
Accept-Ranges: bytes
Content-Length: 1550
Date: Wed, 14 Mar 2018 05:13:15 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  XML document text\012 XML document text
Size:   1550
Md5:    0e5953bcf211832e918aeedb93407613
Sha1:   17af5374e77c99238e75c56e592fe7b62d717449
Sha256: 2f7a8c0ee14c26e1a08a76b92452880227b72dc7b82c626771649713b21160b7
                                        
                                            GET /cpv.php?username=mkrichten HTTP/1.1 
Host: www.cpmbux.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         199.119.78.55
HTTP/1.1 200 OK
Content-Type: text/html
                                        
X-Powered-By: PHP/5.4.31
Set-Cookie: PHPSESSID=ant9dev8fipref1b32967lps91; expires=Wed, 14-Mar-2018 05:14:15 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 673
Date: Wed, 14 Mar 2018 05:13:15 GMT
Server: Web Services


--- Additional Info ---
Magic:  HTML document text
Size:   673
Md5:    f936b3f0822268ac9849f2831d495460
Sha1:   c8e009462c373f180540a8fb8f4c97fb20b3a0e2
Sha256: 1e1353cb2fa0c53e107cec1158eff1ee4b7b6370efe790b33717553638c97eae
                                        
                                            GET /cpv.php?sc=ant9dev8fipref1b32967lps91&ssname=1521004395115686 HTTP/1.1 
Host: www.cpmbux.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/cpv.php?username=mkrichten
Cookie: PHPSESSID=ant9dev8fipref1b32967lps91

                                         
                                         199.119.78.55
HTTP/1.1 200 OK
Content-Type: text/html
                                        
X-Powered-By: PHP/5.4.31
Set-Cookie: PHPSESSID=ant9dev8fipref1b32967lps91; expires=Wed, 14-Mar-2018 05:14:15 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 1764
Date: Wed, 14 Mar 2018 05:13:15 GMT
Server: Web Services


--- Additional Info ---
Magic:  HTML document text
Size:   1764
Md5:    540545a2bca24aba38cff2b8df03124b
Sha1:   11475c06644526355d755670e2ec8394652a9c2b
Sha256: 18a161f26ce1583a5c1104b2a8cce5aa3a5d580f1abcecad20539ce36174a83c
                                        
                                            GET /search.php?username=mkrichten&query=e-cards HTTP/1.1 
Host: www.cpmbux.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/cpv.php?username=mkrichten
Cookie: PHPSESSID=ant9dev8fipref1b32967lps91

                                         
                                         199.119.78.55
HTTP/1.1 200 OK
Content-Type: text/html
                                        
X-Powered-By: PHP/5.4.31
Content-Length: 1477
Date: Wed, 14 Mar 2018 05:13:16 GMT
Server: Web Services


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1477
Md5:    b93bce96154716a39be9638e7762cb6a
Sha1:   1ca77c57d93868b19924cf1846c94717a14506bf
Sha256: 32a82da6957024eb34ca16c25a0abca274a2a303013a5e7419406f8d3b20d5af
                                        
                                            GET /images/header.swf HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         160.153.93.105
HTTP/1.1 200 OK
Content-Type: application/x-shockwave-flash
                                        
Date: Wed, 14 Mar 2018 05:13:15 GMT
Server: Apache
Last-Modified: Fri, 20 Jun 2014 18:15:14 GMT
Etag: "200101-232ff-4fc48798d7080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   144170
Md5:    5244e77c4351eabd10ca6200129bd7cf
Sha1:   f96c7f039773882bbdd84e4ce96e0d331775fd6a
Sha256: 874677ff020c09104f96f3cbff0600f387250d9b2cc3fd3d1b2b855f5ea15819
                                        
                                            GET /afu.php?zoneid=1016295 HTTP/1.1 
Host: pttsite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         109.206.175.81
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Timing-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2770
Md5:    2004c2de19fffde9ebe7efafd07dc380
Sha1:   a76431ea9443959b4d1885e5b6a9aa7d7d027eaf
Sha256: 710b73795774990fef498fb1b6f58d150fe6c6de9495153c327e55499b751102
                                        
                                            GET /d.php?id=11677&client=pub-4976 HTTP/1.1 
Host: clickpapa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         104.27.185.140
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=df973f4e91f9091622babb0e4eed8cefc1521004396; expires=Thu, 14-Mar-19 05:13:16 GMT; path=/; domain=.clickpapa.com; HttpOnly ClickPapa11677Data1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.clickpapa.com cp_ca=3f44662ac585eda79a6792edd3b84e32; expires=Wed, 14-Mar-2018 05:43:16 GMT; Max-Age=1800 cp_ca=3f44662ac585eda79a6792edd3b84e32; expires=Wed, 14-Mar-2018 05:43:16 GMT; Max-Age=1800 cp_ca=3f44662ac585eda79a6792edd3b84e32; expires=Wed, 14-Mar-2018 05:43:16 GMT; Max-Age=1800
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30-1~dotdeb+7.1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Server: cloudflare
CF-RAY: 3fb44004579c426d-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   720
Md5:    49abc28dabb751f96e17b10aef2a41c8
Sha1:   819259bb16daf96903675cd22ebf41d908f8b9cc
Sha256: 912357ea3db54e8e19061633b80e94faf3c812030b388a0fc9b3c0933d49bdd7
                                        
                                            GET /1px.png HTTP/1.1 
Host: clickpapa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clickpapa.com/d.php?id=11677&client=pub-4976
Cookie: __cfduid=df973f4e91f9091622babb0e4eed8cefc1521004396; cp_ca=3f44662ac585eda79a6792edd3b84e32

                                         
                                         104.27.185.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Mar 2018 05:13:16 GMT
Content-Length: 141
Connection: keep-alive
Last-Modified: Wed, 25 Nov 2015 12:19:50 GMT
Etag: "5655a766-8d"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 14 Mar 2018 09:13:16 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3fb4400597c2426d-OSL


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit colormap, non-interlaced
Size:   141
Md5:    e253f0fdd6f773c06c22575c5c2e293b
Sha1:   1794a7e8186b5eda2611e62464bb27cf57e3f2e4
Sha256: 7546a55054942e0d0b2b40d1a05ca25cd40229297e2411c282f7432eb9f61141
                                        
                                            GET /serve/show.php?a=14167&b=728x90 HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396; expires=Thu, 14-Mar-19 05:13:16 GMT; path=/; domain=.mediacpm.pl; HttpOnly
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30
Server: cloudflare
CF-RAY: 3fb44004516242b5-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1400
Md5:    3570e8c45f5503d014138ac14980c144
Sha1:   3844d4517b12ced9f5f28c37e18bd224690e045d
Sha256: fad0b46364d5803c9b6c7bac614163d2d9f623a511ea1473af63e7f841da5ff8
                                        
                                            GET /?zoneid=1016295&r=%2Fmb%2Fhan%2Fdl&nojs=0&x=500&y=500&t=0&ix=1&fs=1&timeout=0&var=&ymid=&pb=87788501c3acfade86b29edaefead6281521004696&pid= HTTP/1.1 
Host: pttsite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://pttsite.com/afu.php?zoneid=1016295

                                         
                                         109.206.175.81
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: OACCAP=AAQZIgAAAAAAAAAB; Path=/; Expires=Fri, 13 Apr 2018 05:13:16 GMT OACBLOCK=AAQZIgAAAABaqK9s; Path=/; Expires=Fri, 13 Apr 2018 05:13:16 GMT OXCCLK=AAQZIgAAAAAAAAAB; Path=/; Expires=Thu, 15 Mar 2018 05:13:16 GMT OXPCLK=AABWmwAAAAAAAAAB; Path=/; Expires=Thu, 15 Mar 2018 05:13:16 GMT ppucnt=0; Path=/; Expires=Thu, 15 Mar 2018 05:13:16 GMT ppucnt=1; Path=/; Expires=Thu, 15 Mar 2018 05:13:16 GMT
Content-Encoding: gzip
Timing-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   342
Md5:    6b618d8ba8bcceee4b2512370f5ea21c
Sha1:   a18373d76cecaf709201420144cf268811120d78
Sha256: ab36c4a3510c9a0ce582352d30bd772ba1deadbaffcd27fa379807a265de551b
                                        
                                            GET /c.php?id=11677&campaign_id=9453&client=pub-4976&count=1&clickauth=8eaaa6a3db5b772beaa31b3229187c36&clickauth2=690548a8833a8024ae51e785e0bb6cca&pd=cpmbux.com&clicktrx=42d4f36e&iframe=1 HTTP/1.1 
Host: clickpapa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clickpapa.com/d.php?id=11677&client=pub-4976
Cookie: __cfduid=df973f4e91f9091622babb0e4eed8cefc1521004396; cp_ca=3f44662ac585eda79a6792edd3b84e32

                                         
                                         104.27.185.140
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.30-1~dotdeb+7.1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ClickPapa4860Click=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.clickpapa.com ClickPapa4860Click=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.clickpapa.com
Location: https://www.soulcams.com/freechat/random.php?wmcode=clickp-REVS-pop
Server: cloudflare
CF-RAY: 3fb44005a7c3426d-OSL


--- Additional Info ---
                                        
                                            GET /adminads/banner/728x90/index.php HTTP/1.1 
Host: cpmbux.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         199.119.78.55
HTTP/1.1 302 Found
Content-Type: text/html
                                        
X-Powered-By: PHP/5.4.31
Location: http://cpmbux.com/adminads/banner/728x90/adsmodern.php
Content-Length: 0
Date: Wed, 14 Mar 2018 05:13:16 GMT
Server: Web Services


--- Additional Info ---
                                        
                                            GET /adminads/admaven/index.php HTTP/1.1 
Host: cpmbux.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         199.119.78.55
HTTP/1.1 302 Found
Content-Type: text/html
                                        
X-Powered-By: PHP/5.4.31
Location: http://phalata.info/redirect?tid=714694&ref=cpmbux.com&subid=5247&q=new+jersey+medical+malpractice+lawyer
Content-Length: 0
Date: Wed, 14 Mar 2018 05:13:16 GMT
Server: Web Services


--- Additional Info ---
                                        
                                            GET /adminads/vokut/index.php HTTP/1.1 
Host: cpmbux.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         199.119.78.55
HTTP/1.1 302 Found
Content-Type: text/html
                                        
X-Powered-By: PHP/5.4.31
Location: http://xml.vokut.com/redirect?feed=70827&auth=iA3eV4&query=best+business+voip+phone+system
Content-Length: 0
Date: Wed, 14 Mar 2018 05:13:16 GMT
Server: Web Services


--- Additional Info ---
                                        
                                            GET /adminads/vertoz/index.php HTTP/1.1 
Host: cpmbux.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         199.119.78.55
HTTP/1.1 302 Found
Content-Type: text/html
                                        
X-Powered-By: PHP/5.4.31
Location: http://search.vertoz.com/redirect?feed=99738&auth=KERSoL&query=austin+car+wreck+attorney
Content-Length: 0
Date: Wed, 14 Mar 2018 05:13:16 GMT
Server: Web Services


--- Additional Info ---
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90
If-Modified-Since: Fri, 03 Oct 2014 00:48:42 GMT

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Wed, 14 Mar 2018 03:16:04 GMT
Expires: Wed, 14 Mar 2018 05:16:04 GMT
Last-Modified: Mon, 13 Nov 2017 20:19:12 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14597
Cache-Control: public, max-age=7200
Age: 7032


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14597
Md5:    6199bd5ef36ff16dd8c35a2abdb5991c
Sha1:   beb16561dd55ab5896b230c5a116a5d819e86b34
Sha256: a3d61ef9e80a01a794fd7c2769720f2fd0e15d0458236e8e0edd411560171879
                                        
                                            GET /banads/view.php?spaceid=3568056 HTTP/1.1 
Host: adspaces.ero-advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         185.70.212.101
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: close
P3P: CP="NOI DSP COR TAIa SAMa NOR"
Set-Cookie: uvid=e09c65d8b98f1c7e032ad282164b2a3a; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/; domain=.ero-advertising.com uvid=e09c65d8b98f1c7e032ad282164b2a3a; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/; domain=.eroadvertising.com
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: Wed, 14 Mar 2018 05:13:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Pragma: no-cache
X-Backend-Server: nl1-web213-11
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1800
Md5:    c7b17962ce652c5ca3d546527ef3aace
Sha1:   a26af1dfd7647bedd79e1833ec12f568c0a04aa0
Sha256: 6d0192a6b75e9de75ef4c64a4430b0e8468d5d4d3aa80e4046646222d3724272
                                        
                                            GET /banads/view.php?spaceid=3607224 HTTP/1.1 
Host: adspaces.ero-advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         185.70.212.101
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: close
P3P: CP="NOI DSP COR TAIa SAMa NOR"
Set-Cookie: uvid=0d43c7728c995f408ce63ec7b7092e6d; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/; domain=.ero-advertising.com uvid=0d43c7728c995f408ce63ec7b7092e6d; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/; domain=.eroadvertising.com
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: Wed, 14 Mar 2018 05:13:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Pragma: no-cache
X-Backend-Server: nl1-web213-58
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1895
Md5:    4c440968a322064961ef254d4515fd28
Sha1:   04e00624e119ae74c56320750f285dedbb0f15cb
Sha256: 345e594287b740d68b7383de19ce56a678471661e6662f8686d9bc954bbcb71b
                                        
                                            GET /datanew/bannerpools/106267/22153.jpg HTTP/1.1 
Host: data.eroadvertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adspaces.ero-advertising.com/banads/view.php?spaceid=3568056

                                         
                                         104.16.140.19
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 14 Mar 2018 05:13:16 GMT
Content-Length: 17494
Connection: keep-alive
Set-Cookie: __cfduid=dec39bbd50475bfe36c034b09daf5b6851521004396; expires=Thu, 14-Mar-19 05:13:16 GMT; path=/; domain=.eroadvertising.com; HttpOnly
Cache-Control: public, max-age=315360000
Cf-Bgj: imgq:85
Cf-Polished: origSize=17944
Etag: "5a71d66d-4618"
Expires: Sat, 11 Mar 2028 05:13:16 GMT
Last-Modified: Wed, 31 Jan 2018 14:45:01 GMT
X-Compressor: static174
CF-Cache-Status: HIT
Vary: Accept-Encoding
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3fb44007146a4273-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   17494
Md5:    3d422a4c775ce8a407bbff405e26c678
Sha1:   d422fa6c3331166ce7bb0ffa6666d86193335236
Sha256: 9e23584a9c5defdd39542fd3b1b7087438995a3fb83350735120381b5eb4927b
                                        
                                            GET /adminads/banner/728x90/adsmodern.php HTTP/1.1 
Host: cpmbux.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         199.119.78.55
HTTP/1.1 200 OK
Content-Type: text/html
                                        
X-Powered-By: PHP/5.4.31
Content-Length: 528
Date: Wed, 14 Mar 2018 05:13:16 GMT
Server: Web Services


--- Additional Info ---
Magic:  HTML document text
Size:   528
Md5:    726b532669b9239e55b4a3942288db1c
Sha1:   0ebf1e01c4b18af54c908f948bee6861fee558de
Sha256: fffe1b6e624a8f357713327f34c15ac52b202b507fc1e98b562cc400c25ad3bc
                                        
                                            GET /imp/5005 HTTP/1.1 
Host: downloadgot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         188.42.139.180
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/7.0.20
Set-Cookie: GL_UI=eJw9jcFOg0AURQco0NqU5CZ8QD%2BBWgfYm%2FgLLskb5tGOAq8ZRqt%2FL7pwdxbn5Cil4nKP5IM0jrUdGtOTrfjpfNLtoB91Rbqpq55abs0JO7d0gczIYYPUeJrtAekklscDcuPlvrAvE2xmmhj5i%2FM8yNdq0Jt4ROeV3PxLNWJZyqTIsHt1s127Y1NsM1U8ZAr720hhED91zmYR0osny4iese0p8EX8N3LLy3uQGyCj7f79v218b5BZ%2FnQ9I5VwZf8DPZQ%2BYg%3D%3D; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/ GL_GI=eJxjYGBgEuEUZMosEOQ1N9czMdAzNLIEYmNB5vTUfEEmP39BtqLU9Mz8PEEmA2NBbgg7Pjk%2FJVWQ1c9fFyjGkpxZUinI4l%2Bcky%2FICWJDZNmBsmAx5sziAkFup6L8xJS81BIFx2BBTiAdX1yQmpoiyOmcmJSTqu8S7CPIBxcFG8DGCACaDCp7; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   351
Md5:    ba9e366819861c793513eecec6b068a3
Sha1:   9a65c887eac4413fb74d4fcebb5517757c114443
Sha256: 0cde65d6e836372e8a6ac752ce9d891f647e673e0af0d3f870dcb515f6c7715d
                                        
                                            GET /imp/5011 HTTP/1.1 
Host: downloadgot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         188.42.139.180
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/7.0.20
Set-Cookie: GL_UI=eJw9jcFOg0AURQco0NqU5CZ8QD%2BBWgfYm%2FgLLskb5tGOAq8ZRqt%2FL7pwdxbn5Cil4nKP5IM0jrUdGtOTrfjpfNLtoB91Rbqpq55abs0JO7d0gczIYYPUeJrtAekklscDcuPlvrAvE2xmmhj5i%2FM8yNdq0Jt4ROeV3PxLNWJZyqTIsHt1s127Y1NsM1U8ZAr720hhED91zmYR0osny4iese0p8EX8N3LLy3uQGyCj7f79v218b5BZ%2FnQ9I5VwZf8DPZQ%2BYg%3D%3D; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/ GL_GI=eJxjYGBgEuEUZMosEOQ1N9czMdAzNLIEYmNB5vTUfEEmP39BtqLU9Mz8PEEmA2NBbgg7Pjk%2FJVWQ1c9fFyjGkpxZUinI4l%2Bcky%2FICWJDZNmBsmAx5sziAkFup6L8xJS81BIFx2BBTiAdX1yQmpoiyOmcmJSTqu8S7CPIBxcFG8DGCACaDCp7; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   352
Md5:    13a06b2202899539f2bf70b78259574b
Sha1:   7442dfb1efa2ff29f6b0911e0af2413db6572c13
Sha256: 7c62a255caaa88d5f3510ccb643335207c6713f85a4c3c28b0d50340677dc39c
                                        
                                            GET /datanew/bannerpools/106267/22077.gif HTTP/1.1 
Host: data.eroadvertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adspaces.ero-advertising.com/banads/view.php?spaceid=3607224

                                         
                                         104.16.140.19
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 14 Mar 2018 05:13:16 GMT
Content-Length: 60200
Connection: keep-alive
Set-Cookie: __cfduid=d5bc2f9891c66f69451dd4a4494506f171521004396; expires=Thu, 14-Mar-19 05:13:16 GMT; path=/; domain=.eroadvertising.com; HttpOnly
Last-Modified: Wed, 31 Jan 2018 14:45:01 GMT
Etag: "5a71d66d-eb28"
Expires: Sat, 11 Mar 2028 05:13:16 GMT
Cache-Control: public, max-age=315360000
X-Compressor: static177
CF-Cache-Status: HIT
Vary: Accept-Encoding
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3fb44007146b4273-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 600
Size:   60200
Md5:    b25ec2f644146c7b1d6c5433ef54e100
Sha1:   367c4408694444ddb4201211f09c7ce4e45f3d33
Sha256: 1ccce119c2fa5c511c12745464ca1f9e530bc4a9b1eb4dfb33205aa01b580a52
                                        
                                            GET /afu.php?zoneid=1031012&var=1016295 HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://pttsite.com/?zoneid=1016295&r=%2Fmb%2Fhan%2Fdl&nojs=0&x=500&y=500&t=0&ix=1&fs=1&timeout=0&var=&ymid=&pb=87788501c3acfade86b29edaefead6281521004696&pid=

                                         
                                         88.85.82.180
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/ oaidts=1521004396; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/ OAID=df460c58291045da80b27c1364bdc506; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/ OXVAR=1016295; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/ OAID=df460c58291045da80b27c1364bdc506; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/ exsdsf=1521004396 pbk3=32aeea4a0878ff34c0a5bc216cac032b6532664139635052841; expires=Wed, 14-Mar-2018 05:23:16 GMT; Max-Age=600 ltm_afu=1; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
X-Used-AdExchange: 1
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4572
Md5:    61bb0b68ecb819d5d1279bd114f7569e
Sha1:   c85e4c5011595abc930efd0c31420054ed72d5fb
Sha256: c37d857110ed8b0452e390c2e5eabb11f614a9b4b73b499a3aee869e580b3ce4
                                        
                                            GET /r/collect?v=1&_v=j66&a=496300249&t=pageview&_s=1&dl=http%3A%2F%2Fmediacpm.pl%2Fserve%2Fshow.php%3Fa%3D14167%26b%3D728x90&dr=http%3A%2F%2Fwww.cpmbux.com%2Fsearch.php%3Fusername%3Dmkrichten%26query%3De-cards&ul=en-us&de=UTF-8&dt=MediaCPM%20-%20728x90&sd=24-bit&sr=1176x885&vp=728x90&je=1&fl=10.0%20r45&_u=IEBAAEQ~&jid=344995236&gjid=370739800&cid=1471584208.1521004397&tid=UA-56077374-1&_gid=623867062.1521004397&_r=1&z=285474393 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Wed, 14 Mar 2018 05:13:16 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Mar 2018 05:13:16 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    86eeea3ac2c007b98ec5a8ae6d5d16c1
Sha1:   ba1bfe2edacc71c8374a8fc5ce443ea9dc1771ba
Sha256: 652b84cf6520d6ef30f91815936539ea83b3aabe88b66589a2de74a0e8364944
                                        
                                            GET /serve/valid.php?a=14167&b=728x90&referr=&t=1521004320&c=lookcpm&e=2&f=1&h=adbbefeecbffd HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90
Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.30
Server: cloudflare
CF-RAY: 3fb44006254c4261-OSL


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1
Size:   35
Md5:    729c3007a8ed0597531b0c76d54a94bb
Sha1:   90fe9b8a8142548fdfab29f59cb0a164a0eaef81
Sha256: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
                                        
                                            GET /2A4Qvqu HTTP/1.1 
Host: bit.ly
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         67.199.248.11
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Content-Length: 131
Connection: keep-alive
Cache-Control: private, max-age=90
Location: https://zapodaj.net/images/d142cb4c2a22e.png
Set-Cookie: _bit=i2e5dg-af4bdd809bb2fabe1a-00H; Domain=bit.ly; Expires=Mon, 10 Sep 2018 05:13:16 GMT


--- Additional Info ---
Magic:  HTML document text
Size:   131
Md5:    3f32365830689e1b6bb3c72d695e51da
Sha1:   5836202d653940dea006ce3c7627b9c776a38fae
Sha256: 4e127fa7824c114ff2a57cb0620decf45e2475950cd053a633f3740e2d58a6e7
                                        
                                            GET /redirect?feed_id=12197 HTTP/1.1 
Host: click.rtbclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         45.79.183.24
HTTP/1.1 302 FOUND
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.6.2
Date: Wed, 14 Mar 2018 05:13:16 GMT
Content-Length: 379
Connection: keep-alive
Location: http://blowredinn.com/click/D4foUI?sub1=8044-12197-0-6bc78354120869aa68ef77ec7e4595df1
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   379
Md5:    05b4fe19c1ffb324f2cdb2ec8769fe36
Sha1:   4e6d3609ceff0d6cf0d7ea86400a7972159b1d05
Sha256: 2ca68536f68167394269b2108595fbccf689d60cbb40c6ef16fc0dc25337556c
                                        
                                            GET /redirect?tid=703129&ref=[URI_ENCODED_REFERER]&subid=[zone]&q=[YOUR_KEYWORD_OR_TARGET_VERTICAL_CATEGORY] HTTP/1.1 
Host: entionale.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         13.33.76.86
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Content-Length: 0
Connection: keep-alive
Date: Wed, 14 Mar 2018 05:13:16 GMT
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Location: http://xml.balancer.club/click?i=YPeSvVRC9Bo_0
P3P: CP="NID DSP ALL COR"
Pragma: no-cache
Set-Cookie: csu=9b69102d-eda4-48b3-915c-875d3403fda8 fv=rjkGrjaEqdr4qSEFqjsFrda9rHU7vdw=; Expires=Thu, 14 Mar 2019 05:13:16 GMT; Max-Age=31536000; Domain=.entionale.info; Path=/; Version=1
X-Cache: Miss from cloudfront
Via: 1.1 521946992035e3b30bdc798414a87126.cloudfront.net (CloudFront)
X-Amz-Cf-Id: S8mOF5jjREvZKDCBCqHPE0gNjdpgcIb8o-yzYoENcL00uYdVK1sSfQ==


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1391
Content-Transfer-Encoding: binary
Cache-Control: max-age=487458, public, no-transform, must-revalidate
Last-Modified: Mon, 12 Mar 2018 20:36:22 GMT
Expires: Mon, 19 Mar 2018 20:36:22 GMT
Date: Wed, 14 Mar 2018 05:13:16 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1391
Md5:    ce7104fd1b1e36a10a8231e274672bed
Sha1:   f856c8493350454c991ff99e4f55cfafadac551c
Sha256: 978cf2f0b07676e0312a60ef031c8abd78ec2519590a096622ecf850d4ae072d
                                        
                                            GET /3aSAuG HTTP/1.1 
Host: goo.gl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         216.58.211.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 14 Mar 2018 05:12:22 GMT
Location: http://site-1337540-7289-4402.strikingly.com/
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 193
Server: GSE
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Age: 54
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   193
Md5:    91288529c9bc5a77000fe2aba657aa8f
Sha1:   d2c465719fc776e3f691f113eba173cf3cf698cb
Sha256: 635d12f7c15c9dc59fdd4289a769ca2b4ff8a61202621469a4cce4349e2f2270
                                        
                                            GET /redirect?feed=109038&auth=3UsJD8&query={query} HTTP/1.1 
Host: xml.vokut.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         174.137.133.19
HTTP/1.1 302 Found
                                        
Location: http://activeads.org/result/?affiliate=160066&subid=109554_110558_109038&subsid=0&terms=%7Bquery%7D&p=1&clickid=NGZkNTQzMzg4MmY1NzdkNTRiOTU4M2FlMjFiMzQ2NzQ6NWFhOGFmNmNjMmNkYjoxNTMyNy40NDM2NzoxNTMyOC45MjM4NzE4OjE1MjEwMDQzOTY6NzcuNDAuMTI5LjEyMw==
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /click/D4foUI?sub1=8044-12197-0-6bc78354120869aa68ef77ec7e4595df1 HTTP/1.1 
Host: blowredinn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         78.140.130.124
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Content-Length: 330
Connection: close
Set-Cookie: click_928_12678=1; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/; domain=blowredinn.com; HttpOnly


--- Additional Info ---
Magic:  HTML document text
Size:   330
Md5:    d5e31a782ecb1ca25626fc3a152734b6
Sha1:   19c783a548a0fe888cd0f815fb9c2249a1916bed
Sha256: c36b1e649023f971c8b7d1f90444d6649e75df4cc2920a163d7883e770aa41db

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /redirect?feed=109034&auth=wEWaBV&query={query} HTTP/1.1 
Host: xml.vokut.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         174.137.133.19
HTTP/1.1 302 Found
                                        
Location: http://webspeed.co/rf/738476326/pdm?rd=fashion58.com&u=aHR0cDovL3VzZS5icmF2by1kb2cuY29tL3pjdmlzaXRvci82NzMxMmM3Ni0yNzQ2LTExZTgtYTM5OC0wNmU3YWQ4YjIyZDQ/Y2FtcGFpZ25pZD0yNWU0ZTFmMC1jYjg3LTExZTctOWE0Ny0wZTgxNDM5YTU1YjI=
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /redirect?tid=714694&ref=cpmbux.com&subid=5247&q=new+jersey+medical+malpractice+lawyer HTTP/1.1 
Host: phalata.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         13.33.76.38
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Content-Length: 0
Connection: keep-alive
Date: Wed, 14 Mar 2018 05:13:16 GMT
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Location: http://clk.verblife-2.co/click?adv=1491400&i=dI-9BadZhSo_0
P3P: CP="NID DSP ALL COR"
Pragma: no-cache
Set-Cookie: csu=be661ebc-e9ef-4b4b-98b3-f7260b77070a fv=rjkGrjaEqdr4qSEFqjsFrda9rHU7vdw=; Expires=Thu, 14 Mar 2019 05:13:16 GMT; Max-Age=31536000; Domain=.phalata.info; Path=/; Version=1
X-Cache: Miss from cloudfront
Via: 1.1 36487c08de960363d2ca2761427e61f9.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 2SAifISgJ0ecqjJ9wpHCwYYRRoPhU4Zq7KEIuJg5d_USFCn9h0_wdQ==


--- Additional Info ---
                                        
                                            GET /getjs?r=0.7098766484761208 HTTP/1.1 
Host: rxrtb.bid
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         173.214.244.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Content-Length: 6399
Last-Modified: Thu, 18 Jan 2018 10:17:26 GMT
Connection: keep-alive
Etag: "5a607436-18ff"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   6399
Md5:    dd1480fae587bd01841a8118cbbfd378
Sha1:   f31954d80c68a878f5dea9a1bff33920d027edeb
Sha256: 9e658c7b7eb89e3590f3e6fccddccebd2036a4d2ded186da2cdcbcacbf052959
                                        
                                            GET /getjs?r=0.8980042010420775 HTTP/1.1 
Host: rxrtb.bid
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         173.214.244.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Content-Length: 6399
Last-Modified: Thu, 18 Jan 2018 10:17:26 GMT
Connection: keep-alive
Etag: "5a607436-18ff"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   6399
Md5:    dd1480fae587bd01841a8118cbbfd378
Sha1:   f31954d80c68a878f5dea9a1bff33920d027edeb
Sha256: 9e658c7b7eb89e3590f3e6fccddccebd2036a4d2ded186da2cdcbcacbf052959
                                        
                                            GET /getjs?r=0.27243469011072796 HTTP/1.1 
Host: rxrtb.bid
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         173.214.244.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Content-Length: 6399
Last-Modified: Thu, 18 Jan 2018 10:17:26 GMT
Connection: keep-alive
Etag: "5a607436-18ff"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   6399
Md5:    dd1480fae587bd01841a8118cbbfd378
Sha1:   f31954d80c68a878f5dea9a1bff33920d027edeb
Sha256: 9e658c7b7eb89e3590f3e6fccddccebd2036a4d2ded186da2cdcbcacbf052959
                                        
                                            GET /?r=%2Fmb%2Fhan&zoneid=1031012&pbk3=32aeea4a0878ff34c0a5bc216cac032b6532664139635052841&empty=0&auction_id=f951b4e4-b31e-41cf-99b4-4e4df2b0314b&var=1016295&uuid=44745dab-201d-4115-ad34-5ab327047e56&ad_scheme=1&rotation_type=3&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=0&adparams=bm9qcz0wJnNhdmVkX3JlZmVyZXI9aHR0cCUzQSUyRiUyRnB0dHNpdGUuY29tJTJGJTNGem9uZWlkJTNEMTAxNjI5NSUyNnIlM0QlMjUyRm1iJTI1MkZoYW4lMjUyRmRsJTI2bm9qcyUzRDAlMjZ4JTNENTAwJTI2eSUzRDUwMCUyNnQlM0QwJTI2aXglM0QxJTI2ZnMlM0QxJTI2dGltZW91dCUzRDAlMjZ2YXIlM0QlMjZ5bWlkJTNEJTI2cGIlM0Q4Nzc4ODUwMWMzYWNmYWRlODZiMjllZGFlZmVhZDYyODE1MjEwMDQ2OTYlMjZwaWQlM0Q%3D&ip=f3d5bb63c9dbdcfb475795d659c65a4e&x=500&y=500&sw=1176&sh=885&sah=855&wx=-4&wy=-4&ww=1184&wh=863&cw=500&wiw=500&wih=500&wfc=5&pl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1031012%26var%3D1016295&drf=http%3A%2F%2Fpttsite.com%2F%3Fzoneid%3D1016295%26r%3D%252Fmb%252Fhan%252Fdl%26nojs%3D0%26x%3D500%26y%3D500%26t%3D0%26ix%3D1%26fs%3D1%26timeout%3D0%26var%3D%26ymid%3D%26pb%3D87788501c3acfade86b29edaefead6281521004696%26pid%3D&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&nw=0&id=1f9a3c2763caca8d2053b83e9d57ed4c&co=1&rf=1&hs=d01d492f13aec958676a3d4656a2a36c&ix=1&fs=1&timeout=0 HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bestadbid.com/afu.php?zoneid=1031012&var=1016295
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1521004396; OAID=df460c58291045da80b27c1364bdc506; OXVAR=1016295; exsdsf=1521004396; pbk3=32aeea4a0878ff34c0a5bc216cac032b6532664139635052841; ltm_afu=1

                                         
                                         88.85.82.180
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Used-AdExchange: 1
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=LtZtgp8f0UbqtKe1e6LcE-2qX8skHdqQyJuhqpHi9uA; expires=Wed, 21-Mar-2018 05:13:16 GMT; Max-Age=604800 OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/ ppucntstart=1521004396; expires=Thu, 15-Mar-2018 05:13:16 GMT; Max-Age=86400; path=/ allcnt=1; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/ OAID=df460c58291045da80b27c1364bdc506; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/ _OACCAP[829728]=1; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/ _OACBLOCK[829728]=1521004396; expires=Fri, 13-Apr-2018 05:13:16 GMT; Max-Age=2592000; path=/ _OXCCLK[829728]=1; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/ _OXPCLK[27638]=1; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://adserving.unibet.com/redirect.aspx?pid=2871013&bid=27311&sref=FAST&FAST=1031012


--- Additional Info ---
                                        
                                            GET /redirect.aspx?pid=2871013&bid=27311&sref=FAST&FAST=1031012 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bestadbid.com/afu.php?zoneid=1031012&var=1016295

                                         
                                         192.121.200.193
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:17 GMT
Content-Length: 178
Connection: keep-alive
Location: https://adserving.unibet.com/redirect.aspx?pid=2871013&bid=27311&sref=FAST&FAST=1031012


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=67246ED0-2746-11E8-90CB-8972BD3C5C59 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://downloadgot.com/imp/5005

                                         
                                         99.198.108.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: u=2f626b3e8c16486f699f1a3dfaf7cbc1; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2313
Md5:    4f395f9fc63e44d91fc40cd2b7986b69
Sha1:   30f2804c399af63b8cdc1302fc0de7799d53b24b
Sha256: b08a06265b8666126d1619dc9469d1fdeef2903f3442abedd8b8ed690dad0856
                                        
                                            GET /click?i=YPeSvVRC9Bo_0 HTTP/1.1 
Host: xml.balancer.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         198.134.116.30
HTTP/1.1 302 Found
                                        
Location: http://filter.vudhalog.com/filter?q=Adult_mediacpm.pl&i=id*OT-cuC1U_0&t=2125808346
Set-Cookie: x714311344=825068979
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=6724BF40-2746-11E8-86D4-51CA7B443935 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://downloadgot.com/imp/5011

                                         
                                         99.198.108.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: u=75720faa1a7146ae767608ac10a8b3ad; expires=Thu, 14-Mar-2019 05:13:16 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2313
Md5:    5d2d5dbbd56edaa275bf1b1a47c6270a
Sha1:   d9853bea5dfb570ec5170241b97a24ff7c38c428
Sha256: f0434abdaf36111545c749789aa602c4e226351742d7432cf269220dd30ced05
                                        
                                            GET /serve/show.php?a=173&b=728x90 HTTP/1.1 
Host: adsmodern.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpmbux.com/adminads/banner/728x90/adsmodern.php

                                         
                                         104.31.12.162
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=df778a4bb4874959c25f1cc35e84b14921521004396; expires=Thu, 14-Mar-19 05:13:16 GMT; path=/; domain=.adsmodern.com; HttpOnly
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30
Server: cloudflare
CF-RAY: 3fb4400816554279-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1059
Md5:    e586c3dffb72890ce607a6e8449d1aab
Sha1:   4cecd61210b7fc4fe89ccff3a312b407c278cb07
Sha256: b37169ac7241e48c8f59c5ca1074e3511c42fb070192a356f9734e78b6044740
                                        
                                            GET / HTTP/1.1 
Host: site-1337540-7289-4402.strikingly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Content-Encoding: gzip
Server: openresty
Strikingly-Cache-Region: ap-northeast-1
Strikingly-Cached: current
Strikingly-Cached-Version: 1518794576-116
Content-Length: 15479
Expires: Wed, 14 Mar 2018 05:13:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 14 Mar 2018 05:13:17 GMT
Connection: keep-alive
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   15479
Md5:    4af7e9faa03f52b3a9d18bd005c32bd8
Sha1:   c8027e9582ee40c8f3a1e22989683d9680a676a7
Sha256: fd694ec38dcead9fac9201f263bf21f9a80603fea47c05e10f9b27e265e921d1
                                        
                                            POST /gsdomainvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.31.75.124
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Mar 2018 05:13:17 GMT
Content-Length: 1558
Connection: keep-alive
Set-Cookie: __cfduid=d03a1348b20559dd5a6bd126f735405ec1521004396; expires=Thu, 14-Mar-19 05:13:16 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Wed, 14 Mar 2018 02:56:13 GMT
Expires: Sun, 18 Mar 2018 02:56:13 GMT
Etag: "6e2a9e99ca9c82daa2eca30da64b88e37215357b"
Cache-Control: public, no-transform, must-revalidate
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 3fb4400895894261-OSL


--- Additional Info ---
Magic:  data
Size:   1558
Md5:    670ad3ba720879819b412a20f6d2bcde
Sha1:   6e2a9e99ca9c82daa2eca30da64b88e37215357b
Sha256: 2178bf74187eb04912cb8fb135b52b056e9beb48e26a6a2f206d2ddc02489516
                                        
                                            GET /?utm_term=6532664137942569106&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5ba8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f345 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=67246ED0-2746-11E8-90CB-8972BD3C5C59
Cookie: u=2f626b3e8c16486f699f1a3dfaf7cbc1

                                         
                                         99.198.108.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1749
Md5:    c738901ebd9ae01c01738ac0219e4d87
Sha1:   39816a99156ca727127a69d1b4d8cb571acd321d
Sha256: e5581a34ce25abeeb33fb1527d04b2d15460ea16434713303980b61183a2165f
                                        
                                            GET /iframe/embed.js HTTP/1.1 
Host: cdn.bannersnack.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         13.33.99.113
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 698
Connection: keep-alive
Date: Sat, 09 Dec 2017 00:17:02 GMT
Last-Modified: Mon, 22 May 2017 13:14:11 GMT
Etag: "8e2ffa155bbdc17ae6b85fed8e9cbc1f"
Content-Encoding: gzip
x-amz-meta-cb-modifiedtime: Mon, 22 May 2017 13:05:56 GMT
x-amz-version-id: CVPsnWlXMwY1bovQGQjXy.ZBs7GgJJQT
Accept-Ranges: bytes
Server: AmazonS3
Age: 42751
X-Cache: Hit from cloudfront
Via: 1.1 17d39c528c9f270fca3ce7bdfec60ecd.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Zvcc7IEP5omKp76JTEdfW7x4ca57h-7uOtsS7HFlWE1Yn_UnoLiCfg==


--- Additional Info ---
Magic:  gzip compressed data, from NTFS filesystem (NT)
Size:   698
Md5:    8e2ffa155bbdc17ae6b85fed8e9cbc1f
Sha1:   bac2af2c127412fa074a885cf101ab2200a09b7b
Sha256: 1985c676d4b25b1151a9837bcb76ea043e39988fb98ab4b27823511a599daef6
                                        
                                            GET /ajax/libs/jquery/1.10.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://site-1337540-7289-4402.strikingly.com/

                                         
                                         216.58.207.234
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 32964
Date: Wed, 28 Feb 2018 22:48:44 GMT
Expires: Thu, 28 Feb 2019 22:48:44 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 1146273


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   32964
Md5:    283fee29a5221b944980d9e2e24d6696
Sha1:   58b02faa4412a8ccee04a229cb63342e9a339507
Sha256: ae94d66ba0bfb22873cda4f0d72a0ac4812132ad8db3ea3d944c723214108d4c
                                        
                                            GET /rf/738476326/pdm?rd=fashion58.com&u=aHR0cDovL3VzZS5icmF2by1kb2cuY29tL3pjdmlzaXRvci82NzMxMmM3Ni0yNzQ2LTExZTgtYTM5OC0wNmU3YWQ4YjIyZDQ/Y2FtcGFpZ25pZD0yNWU0ZTFmMC1jYjg3LTExZTctOWE0Ny0wZTgxNDM5YTU1YjI= HTTP/1.1 
Host: webspeed.co
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         23.92.23.145
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.12.2
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: Express
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With ,Content-Type , Authorization
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: -1
Pragma: no-cache
Etag: W/"3d1-rEVwEe5LrER778crZdeFlVxIxwc"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   266
Md5:    e43391f7af616f300547cc9909068569
Sha1:   6f2fcc59d6e074da249656284e07b1fc05683858
Sha256: f876d8baab593c1c3c1a412d4c6d0e3790cfb0adc5e7df0c153c5a60658ecd79
                                        
                                            GET /click?adv=1491400&i=dI-9BadZhSo_0 HTTP/1.1 
Host: clk.verblife-2.co
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         174.137.155.139
HTTP/1.1 302 Found
                                        
Location: http://btds.artplay.info/in/active?sub1=(218259)-91353.7146945247
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /?utm_term=6532664137909014740&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5ba8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f345 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=6724BF40-2746-11E8-86D4-51CA7B443935
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1749
Md5:    87f462c22349a200c54c39da38c0193c
Sha1:   fded9d865d6eb2aeaeb561e726bb9e4aaa95fd92
Sha256: 248c897d7b840bb813b5ee567f737bc7c5fe322453f186f715df7d8bd6bc7278
                                        
                                            GET /proc.php?78499ad88f2ba55425e786da82eab0dde800910f HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_term=6532664137942569106&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5ba8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f345
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://play.leadzupc.com/?m=0AU9JG423656&offer_key=423656&fc=1&a=6532664137942569106.15&pubid=2765


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /imp/5074 HTTP/1.1 
Host: safelyawake.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         213.196.50.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/7.0.18
Set-Cookie: GL_UI=eJw9jcFOg0AURQco0NqU5CZ8QD%2BBWgfYm%2FgLLskb5tGOAq8ZRqt%2FL7pwdxbn5Cil4nKP5IM0jrUdGtOTrfjpfNLtoB91Rbqpq55abs0JO7d0gczIYYPUeJrtAekklscDcuPlvrAvE2xmmhj5i%2FM8yNdq0Jt4ROeV3PxLNWJZyqTIsHt1s127Y1NsM1U8ZAr720hhED91zmYR0osny4iese0p8EX8N3LLy3uQGyCj7f79v218b5BZ%2FnQ9I5VwZf8DPZQ%2BYg%3D%3D; expires=Thu, 15-Mar-2018 05:13:17 GMT; Max-Age=86400; path=/ GL_GI=eJxjYGBgEuEUZMosEOQ1N9czMdAzNLIEYmNB5vTUfEEmP39BtqLU9Mz8PEEmA2NBbgg7Pjk%2FJVWQ1c9fFyjGkpxZUinI4l%2Bcky%2FICWJDZNmBsmAx5sziAkFup6L8xJS81BIFx2BBTiAdX1yQmpoiyOmcmJSTqu8S7CPIBxcFG8DGCACaDCp7; expires=Thu, 15-Mar-2018 05:13:17 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   353
Md5:    700568170f6a5e383974da9837251615
Sha1:   211c4f2c0869332c43b8aa50a34357e36d2e8c27
Sha256: 7d8ef86fde80a830f0575c25b8c4b94b59b42a80d189790323685a0dfdb7cd6e
                                        
                                            GET /? HTTP/1.1 
Host: list.jetswap.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://site-1337540-7289-4402.strikingly.com/
Cookie: PHPSESSID=qua9r9vgen0nphip8upk5gqgj6

                                         
                                         46.165.241.133
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4759
Md5:    89f122fa6f39e11325c3b8dcaa1bec0c
Sha1:   97ae60f2d1927fdd980b6aa83f1076b2b5169a6e
Sha256: 26c772c3226a800deaf307f0d6b97d349a47ebc50a375de7239ecf4e5721f461
                                        
                                            GET /ssp?id=1921&rnd=134667&jsp=eyJqc19icm93c2VyX2xlZnRfdG9wX3Bvc2l0aW9uX3giOi00LCJqc19icm93c2VyX2xlZnRfdG9wX3Bvc2l0aW9uX3kiOi00LCJqc19icm93c2VyX3dpbmRvd193aWR0aCI6NzI4LCJqc19icm93c2VyX3dpbmRvd19oZWlnaHQiOjkwLCJqc19kZXZpY2Vfc2NyZWVuX3dpZHRoIjoxMTc2LCJqc19kZXZpY2Vfc2NyZWVuX2hlaWdodCI6ODg1LCJqc19jb2xvcl9kZXB0aCI6MjQsImpzX3N1cHBvcnRfZmxhc2giOjEsImpzX2ZsYXNoX3ZlcnNpb24iOiIxMC4wLjQ1IiwianNfc3VwcG9ydF9qYXZhIjoxLCJqc190aW1lem9uZSI6NjAsImpzX2h0bWw1IjoxLCJqc19qc29uIjoxLCJqc190b3VjaCI6MCwianNfdmVyc2lvbiI6IjEuOCIsImpzX2FkQmxvY2siOjAsInJlZiI6Imh0dHAlM0ElMkYlMkZ3d3cuY3BtYnV4LmNvbSUyRnNlYXJjaC5waHAlM0Z1c2VybmFtZSUzRG1rcmljaHRlbiUyNnF1ZXJ5JTNEZS1jYXJkcyJ9 HTTP/1.1 
Host: rxrtb.bid
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         173.214.244.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: _rxrtb_u8484173973bd=d3087ef3c07d7f9435fc9f892756b053; path=/; expires=Sat, 11 Mar 2028 05:13:17 GMT; httponly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   159
Md5:    cd256fd5df12132c095ffaf0d10034ba
Sha1:   4fc62fe85c124311e5cbfa9ac0e4ecd52d2480f4
Sha256: ec641e68f48a5f6ca1194abbe108dbdbd801dbe27b15290ff3b1e1df2f9c4724
                                        
                                            GET /ssp?id=1922&rnd=830945&jsp=eyJqc19icm93c2VyX2xlZnRfdG9wX3Bvc2l0aW9uX3giOi00LCJqc19icm93c2VyX2xlZnRfdG9wX3Bvc2l0aW9uX3kiOi00LCJqc19icm93c2VyX3dpbmRvd193aWR0aCI6NzI4LCJqc19icm93c2VyX3dpbmRvd19oZWlnaHQiOjkwLCJqc19kZXZpY2Vfc2NyZWVuX3dpZHRoIjoxMTc2LCJqc19kZXZpY2Vfc2NyZWVuX2hlaWdodCI6ODg1LCJqc19jb2xvcl9kZXB0aCI6MjQsImpzX3N1cHBvcnRfZmxhc2giOjEsImpzX2ZsYXNoX3ZlcnNpb24iOiIxMC4wLjQ1IiwianNfc3VwcG9ydF9qYXZhIjoxLCJqc190aW1lem9uZSI6NjAsImpzX2h0bWw1IjoxLCJqc19qc29uIjoxLCJqc190b3VjaCI6MCwianNfdmVyc2lvbiI6IjEuOCIsImpzX2FkQmxvY2siOjAsInJlZiI6Imh0dHAlM0ElMkYlMkZ3d3cuY3BtYnV4LmNvbSUyRnNlYXJjaC5waHAlM0Z1c2VybmFtZSUzRG1rcmljaHRlbiUyNnF1ZXJ5JTNEZS1jYXJkcyJ9 HTTP/1.1 
Host: rxrtb.bid
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         173.214.244.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: _rxrtb_u8484173973bd=9fe50232f354a720a4287ce0dfac0aed; path=/; expires=Sat, 11 Mar 2028 05:13:17 GMT; httponly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   159
Md5:    692563fa623fb4680bb787e2ead20fec
Sha1:   fd56583f99bf8e7ca7fc45f0950ea1fb80f01e91
Sha256: 22341a00523e17ade4cd580c06c7fc44f455b80da4c4c42f0f5b5beaca28a1ea
                                        
                                            GET /filter?q=Adult_mediacpm.pl&i=id*OT-cuC1U_0&t=2125808346 HTTP/1.1 
Host: filter.vudhalog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         173.239.53.17
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-store
Pragma: no-cache
Age: 0
Set-Cookie: c1692320655=-825068979
Connection: keep-alive
Content-Length: 4572


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   4572
Md5:    234506aeeb09f9fe64143968cc9d270a
Sha1:   516bcdc8489d4ad02fdc60fa8e0078b7fccc9e7c
Sha256: 907c35b36f14a34ed2cafbe56d1d2c3c4c59c64d67cfd888309abb7a54780e57
                                        
                                            GET /proc.php?686402648c4eac4ec7aa77d8c03ebc54857decb2 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_term=6532664137909014740&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5ba8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f345
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://play.leadzupc.com/?m=0AU9JG423656&offer_key=423656&fc=1&a=6532664137909014740.15&pubid=2765


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /v.php?user=6432 HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90
Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396; _ga=GA1.2.1471584208.1521004397; _gid=GA1.2.623867062.1521004397; _gat=1

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30
Server: cloudflare
CF-RAY: 3fb4400b65394285-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2007
Md5:    262b281c12608e255f46a07723bebb88
Sha1:   c619911323e4c025e2ddc0d56fdadef952a3a2cf
Sha256: 58109bd040e51b47ddd5ccd0e30e17177d22f83c0a226b06aca6684073318d55
                                        
                                            GET /ssp?id=1920&rnd=501541&jsp=eyJqc19icm93c2VyX2xlZnRfdG9wX3Bvc2l0aW9uX3giOi00LCJqc19icm93c2VyX2xlZnRfdG9wX3Bvc2l0aW9uX3kiOi00LCJqc19icm93c2VyX3dpbmRvd193aWR0aCI6NzI4LCJqc19icm93c2VyX3dpbmRvd19oZWlnaHQiOjkwLCJqc19kZXZpY2Vfc2NyZWVuX3dpZHRoIjoxMTc2LCJqc19kZXZpY2Vfc2NyZWVuX2hlaWdodCI6ODg1LCJqc19jb2xvcl9kZXB0aCI6MjQsImpzX3N1cHBvcnRfZmxhc2giOjEsImpzX2ZsYXNoX3ZlcnNpb24iOiIxMC4wLjQ1IiwianNfc3VwcG9ydF9qYXZhIjoxLCJqc190aW1lem9uZSI6NjAsImpzX2h0bWw1IjoxLCJqc19qc29uIjoxLCJqc190b3VjaCI6MCwianNfdmVyc2lvbiI6IjEuOCIsImpzX2FkQmxvY2siOjAsInJlZiI6Imh0dHAlM0ElMkYlMkZ3d3cuY3BtYnV4LmNvbSUyRnNlYXJjaC5waHAlM0Z1c2VybmFtZSUzRG1rcmljaHRlbiUyNnF1ZXJ5JTNEZS1jYXJkcyJ9 HTTP/1.1 
Host: rxrtb.bid
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/show.php?a=14167&b=728x90

                                         
                                         173.214.244.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: _rxrtb_u8484173973bd=652b917eaa5c08f3b6203c252a1b6d32; path=/; expires=Sat, 11 Mar 2028 05:13:17 GMT; httponly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   158
Md5:    e81d5c46438c8f73f11ac7f40e6c40e6
Sha1:   ff5dc6bd93a2cd8f5a3ad4232ff89907ead9d0f0
Sha256: 4b25a047b3f7a6a81745e7eabd0b2cceaaf68883b9ba9b53fc3bc3984a7e3bf9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.trustwave.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         91.135.34.136
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 14 Mar 2018 05:13:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   638
Md5:    4ad5650db50a00fa71464f5dd47b8809
Sha1:   cf8955bcd114c1b08c326397efa62c250862829f
Sha256: f7c2ffbaaf0c5cf2cf808529026383cedfc60f9da098594b5eb29c046d189bac
                                        
                                            GET /r/collect?v=1&_v=j66&a=835731625&t=pageview&_s=1&dl=http%3A%2F%2Fadsmodern.com%2Fserve%2Fshow.php%3Fa%3D173%26b%3D728x90&dr=http%3A%2F%2Fcpmbux.com%2Fadminads%2Fbanner%2F728x90%2Fadsmodern.php&ul=en-us&de=UTF-8&dt=AdsModern%20-%20728x90&sd=24-bit&sr=1176x885&vp=728x90&je=1&fl=10.0%20r45&_u=IEBAAEQ~&jid=1852108648&gjid=662207904&cid=812617963.1521004397&tid=UA-56077374-1&_gid=123554820.1521004397&_r=1&z=1231564889 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Wed, 14 Mar 2018 05:13:17 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /serve/ads_show.js HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396; _ga=GA1.2.1471584208.1521004397; _gid=GA1.2.623867062.1521004397; _gat=1

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 21 Apr 2016 17:02:01 GMT
Vary: Accept-Encoding
Etag: W/"57190789-10c"
Content-Encoding: gzip
CF-Cache-Status: HIT
Expires: Thu, 15 Mar 2018 05:13:17 GMT
Cache-Control: public, max-age=86400
Server: cloudflare
CF-RAY: 3fb4400cc3ad429d-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   182
Md5:    acd9494a6973204b861d5ccf28b58e4f
Sha1:   dd63ff6e9bc7a99bf17ad0a52fe35d0fcd2b19de
Sha256: ee6a29052bc7408dd2f38efdace9acdbc5d8c21e62a1bc8971279c7552fbff5b
                                        
                                            GET /serve/style_ptp.css HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396; _ga=GA1.2.1471584208.1521004397; _gid=GA1.2.623867062.1521004397; _gat=1

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 21 Apr 2016 17:02:07 GMT
Vary: Accept-Encoding
Etag: W/"5719078f-24687"
Content-Encoding: gzip
CF-Cache-Status: HIT
Expires: Thu, 15 Mar 2018 05:13:17 GMT
Cache-Control: public, max-age=86400
Server: cloudflare
CF-RAY: 3fb4400cc429427f-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21115
Md5:    de3fae926e2610b6c2dfe169de2227a9
Sha1:   28290e1d3dedb2ab91dab62f6152e59ff7d55fd8
Sha256: d6f85bfe3e35bb456f793107dcf589c3bdbf8297cf8464914be97ee8ef3d350f
                                        
                                            GET /cdn-cgi/scripts/d07b1474/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396; _ga=GA1.2.1471584208.1521004397; _gid=GA1.2.623867062.1521004397; _gat=1

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 14 Mar 2018 05:13:17 GMT
Last-Modified: Thu, 08 Mar 2018 13:33:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5aa13bc6-3cd"
Server: cloudflare-nginx
CF-RAY: 3fb4400cd3ae429d-OSL
Expires: Fri, 16 Mar 2018 05:13:17 GMT
Cache-Control: max-age=172800, public
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   577
Md5:    35603ab13d943b9dd14734c68c860d57
Sha1:   b8bfc44c920b415a85b34138bd14ebf60b36aa2b
Sha256: ccfb8d16b5d88c11b1a522bfec2a686dc2403fd3c49341c2c6db7a628d9eaf45
                                        
                                            GET /page.html HTTP/1.1 
Host: adsmodern.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90
Cookie: __cfduid=df778a4bb4874959c25f1cc35e84b14921521004396

                                         
                                         104.31.12.162
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Mar 2018 10:17:02 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 3fb4400b46204291-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2292
Md5:    9e9d8c5dbd41a266397a8c0d2e9c2046
Sha1:   6e3590c24b83d511b7b981f075729d1ffd48978c
Sha256: 357eed9cf9583174e8cad90366dc3af7c21d561148b27d6c597c9d28d2601757
                                        
                                            POST / HTTP/1.1 
Host: ocsp.trustwave.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.136
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 1683
Date: Wed, 14 Mar 2018 05:13:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1683
Md5:    472682d2db3799ddb9dcb4d81f546fac
Sha1:   1a8c1e87e9c816181d6d74bce5d6535133388137
Sha256: 3b6dcab00b475e41025dc1d1796008c873eff284b60667f455bf0d5489bab962
                                        
                                            GET /v.php?user=6432 HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396; _ga=GA1.2.1471584208.1521004397; _gid=GA1.2.623867062.1521004397; _gat=1

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 14 Mar 2018 05:13:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30
Server: cloudflare
CF-RAY: 3fb4400db6af4297-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1982
Md5:    8178c62eea0f9bc7f51b4eb7aa656b31
Sha1:   4beb1bb8b7da1f9a06ee7a1b7b1765dfc5a84805
Sha256: d2b0148b62da5f2f4da8fc1d4242903f973c208ad7477f1ddf2c2a96f64c2a22
                                        
                                            GET /users/favicon.png HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396; _ga=GA1.2.1471584208.1521004397; _gid=GA1.2.623867062.1521004397; _gat=1

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Mar 2018 05:13:17 GMT
Content-Length: 318
Connection: keep-alive
Last-Modified: Fri, 25 Mar 2016 16:36:28 GMT
Etag: "56f5690c-13e"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Thu, 15 Mar 2018 05:13:17 GMT
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3fb4400f76dc4297-OSL


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   318
Md5:    344a8275d6a5cdf5210547d495ddbcb6
Sha1:   b1f4d71b205d79b244a9e30a9572c486b1a1388d
Sha256: 4912f0a5fe2ad24ffd0dc689912fda3052d5415ac6a2ba7eaf685f5addb1cb94
                                        
                                            GET /serve/ads_show.js HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396; _ga=GA1.2.1471584208.1521004397; _gid=GA1.2.623867062.1521004397; _gat=1

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 21 Apr 2016 17:02:01 GMT
Vary: Accept-Encoding
Etag: W/"57190789-10c"
Content-Encoding: gzip
CF-Cache-Status: HIT
Expires: Thu, 15 Mar 2018 05:13:18 GMT
Cache-Control: public, max-age=86400
Server: cloudflare
CF-RAY: 3fb4400fd6e84297-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   182
Md5:    acd9494a6973204b861d5ccf28b58e4f
Sha1:   dd63ff6e9bc7a99bf17ad0a52fe35d0fcd2b19de
Sha256: ee6a29052bc7408dd2f38efdace9acdbc5d8c21e62a1bc8971279c7552fbff5b
                                        
                                            GET /cdn-cgi/scripts/d07b1474/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396; _ga=GA1.2.1471584208.1521004397; _gid=GA1.2.623867062.1521004397; _gat=1

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 14 Mar 2018 05:13:18 GMT
Last-Modified: Thu, 08 Mar 2018 13:33:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5aa13bc6-3cd"
Server: cloudflare-nginx
CF-RAY: 3fb4400fe6ea4297-OSL
Expires: Fri, 16 Mar 2018 05:13:18 GMT
Cache-Control: max-age=172800, public
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   577
Md5:    35603ab13d943b9dd14734c68c860d57
Sha1:   b8bfc44c920b415a85b34138bd14ebf60b36aa2b
Sha256: ccfb8d16b5d88c11b1a522bfec2a686dc2403fd3c49341c2c6db7a628d9eaf45
                                        
                                            GET /imp/5003 HTTP/1.1 
Host: downloadgot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: GL_UI=eJw9jcFOg0AURQco0NqU5CZ8QD%2BBWgfYm%2FgLLskb5tGOAq8ZRqt%2FL7pwdxbn5Cil4nKP5IM0jrUdGtOTrfjpfNLtoB91Rbqpq55abs0JO7d0gczIYYPUeJrtAekklscDcuPlvrAvE2xmmhj5i%2FM8yNdq0Jt4ROeV3PxLNWJZyqTIsHt1s127Y1NsM1U8ZAr720hhED91zmYR0osny4iese0p8EX8N3LLy3uQGyCj7f79v218b5BZ%2FnQ9I5VwZf8DPZQ%2BYg%3D%3D; GL_GI=eJxjYGBgEuEUZMosEOQ1N9czMdAzNLIEYmNB5vTUfEEmP39BtqLU9Mz8PEEmA2NBbgg7Pjk%2FJVWQ1c9fFyjGkpxZUinI4l%2Bcky%2FICWJDZNmBsmAx5sziAkFup6L8xJS81BIFx2BBTiAdX1yQmpoiyOmcmJSTqu8S7CPIBxcFG8DGCACaDCp7

                                         
                                         188.42.139.180
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/7.0.20
Content-Encoding: gzip
Vary: Accept-Encoding


--- Additional Info ---
Magic:  data
Size:   4449
Md5:    ce975133334f8090b6236565b0d43e1d
Sha1:   661fc45c852ec45d96f8438e139bb79ceb6af108
Sha256: 9861f28bfa9fec86e89b283e5b2a06be1269052f0282b01aea11019ae7bfc642
                                        
                                            GET /imp/5000 HTTP/1.1 
Host: downloadgot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: GL_UI=eJw9jcFOg0AURQco0NqU5CZ8QD%2BBWgfYm%2FgLLskb5tGOAq8ZRqt%2FL7pwdxbn5Cil4nKP5IM0jrUdGtOTrfjpfNLtoB91Rbqpq55abs0JO7d0gczIYYPUeJrtAekklscDcuPlvrAvE2xmmhj5i%2FM8yNdq0Jt4ROeV3PxLNWJZyqTIsHt1s127Y1NsM1U8ZAr720hhED91zmYR0osny4iese0p8EX8N3LLy3uQGyCj7f79v218b5BZ%2FnQ9I5VwZf8DPZQ%2BYg%3D%3D; GL_GI=eJxjYGBgEuEUZMosEOQ1N9czMdAzNLIEYmNB5vTUfEEmP39BtqLU9Mz8PEEmA2NBbgg7Pjk%2FJVWQ1c9fFyjGkpxZUinI4l%2Bcky%2FICWJDZNmBsmAx5sziAkFup6L8xJS81BIFx2BBTiAdX1yQmpoiyOmcmJSTqu8S7CPIBxcFG8DGCACaDCp7

                                         
                                         188.42.139.180
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/7.0.20
Content-Encoding: gzip
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   352
Md5:    0886c04f1d35089b2067d1f7ba4e3c4b
Sha1:   0cb52a047804241d8054b52671be91a1eb67ca18
Sha256: 03434042643bbbe2ce35668da162eee9eb45c53a05bd8c21a373d516fa1308af
                                        
                                            GET /imp/5010 HTTP/1.1 
Host: downloadgot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: GL_UI=eJw9jcFOg0AURQco0NqU5CZ8QD%2BBWgfYm%2FgLLskb5tGOAq8ZRqt%2FL7pwdxbn5Cil4nKP5IM0jrUdGtOTrfjpfNLtoB91Rbqpq55abs0JO7d0gczIYYPUeJrtAekklscDcuPlvrAvE2xmmhj5i%2FM8yNdq0Jt4ROeV3PxLNWJZyqTIsHt1s127Y1NsM1U8ZAr720hhED91zmYR0osny4iese0p8EX8N3LLy3uQGyCj7f79v218b5BZ%2FnQ9I5VwZf8DPZQ%2BYg%3D%3D; GL_GI=eJxjYGBgEuEUZMosEOQ1N9czMdAzNLIEYmNB5vTUfEEmP39BtqLU9Mz8PEEmA2NBbgg7Pjk%2FJVWQ1c9fFyjGkpxZUinI4l%2Bcky%2FICWJDZNmBsmAx5sziAkFup6L8xJS81BIFx2BBTiAdX1yQmpoiyOmcmJSTqu8S7CPIBxcFG8DGCACaDCp7

                                         
                                         188.42.139.180
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/7.0.20
Content-Encoding: gzip
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   352
Md5:    f18d376dd9fb83e0040609ca6af1b30e
Sha1:   b9796417c2a683c61ad8d97ea7095b30aeb19f60
Sha256: c9fe5db7b13e20af806cf4458f5da5ccb573ed086db9306bf24c5d49c4ae9689
                                        
                                            GET /static/fonts/sourcesanspro/v7/toadOcfmlt9b38dHJxOBGFkQc6VGVFSmCnC_l7QZG60.woff HTTP/1.1 
Host: themes.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/style_ptp.css
Origin: http://mediacpm.pl

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 25138
Date: Tue, 27 Feb 2018 15:16:49 GMT
Expires: Wed, 27 Feb 2019 15:16:49 GMT
Last-Modified: Thu, 21 Apr 2016 03:17:22 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1259789


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   25138
Md5:    3b39d0c4adb71dbda450b571712785f1
Sha1:   27a8793a678514fcf2bc24e908af60fa82a9d719
Sha256: 980292e01842d511673771bc722e1fa22cf61171b8ce05d9dcfbe9e0addf72d0
                                        
                                            GET /static/fonts/sourcesanspro/v7/ODelI1aHBYDBqgeIAH2zlBM0YzuT7MdOe03otPbuUS0.woff HTTP/1.1 
Host: themes.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/serve/style_ptp.css
Origin: http://mediacpm.pl

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 25703
Date: Tue, 27 Feb 2018 15:16:25 GMT
Expires: Wed, 27 Feb 2019 15:16:25 GMT
Last-Modified: Thu, 21 Apr 2016 03:17:22 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1259813


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   25703
Md5:    9abcef4b8a72fa290320a4bbc0cc9535
Sha1:   e0a8cd982f08293839c6c3cbc9f26f1e84139b53
Sha256: f4c6bd045d7e0e954e16d127f5bc8e993445a0917b1484f8ab0f877385cacc0b
                                        
                                            GET /banads/view.php?spaceid=3607224 HTTP/1.1 
Host: adspaces.ero-advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: uvid=0d43c7728c995f408ce63ec7b7092e6d

                                         
                                         185.70.212.101
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: close
P3P: CP="NOI DSP COR TAIa SAMa NOR"
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: Wed, 14 Mar 2018 05:13:18 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Pragma: no-cache
X-Backend-Server: nl1-web213-64
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1891
Md5:    1a817f4dde398cdfd1e71cba2534d114
Sha1:   f55c0574c0c817270fe68e1626d6da5fc1e1d3b5
Sha256: 44ad29c004de5b063768b1d6f07ce9d9c94f6ef908a3467adafba2f5129707e4
                                        
                                            GET /banads/view.php?spaceid=3568056 HTTP/1.1 
Host: adspaces.ero-advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: uvid=0d43c7728c995f408ce63ec7b7092e6d

                                         
                                         185.70.212.101
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: close
P3P: CP="NOI DSP COR TAIa SAMa NOR"
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: Wed, 14 Mar 2018 05:13:18 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Pragma: no-cache
X-Backend-Server: nl1-web213-15
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1797
Md5:    1660b4d33024c446289bee0b716c87a3
Sha1:   7bcb71f411c42ffaef604cdf154559d9a118341a
Sha256: fc086f2af4a57f970c3228bda54b31c0ccf6a0161c6be399529b7fb871937a26
                                        
                                            GET /serve/ptp.php?var1=6432&var2=http%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D6432&var3=acffccecfd&var4=1521004322 HTTP/1.1 
Host: mediacpm.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: __cfduid=d7983d05dc14d5d97f16c913adf913b8e1521004396; _ga=GA1.2.1471584208.1521004397; _gid=GA1.2.623867062.1521004397; _gat=1

                                         
                                         104.31.2.179
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.30
Set-Cookie: ptp=1521004322; expires=Fri, 16-Mar-2018 05:12:02 GMT; Max-Age=172800; path=/
Server: cloudflare
CF-RAY: 3fb4400ff6eb4297-OSL


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1
Size:   35
Md5:    729c3007a8ed0597531b0c76d54a94bb
Sha1:   90fe9b8a8142548fdfab29f59cb0a164a0eaef81
Sha256: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
                                        
                                            GET /datanew/bannerpools/106267/22076.gif HTTP/1.1 
Host: data.eroadvertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adspaces.ero-advertising.com/banads/view.php?spaceid=3607224
Cookie: __cfduid=d5bc2f9891c66f69451dd4a4494506f171521004396

                                         
                                         104.16.140.19
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 14 Mar 2018 05:13:18 GMT
Content-Length: 141233
Connection: keep-alive
Last-Modified: Wed, 31 Jan 2018 14:45:01 GMT
Etag: "5a71d66d-227b1"
Expires: Sat, 11 Mar 2028 05:13:18 GMT
Cache-Control: public, max-age=315360000
X-Compressor: static177
CF-Cache-Status: HIT
Vary: Accept-Encoding
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3fb440110440428b-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 600
Size:   141233
Md5:    3f65ea767d3aff7bdc618df5f1c041d2
Sha1:   55704dc5e1f5eb93b8127fb9bca2097dbccd35cb
Sha256: ce858fd35a6abaec4db27971a8caf7563f38dca694693fa42bf71311b3c0b924
                                        
                                            GET /2Beuh9z HTTP/1.1 
Host: bit.ly
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: _bit=i2e5dg-af4bdd809bb2fabe1a-00H

                                         
                                         67.199.248.11
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Content-Length: 131
Connection: keep-alive
Cache-Control: private, max-age=90
Location: https://zapodaj.net/images/4238a12901513.png


--- Additional Info ---
Magic:  HTML document text
Size:   131
Md5:    f6debd434dfda749751fe14f549bd415
Sha1:   815a15babdad70d75d762928e54df768ce1085a5
Sha256: 79477424805a328e29652d49530e2241205bcbbd62336648fc7b6f2af9927f45
                                        
                                            GET /2A4Qvqu HTTP/1.1 
Host: bit.ly
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: _bit=i2e5dg-af4bdd809bb2fabe1a-00H

                                         
                                         67.199.248.11
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Content-Length: 131
Connection: keep-alive
Cache-Control: private, max-age=90
Location: https://zapodaj.net/images/d142cb4c2a22e.png


--- Additional Info ---
Magic:  HTML document text
Size:   131
Md5:    3f32365830689e1b6bb3c72d695e51da
Sha1:   5836202d653940dea006ce3c7627b9c776a38fae
Sha256: 4e127fa7824c114ff2a57cb0620decf45e2475950cd053a633f3740e2d58a6e7
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.compreviews.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         160.153.93.105
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Wed, 14 Mar 2018 05:13:18 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 857
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   857
Md5:    a7393a0fc85bed30120e9bcc01cc3143
Sha1:   378c768f999d96594f1820f5470e9b5756590100
Sha256: 3bcebf611b3e5c56976b8f087b086bc1d94cbb93f793a0d5844bb9832fd36c74
                                        
                                            GET /?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=680A53C0-2746-11E8-8A08-3DE0EECF71E7 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://downloadgot.com/imp/5003
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2308
Md5:    e738cb139a484707ff6d42330c17302d
Sha1:   1a638517172e585beb0c88adb33cb5da2b976db3
Sha256: 709802a1f3c7bbf86ecb58b503503414d295b406f06ab63260c74cf123de673e
                                        
                                            GET /?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=680A9EC0-2746-11E8-920D-E36DE53B9EAC HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://downloadgot.com/imp/5010
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2312
Md5:    25dc3854f6e31597c74bdd1ec24e268e
Sha1:   df91a589654b0936fe24fe857359ab1d2b188b13
Sha256: 701111e8fd1e698d006fe61d3910a8efc098c4d36a8fab8bc3cd5e0b3588a541
                                        
                                            GET /?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=680AA570-2746-11E8-A80F-49E654287E36 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://downloadgot.com/imp/5000
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2312
Md5:    5e71137c95720f94f94e30a137b41c03
Sha1:   668a192c2b560b832dbee04eda9c5aa0872cd5d1
Sha256: 36da5b8c6aa7c14fa5a1d00ca9d0e2bdfcbda4549bc1108c3dae74bfbcc66cfa
                                        
                                            GET /?utm_term=6532664146532501003&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5ba8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f345 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=680A53C0-2746-11E8-8A08-3DE0EECF71E7
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1748
Md5:    4ff4d0f1b4d3f423073e0bc3bd824e50
Sha1:   b35b7b14b8c5ed9fd3ad4738e8c2d6586c6462b1
Sha256: dbc7f7e4404a4effba0a3324506bed2f83bf15a2d4b687294cb2ded8a930302c
                                        
                                            GET /?utm_term=6532664146498946586&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5bb8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f346 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=680A9EC0-2746-11E8-920D-E36DE53B9EAC
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1748
Md5:    48064aad9ed7b1a6a38acfeb843ba637
Sha1:   c136fcfd6ec1127f2e85b96b29919bfea21548e5
Sha256: a08fd9b624c1facbe9d351e26039d476b7c9b1bbab2d74d9818da78f7d76a495
                                        
                                            GET /?utm_term=6532664146498946579&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5ba8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f345 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=680AA570-2746-11E8-A80F-49E654287E36
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1750
Md5:    d29691c6924bcf615a8122764cc02e07
Sha1:   b859965956903ee8b35215624f763f14df8f1867
Sha256: 54cce4bbc361ddf5c3812bba569ca0e6fec040cd5c63be53e4f2b098fda79049
                                        
                                            GET /proc.php?57102a0b85de86e478a0a04ba8ef598cfe8a63bc HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_term=6532664146532501003&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5ba8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f345
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://questionfly.com/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=oc&subid=6532664146532501003


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /proc.php?08dc67d00073c35adb8046864aa67837dbf65a7b HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_term=6532664146498946586&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5bb8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f346
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://questionfly.com/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=oc&subid=6532664146498946586


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /proc.php?4648dd98c7efaa8535968bc3fde8d67d0c6184d8 HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_term=6532664146498946579&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5ba8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f345
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         99.198.108.194
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 14 Mar 2018 05:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://questionfly.com/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=oc&subid=6532664146498946579


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /redirect/962 HTTP/1.1 
Host: search-freeek.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.compreviews.net/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /images/4238a12901513.png HTTP/1.1 
Host: zapodaj.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /redirect?tid=690122&ref=adsmodern.com HTTP/1.1 
Host: gleaminist.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /freechat/random.php?wmcode=clickp-REVS-pop HTTP/1.1 
Host: www.soulcams.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clickpapa.com/d.php?id=11677&client=pub-4976

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/top_blue_left.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /redirect.aspx?pid=2871013&bid=27311&sref=FAST&FAST=1031012 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bestadbid.com/afu.php?zoneid=1031012&var=1016295

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/top_blue_icons.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /redirect?feed=99738&auth=KERSoL&query=austin+car+wreck+attorney HTTP/1.1 
Host: search.vertoz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /redirect?tid=689646&ref=adsmodern.com HTTP/1.1 
Host: gleaminist.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /?utm_medium=0a527c5857a8b3e7190d180e6e2ff4dc9cc480d3&cid=6794D160-2746-11E8-AD28-291B5D9AB24F HTTP/1.1 
Host: click.mylink-today.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://safelyawake.com/imp/5074
Cookie: u=75720faa1a7146ae767608ac10a8b3ad

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /banners/bxnqo9mu6/embed/index.html?t=1516886594&userId=33997741 HTTP/1.1 
Host: cdn.bannersnack.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /imagens/banner9/?u=mvmcpm&u3=21690620 HTTP/1.1 
Host: www.neobux.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://site-1337540-7289-4402.strikingly.com/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /detectIE-4ddbcca65e3d52fd931dfd192ece97d94f047339554e018759ef8c92e36e4488.js HTTP/1.1 
Host: static-assets.strikinglycdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://site-1337540-7289-4402.strikingly.com/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /images/fb_images/default.png HTTP/1.1 
Host: static-assets.strikinglycdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://site-1337540-7289-4402.strikingly.com/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /LjEkoa HTTP/1.1 
Host: goo.gl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /is4GLu HTTP/1.1 
Host: goo.gl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /cfKiVd HTTP/1.1 
Host: goo.gl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /NFKaCH HTTP/1.1 
Host: goo.gl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /Gg485p HTTP/1.1 
Host: goo.gl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /redirect?feed=115638&auth=Vn2mgZ&query={query} HTTP/1.1 
Host: xml.vokut.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /48jctj HTTP/1.1 
Host: goo.gl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /serve/valid.php?a=173&b=728x90&referr=&t=1521004321&c=cpmbux&e=2&f=0&h=cbbedfcecda HTTP/1.1 
Host: adsmodern.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adsmodern.com/serve/show.php?a=173&b=728x90
Cookie: __cfduid=df778a4bb4874959c25f1cc35e84b14921521004396

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/logo_center_01.jpg HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/no.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/center_blue_right.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/buttons/06.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/buttons/05.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/buttons/02.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/buttons/01.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/logo_right.jpg HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/buttons/04.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/rightside_top.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /in/active?sub1=(218259)-91353.7146945247 HTTP/1.1 
Host: btds.artplay.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.cpmbux.com/search.php?username=mkrichten&query=e-cards

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/buttons/03.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/logo_center_03.jpg HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/logo_center_02.jpg HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/marker.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/top_blue_right.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /title.jpg HTTP/1.1 
Host: list.jetswap.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?
Cookie: PHPSESSID=qua9r9vgen0nphip8upk5gqgj6

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /ban/hosted.gif HTTP/1.1 
Host: www.jethosting.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /j/i/center_blue_left.gif HTTP/1.1 
Host: dl3.jetswap.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://list.jetswap.com/?

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /images/d142cb4c2a22e.png HTTP/1.1 
Host: zapodaj.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /2A4Qvqu HTTP/1.1 
Host: bit.ly
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: _bit=i2e5dg-af4bdd809bb2fabe1a-00H

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /2Beuh9z HTTP/1.1 
Host: bit.ly
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mediacpm.pl/v.php?user=6432
Cookie: _bit=i2e5dg-af4bdd809bb2fabe1a-00H

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=oc&subid=6532664146532501003 HTTP/1.1 
Host: questionfly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_term=6532664146532501003&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5ba8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f345

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=oc&subid=6532664146498946586 HTTP/1.1 
Host: questionfly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_term=6532664146498946586&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5bb8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f346

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=oc&subid=6532664146498946579 HTTP/1.1 
Host: questionfly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.mylink-today.com/?utm_term=6532664146498946579&clickverify=1&utm_content=fdc2c69a9cafac9c939496a19e9291a58b8bb8ccbecabcbd82b380b19b8184b5ba8bbab9bfbbbcbeb3b2b0b1b5b1b0bd9aaa98999e9f9c9da0a790a3a29794958c8a849a8befecedd3d2d7d7e6dfdcd0facbc8c9cecfcccdc2f3c0c1c6c7c4c5fafbf8f9fefffcfdf2f345

                                         
                                         0.0.0.0
                                        


--- Additional Info ---