Overview

URL bir.party/1689703372
IP104.238.167.6
ASNAS20473 Choopa, LLC
Location Germany
Report completed2017-08-22 19:39:49 +0200
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-08-22 2 www.clictrkid.com/tse/script.js Malware
2017-08-22 2 www.clictrkid.com/ack/75307661475F3246556E3354385F3344 Malware
2017-08-22 2 www.clictrkid.com/tse/tracking.js?v=2A45A1222D21A5173BC747E8296BAE2F691C6C8 (...) Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Files

No files detected



Passive DNS (0)

No passive DNS data



Recent reports on same IP/ASN/Domain

Last 5 reports on IP: 104.238.167.6

Date UQ / IDS / BL URL IP
2017-08-22 22:07:07 +0200
0 - 1 - 0 bir.party/ 104.238.167.6
2017-08-22 19:57:33 +0200
0 - 0 - 3 bir.party/1801388272 104.238.167.6
2017-08-22 19:37:29 +0200
0 - 0 - 3 bir.party/1492863256 104.238.167.6
2017-08-21 10:40:14 +0200
0 - 0 - 3 bir.party/1801388272 104.238.167.6
2017-08-21 10:38:50 +0200
0 - 0 - 0 bir.party/ 104.238.167.6

Last 10 reports on ASN: AS20473 Choopa, LLC

Date UQ / IDS / BL URL IP
2019-07-01 10:36:48 +0200
0 - 0 - 0 trackerislive.com/click.php?key=wknnw93h8p1jc (...) 208.167.245.65
2019-06-30 01:06:33 +0200
0 - 0 - 0 104.243.35.12 104.243.35.12
2019-06-30 00:51:35 +0200
0 - 0 - 0 justsomething.co/meet-wiley-the-dalmatian-pup (...) 66.55.146.115
2019-06-30 00:48:28 +0200
0 - 0 - 0 addsc.co 45.77.111.253
2019-06-27 16:54:47 +0200
0 - 0 - 0 negociosrecomendadosklob.com/wp-content/uploa (...) 108.61.95.50
2019-06-26 10:52:45 +0200
0 - 0 - 0 thembay.com 108.61.218.188
2019-06-26 03:15:28 +0200
0 - 0 - 0 artistryseries.com 45.32.217.182
2019-06-25 22:00:35 +0200
0 - 0 - 0 208.167.245.65/click.php?lp=1 208.167.245.65
2019-06-25 18:19:33 +0200
0 - 0 - 0 hupehome.com 104.207.133.9
2019-06-25 18:13:25 +0200
0 - 0 - 0 hupehome.com 104.207.133.9

Last 1 reports on domain: .

Date UQ / IDS / BL URL IP
2018-09-03 02:08:10 +0200
0 - 0 - 1 bir.party/ 198.54.117.200


JavaScript

Executed Scripts (20)


Executed Evals (2)

#1 JavaScript::Eval (size: 4936, repeated: 1) - SHA256: ac621fbce7c4c571f92ace8c4b86d4b7827fcb6d3479276849de547e7205b326

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = typeof(window.callPhantom) !== "undefined" || typeof(window._phantom) !== "undefined" ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof(navigator.sendBeacon) === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = typeof(navigator.geolocation) !== "undefined" ? 1 : 0
} catch (e) {
    QC.NG = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

#2 JavaScript::Eval (size: 613, repeated: 1) - SHA256: 7d79d7f17504a461320f713188b82fa5a1fdfd154969db17892e75294035c861

                                        var a;
var b;
var ix;
if (typeof window.innerWidth != 'undefined') {
    a = window.innerWidth;
    b = window.innerHeight
} else if (typeof document.documentElement != 'undefined' && typeof document.documentElement.clientWidth != 'undefined' && document.documentElement.clientWidth != 0) {
    a = document.documentElement.clientWidth;
    b = document.documentElement.clientHeight
} else {
    a = document.getElementsByTagName('body')[0].clientWidth;
    b = document.getElementsByTagName('body')[0].clientHeight
}
try {
    ix = window.self !== window.top ? 1 : 0
} catch (e) {
    ix = 2
}
document.getElementById('a').value = a;
document.getElementById('b').value = b;
document.getElementById('ix').value = ix;
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 552, repeated: 1) - SHA256: 55089c533a81751f710e74bbcb9266fa91451d2c4fac868bc1808e281087969c

                                        < br / > < p class = "formtc"
style = "font-family:sans-serif!important;color:#eeeeee!important;font-size: 11px!important; text-align:center;line-height:12px;" > By clicking the button above you indicate that you have read, understood and agreed to the < a target = "_blank"
href = "/terms-and-conditions.html"
style = "color:#eeeeee!important" > Terms Of Use < /a>, <a target="_blank" style="color:#eeeeee!important" href="/risk - disclaimer.html ">Risk Disclaimer</a> and <a target="
_blank " href=" / privacy - policy.html " style="
color: # eeeeee!important ">Privacy Policy</a>.</p>
                                    


HTTP Transactions (77)


Request Response
                                        
                                            GET /1689703372 HTTP/1.1 
Host: bir.party
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.238.167.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Tue, 22 Aug 2017 17:39:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   656
Md5:    2ce2bdb60d06f7e1bbf6cb3d061a2951
Sha1:   06c2324352b095892ea322a6bc82722af5dc3719
Sha256: 96c829346d92d8fae1d925a0db71fdaed16e490adcb772dbcb1161c887885383
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Aug 2017 17:39:12 GMT
Expires: Sat, 26 Aug 2017 17:39:12 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=529203, public, no-transform, must-revalidate
Last-Modified: Mon, 21 Aug 2017 20:37:41 GMT
Expires: Mon, 28 Aug 2017 20:37:41 GMT
Date: Tue, 22 Aug 2017 17:39:12 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    b0ddde9c1c935ee8f4d2f0c947b2a36a
Sha1:   90d0820166b6fb052885d2aafbc89db803bd40dc
Sha256: 83ac1aea948ade3b30b9ff5964550baa71bee7637d57f42dacffb9451f6c503b
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bir.party/1689703372

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 22 Aug 2017 16:50:02 GMT
Expires: Tue, 22 Aug 2017 18:50:02 GMT
Last-Modified: Thu, 17 Aug 2017 01:11:09 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 13472
Cache-Control: public, max-age=7200
Age: 2950
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   13472
Md5:    b9b86922042a652c2ab95127f5d56fb1
Sha1:   ab415059ac440b2dc5aa4618e99df56b4f648222
Sha256: 9984b80ed589c69864d7fa2d664e83db447b4cafc4b7beeeea3c14a0818b519f
                                        
                                            GET /r/collect?v=1&_v=j60&a=902547721&t=pageview&_s=1&dl=http%3A%2F%2Fbir.party%2F1689703372&ul=en-us&de=UTF-8&dt=Redirect&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAMQAI~&jid=1563301903&gjid=530039745&cid=1109456284.1503423553&tid=UA-74374389-1&_gid=1543314433.1503423553&_r=1&z=2007834197 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bir.party/1689703372

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 22 Aug 2017 17:39:13 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bir.party
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: _ga=GA1.2.1109456284.1503423553; _gid=GA1.2.1543314433.1503423553; _gat=1

                                         
                                         104.238.167.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Tue, 22 Aug 2017 17:39:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   656
Md5:    2ce2bdb60d06f7e1bbf6cb3d061a2951
Sha1:   06c2324352b095892ea322a6bc82722af5dc3719
Sha256: 96c829346d92d8fae1d925a0db71fdaed16e490adcb772dbcb1161c887885383
                                        
                                            GET /ad/33dc2458 HTTP/1.1 
Host: adjo.design
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         94.23.155.159
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.12.0
Date: Tue, 22 Aug 2017 17:39:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Sun, 01 Jan 2010 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: user_key=1511199553%7CutVI8EwXvEkJr5guN6PmV1gHN%2F3H5P0phwd4SQd%2F9xM%3D%7C0f2f42b43c89a5cc6884dbdc8d760a1a8d8a375d; path=/; expires=Mon, 20-Nov-2017 17:39:13 UTC visited.tracking.33dc2458=1503509953%7C4rYWTXXVZlvY7zQnKFGgwatOXriyEmtidKpj9cPgKs8%3D%7C80f75ee5db150adc83f75932a203de0cebe53e87; path=/; expires=Wed, 23-Aug-2017 17:39:13 UTC tracking.33dc2458=1503509953%7Cj3yNMPVtyEGkMCMs2B4yKTO5iwfnVYHGo3jOhLSNzeY%3D%7C7a07eeab9e84394c17e1afd96369f3d4d4b713c8; path=/; expires=Wed, 23-Aug-2017 17:39:13 UTC
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1365
Md5:    3cd7417361dcdf267b3350ed95c10980
Sha1:   3fb8860bbd5275a755bc81ecabd0f8e099242433
Sha256: e65cbdb15140d67b68e3b17f6f8f0f8662fc1d59eb17c7fe1dc078c4ca60cb3b
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adjo.design/ad/33dc2458
If-Modified-Since: Fri, 03 Oct 2014 00:48:42 GMT

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 22 Aug 2017 16:50:33 GMT
Expires: Tue, 22 Aug 2017 18:50:33 GMT
Last-Modified: Thu, 17 Aug 2017 01:11:09 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 13472
Cache-Control: public, max-age=7200
Age: 2921


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   13472
Md5:    b9b86922042a652c2ab95127f5d56fb1
Sha1:   ab415059ac440b2dc5aa4618e99df56b4f648222
Sha256: 9984b80ed589c69864d7fa2d664e83db447b4cafc4b7beeeea3c14a0818b519f
                                        
                                            GET /img/loading.gif HTTP/1.1 
Host: smart2cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adjo.design/ad/33dc2458

                                         
                                         104.27.158.189
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 22 Aug 2017 17:39:14 GMT
Content-Length: 9770
Connection: keep-alive
Set-Cookie: __cfduid=d4ecfa83cd227bf577acc5a7652bf16261503423554; expires=Wed, 22-Aug-18 17:39:14 GMT; path=/; domain=.smart2cdn.com; HttpOnly
Last-Modified: Tue, 22 Aug 2017 13:26:41 GMT
Etag: "599c3111-262a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 22 Aug 2018 17:39:14 GMT
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39279c3d402e42a9-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 64 x 64
Size:   9770
Md5:    5051a11ae64fc9cfc191528646a6676d
Sha1:   2c71cd9ac89c39cec91249ee6be3426b344efa97
Sha256: ec4015937da849d624a4fdeb8275f3c20594d6b6b26182386a18a04989e511b7
                                        
                                            GET /js/injection.js HTTP/1.1 
Host: smart2cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adjo.design/ad/33dc2458

                                         
                                         104.27.158.189
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 22 Aug 2017 17:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d6fe4c48fecae156dc4da0e5adbe90a381503423554; expires=Wed, 22-Aug-18 17:39:14 GMT; path=/; domain=.smart2cdn.com; HttpOnly
Last-Modified: Tue, 22 Aug 2017 13:26:41 GMT
Etag: W/"599c3111-5ba2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 22 Aug 2018 17:39:14 GMT
Cache-Control: public, max-age=31536000
Server: cloudflare-nginx
CF-RAY: 39279c3d356a42c1-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6875
Md5:    134ef219aaa8c2854dfbc8ff539fd071
Sha1:   0d0801efe3a03eef10c7947fe060e714c7884309
Sha256: 624c953fdfb5dedac954313a03b963dbd1a4d18ce48db51a550f1ef5f6d906ea
                                        
                                            GET /ico/1489172516.ico HTTP/1.1 
Host: smart2cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.27.158.189
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 22 Aug 2017 17:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dec182d0930b9285918250c8cbd2fd3fb1503423554; expires=Wed, 22-Aug-18 17:39:14 GMT; path=/; domain=.smart2cdn.com; HttpOnly
Last-Modified: Tue, 22 Aug 2017 13:26:41 GMT
Etag: W/"599c3111-5a596"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 22 Aug 2018 17:39:14 GMT
Cache-Control: public, max-age=31536000
Server: cloudflare-nginx
CF-RAY: 39279c3d35d44255-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   12224
Md5:    672d2214c2491c73afd1cc47ba2a4494
Sha1:   e4d2a3b30c3c20279743b2d8e8921a0e88718c5c
Sha256: d0289b66db49c58f9e51c7420d0bec479b769e0278622b88dc7bf8ce04f15c48
                                        
                                            GET /r/collect?v=1&_v=j60&a=970186681&t=pageview&_s=1&dl=http%3A%2F%2Fadjo.design%2Fad%2F33dc2458&dp=%2Fad%2F33dc2458%23373&ul=en-us&de=UTF-8&dt=Wait%20a%20second...&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAEQAI~&jid=1852238687&gjid=542351859&cid=1651262848.1503423554&tid=UA-74349022-2&_gid=1635848631.1503423554&_r=1&z=109968736 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adjo.design/ad/33dc2458

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 22 Aug 2017 17:39:14 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /ad/854445db?aff_id=55302 HTTP/1.1 
Host: adjo.design
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adjo.design/ad/33dc2458
Cookie: user_key=1511199553%7CutVI8EwXvEkJr5guN6PmV1gHN%2F3H5P0phwd4SQd%2F9xM%3D%7C0f2f42b43c89a5cc6884dbdc8d760a1a8d8a375d; visited.tracking.33dc2458=1503509953%7C4rYWTXXVZlvY7zQnKFGgwatOXriyEmtidKpj9cPgKs8%3D%7C80f75ee5db150adc83f75932a203de0cebe53e87; tracking.33dc2458=1503509953%7Cj3yNMPVtyEGkMCMs2B4yKTO5iwfnVYHGo3jOhLSNzeY%3D%7C7a07eeab9e84394c17e1afd96369f3d4d4b713c8; _ga=GA1.2.1651262848.1503423554; _gid=GA1.2.1635848631.1503423554; _gat=1

                                         
                                         94.23.155.159
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.12.0
Date: Tue, 22 Aug 2017 17:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Sun, 01 Jan 2010 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: user_key=1511199554%7CBxByV6Sqv%2Fi5yUmsAe4Xbk%2BNJKDiFcWose2h6hZvu8k%3D%7C5be04d8b0975df34515f5b65292d52b89c53d593; path=/; expires=Mon, 20-Nov-2017 17:39:14 UTC visited.tracking.854445db=1503509954%7C7NfPcbDWiXU50xv0f8CAyRZ3KFWUh8svFbQAuKo0VxU%3D%7Cb69d0c349426bf7f5e546128d6c28f250b30732a; path=/; expires=Wed, 23-Aug-2017 17:39:14 UTC tracking.854445db=1503509954%7CgMQeDvdJ1jQ09wDYzt7gYUNdsPrxqX5bxrZ0wpMshqM%3D%7C04a2ad65aca339c0402f6be54b531735a6fe59e0; path=/; expires=Wed, 23-Aug-2017 17:39:14 UTC
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1489
Md5:    bfd9dee0769aca181a4c298ae993cc6c
Sha1:   d66fd87bb7c21093f36d47f03f670f594ccfd4d6
Sha256: 7bca997628da8adf5fcec2f11a8eba58820c3a105ea48fc51d9b2aac0df9b7af
                                        
                                            GET /collect?v=1&_v=j60&a=2082838712&t=pageview&_s=1&dl=http%3A%2F%2Fadjo.design%2Fad%2F854445db%3Faff_id%3D55302&dp=%2Fad%2F854445db%23721&ul=en-us&de=UTF-8&dt=Wait%20a%20second...&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=AACAAEQAI~&jid=&gjid=&cid=1651262848.1503423554&tid=UA-74349022-2&_gid=1635848631.1503423554&z=1967576760 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adjo.design/ad/854445db?aff_id=55302

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Thu, 17 Aug 2017 22:53:27 GMT
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Cache-Control: no-cache, no-store, must-revalidate
Age: 413147


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /afu.php?zoneid=1310063&var=bGd5RHdOb3psa1BNc3A0WFZ4aW9EMkFqaEwvVjBOVjBrUE9WT2Iyd3hIMVJrb1psdWE3MGJKaGU3SGFmRE1TYw HTTP/1.1 
Host: frstlead.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://adjo.design/ad/854445db?aff_id=55302

                                         
                                         194.187.98.182
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 22 Aug 2017 17:39:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Wed, 23-Aug-2017 17:39:15 GMT; Max-Age=86400; path=/ OAGEO5580f=12%7CNO%7C03%7COSLO%7CXDSL%7CPOWERTECH+INFORMATION+SYSTEMS+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Wed, 23-Aug-2017 17:39:15 GMT; Max-Age=86400; path=/ oaidts=1503423555; expires=Wed, 22-Aug-2018 17:39:15 GMT; Max-Age=31536000; path=/ OAID=26580a30a90a00169c475193e346fc0a; expires=Wed, 22-Aug-2018 17:39:15 GMT; Max-Age=31536000; path=/ OXVAR=bGd5RHdOb3psa1BNc3A0WFZ4aW9EMkFqaEwvVjBOVjBrUE9WT2Iyd3hIMVJrb1psdWE3MGJKaGU3SGFmRE1TYw; expires=Wed, 23-Aug-2017 17:39:15 GMT; Max-Age=86400; path=/ OAID=26580a30a90a00169c475193e346fc0a; expires=Wed, 22-Aug-2018 17:39:15 GMT; Max-Age=31536000; path=/ pbk2=369c518107d771a1c2d308c245638eeb6457155002468461451; expires=Tue, 22-Aug-2017 17:49:15 GMT; Max-Age=600 ltm_afu=1; expires=Wed, 23-Aug-2017 17:39:15 GMT; Max-Age=86400; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4293
Md5:    faa3db1069887b193f2ebec0b5a075df
Sha1:   85e9f02a84fad58c4c4f0e4f974d9f0d5e0fc714
Sha256: 0984c73647e87bc5ea9cd051dfdb7ad9e8d17b4f5dd56b460fe47d4727d0d0ac
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: frstlead.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=12%7CNO%7C03%7COSLO%7CXDSL%7CPOWERTECH+INFORMATION+SYSTEMS+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1503423555; OAID=26580a30a90a00169c475193e346fc0a; OXVAR=bGd5RHdOb3psa1BNc3A0WFZ4aW9EMkFqaEwvVjBOVjBrUE9WT2Iyd3hIMVJrb1psdWE3MGJKaGU3SGFmRE1TYw; pbk2=369c518107d771a1c2d308c245638eeb6457155002468461451; ltm_afu=1

                                         
                                         194.187.98.182
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Tue, 22 Aug 2017 17:39:15 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /?r=%2Fmb%2Fhan&zoneid=1310063&pbk2=369c518107d771a1c2d308c245638eeb6457155002468461451&var=bGd5RHdOb3psa1BNc3A0WFZ4aW9EMkFqaEwvVjBOVjBrUE9WT2Iyd3hIMVJrb1psdWE3MGJKaGU3SGFmRE1TYw&uuid=d1398170-b079-48de-8c87-18136b84c14e&ad_scheme=1&ab=238&rotation_type=2&ppucounter=0&first_visit=0&on_test=0&offer_views=0&adparams=bm9qcz0wJnNhdmVkX3JlZmVyZXI9aHR0cCUzQSUyRiUyRmFkam8uZGVzaWduJTJGYWQlMkY4NTQ0NDVkYiUzRmFmZl9pZCUzRDU1MzAy&x=1176&y=754&sw=1176&sh=885&wx=-4&wy=-4&ww=1184&wh=863&wiw=1176&wih=754&wfc=0&pl=http%3A%2F%2Ffrstlead.com%2Fafu.php%3Fzoneid%3D1310063%26var%3DbGd5RHdOb3psa1BNc3A0WFZ4aW9EMkFqaEwvVjBOVjBrUE9WT2Iyd3hIMVJrb1psdWE3MGJKaGU3SGFmRE1TYw&drf=http%3A%2F%2Fadjo.design%2Fad%2F854445db%3Faff_id%3D55302&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&id=0e5c4cf438f92e77a69e504717834421&co=1&rf=1&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=1&timeout=0 HTTP/1.1 
Host: frstlead.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://frstlead.com/afu.php?zoneid=1310063&var=bGd5RHdOb3psa1BNc3A0WFZ4aW9EMkFqaEwvVjBOVjBrUE9WT2Iyd3hIMVJrb1psdWE3MGJKaGU3SGFmRE1TYw
Cookie: SeenToday=1; OAGEO5580f=12%7CNO%7C03%7COSLO%7CXDSL%7CPOWERTECH+INFORMATION+SYSTEMS+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1503423555; OAID=26580a30a90a00169c475193e346fc0a; OXVAR=bGd5RHdOb3psa1BNc3A0WFZ4aW9EMkFqaEwvVjBOVjBrUE9WT2Iyd3hIMVJrb1psdWE3MGJKaGU3SGFmRE1TYw; pbk2=369c518107d771a1c2d308c245638eeb6457155002468461451; ltm_afu=1

                                         
                                         194.187.98.182
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 22 Aug 2017 17:39:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=89KsVUbUAzW7MgxhILEmPDOwQjRBc-X8ksrS8tCGG7c; expires=Tue, 29-Aug-2017 17:39:15 GMT; Max-Age=604800 OAGEO5580f=12%7CNO%7C03%7COSLO%7CXDSL%7CPOWERTECH+INFORMATION+SYSTEMS+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Wed, 23-Aug-2017 17:39:15 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Wed, 23-Aug-2017 17:39:15 GMT; Max-Age=86400; path=/ ppucntstart=1503423555; expires=Wed, 23-Aug-2017 17:39:15 GMT; Max-Age=86400; path=/ allcnt=1; expires=Wed, 22-Aug-2018 17:39:15 GMT; Max-Age=31536000; path=/ OAID=26580a30a90a00169c475193e346fc0a; expires=Wed, 22-Aug-2018 17:39:15 GMT; Max-Age=31536000; path=/ _OACCAP[919684]=1; expires=Wed, 22-Aug-2018 17:39:15 GMT; Max-Age=31536000; path=/ _OACBLOCK[919684]=1503423555; expires=Thu, 21-Sep-2017 17:39:15 GMT; Max-Age=2592000; path=/ _OXCCLK[919684]=1; expires=Wed, 22-Aug-2018 17:39:15 GMT; Max-Age=31536000; path=/ _OXPCLK[91529]=1; expires=Wed, 22-Aug-2018 17:39:15 GMT; Max-Age=31536000; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://fastcloudway.com/ts/47766A66593375796B46305F3344?utm_source=1310063&utm_medium=pp&xzoneid=366980490032


--- Additional Info ---
                                        
                                            GET /ts/47766A66593375796B46305F3344?utm_source=1310063&utm_medium=pp&xzoneid=366980490032 HTTP/1.1 
Host: fastcloudway.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://frstlead.com/afu.php?zoneid=1310063&var=bGd5RHdOb3psa1BNc3A0WFZ4aW9EMkFqaEwvVjBOVjBrUE9WT2Iyd3hIMVJrb1psdWE3MGJKaGU3SGFmRE1TYw

                                         
                                         130.211.9.122
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Pragma: no-cache
Expires: 0
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: http://frstlead.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Cache-Control
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
X-AspNetMvc-Version: 5.2
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-AspNet-Version: 4.0.30319
Set-Cookie: jdha8jd=76a793904eac064d366b91a6f1d38df8ae86197a791b200f4e; expires=Fri, 17-Aug-2018 17:39:15 GMT; path=/ unq_1177000=2017-08-22T17:39:15; path=/ dksd92=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA; expires=Mon, 20-Nov-2017 17:39:15 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:14 GMT
Content-Length: 205
Via: 1.1 google


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   205
Md5:    31f5f83434fdc36de2d7382896958e4f
Sha1:   0d8efc5fa3ff0415098a836431f39d340d6f7c2b
Sha256: 5fe946fdaf63b839bcab5e5eed13bd20bc18a5b028eb23c1389ddda1a386e161
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: fastcloudway.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: jdha8jd=76a793904eac064d366b91a6f1d38df8ae86197a791b200f4e; unq_1177000=2017-08-22T17:39:15; dksd92=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA

                                         
                                         130.211.9.122
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:14 GMT
Content-Length: 1245
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1245
Md5:    5343c1a8b203c162a3bf3870d9f50fd4
Sha1:   04b5b886c20d88b57eea6d8ff882624a4ac1e51d
Sha256: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
                                        
                                            GET /lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013 HTTP/1.1 
Host: www.theprofitsmaker.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         198.232.125.32
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 22 Aug 2017 17:39:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Feb 2017 14:26:48 GMT
Etag: W/"58a5b6a8-2758"
Server: NetDNA-cache/2.2
Expires: Wed, 23 Aug 2017 17:39:15 GMT
Cache-Control: max-age=86400
X-Cache: MISS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3412
Md5:    bfa0be4dc39c8dcb96277e2fefc57ed4
Sha1:   46403887d67924c331dadc55e136ab72b38b700c
Sha256: 6e0f929bb141c36b5f287ff6b14aa762e6363f865233215a986a878cf7d35f79
                                        
                                            GET /lp/pm.css HTTP/1.1 
Host: www.theprofitsmaker.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         198.232.125.32
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 22 Aug 2017 17:39:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 May 2016 16:56:47 GMT
Etag: W/"572a29cf-27c1"
Server: NetDNA-cache/2.2
Expires: Wed, 23 Aug 2017 17:39:15 GMT
Cache-Control: max-age=86400
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2781
Md5:    259a0712d1ef1f2e1bb28add0f15f221
Sha1:   3c68746e6149a5429dc266642bea9cca0a61cfb3
Sha256: cfd60ec7317eae6ebd35ed10724f72817b0f8c168992dc26abc8d5ec9ff81d27
                                        
                                            GET /5.8.0/video-js.css HTTP/1.1 
Host: vjs.zencdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         151.101.84.207
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 07 Mar 2016 20:30:18 GMT
Etag: "0767d1bc98321ca07f040614f6280085"
Content-Encoding: gzip
Content-Length: 13366
Date: Tue, 22 Aug 2017 17:39:15 GMT
Connection: keep-alive
X-Served-By: cache-bma7031-BMA
X-Cache: HIT
X-Cache-Hits: 10
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13366
Md5:    ca7d6967a8dd5ac2b851fd8d394f58ed
Sha1:   d65850e20bb3449865a34f6113c46ff6e3b87a2a
Sha256: ad2f7cf78933e32e10c19c178991ccf2088687c50ce16db389c3c6cf9b89f620
                                        
                                            GET /ie8/1.1.2/videojs-ie8.min.js HTTP/1.1 
Host: vjs.zencdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         151.101.84.207
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 10 Feb 2016 20:27:09 GMT
Etag: "2ff9bb22f0b1789ac170247b0825488f"
Content-Encoding: gzip
Content-Length: 8924
Date: Tue, 22 Aug 2017 17:39:15 GMT
Connection: keep-alive
X-Served-By: cache-bma7033-BMA
X-Cache: HIT
X-Cache-Hits: 56746
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8924
Md5:    c1f1df0d15c6c2385354cd6f1d55ac90
Sha1:   29d75b7acb3856360eaf22df07d5d8fe8e9917db
Sha256: 8fb2e6f24918cbce5dc1984062388d8d2a2191bf107606bedbae6e2f4451b151
                                        
                                            GET /video.css HTTP/1.1 
Host: www.algocashmaster.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         94.31.29.128
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 May 2016 17:02:51 GMT
Etag: W/"572a2b3b-1297"
Server: NetDNA-cache/2.2
Expires: Wed, 23 Aug 2017 17:39:16 GMT
Cache-Control: max-age=86400
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1423
Md5:    5ea47db206d244d53e48f1d25380f4ef
Sha1:   c4f48e0396070cd0b14d53402572fca478a3d8fe
Sha256: 9c7d74474687a84ca52fb4fd9709d46cd0730b70a0e11a74c7c3a470004b936e
                                        
                                            GET /lp/stno/img/logo.png HTTP/1.1 
Host: www.theprofitsmaker.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         198.232.125.32
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 22 Aug 2017 17:39:15 GMT
Content-Length: 42847
Connection: keep-alive
Last-Modified: Wed, 04 May 2016 16:59:03 GMT
Etag: "572a2a57-a75f"
Server: NetDNA-cache/2.2
Expires: Wed, 23 Aug 2017 17:39:15 GMT
Cache-Control: max-age=86400
X-Cache: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 275 x 142, 8-bit/color RGBA, non-interlaced
Size:   42847
Md5:    b545f31d0ea9162e710dbe0eab5c660d
Sha1:   eed3fea073f0dfe670d3f1855f2cd2ee25a2dbd4
Sha256: 38f9247702828c67e7f0743777280bcf21e8c42ea809665e51edd200472c21d1
                                        
                                            GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         108.177.14.95
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 33434
Date: Wed, 16 Aug 2017 22:06:19 GMT
Expires: Thu, 16 Aug 2018 22:06:19 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 502377


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   33434
Md5:    e4bb941e9945e6b8fc2c91584e0545e2
Sha1:   8ac8f5fbba79ab93ff34041cf41ed30b0487354d
Sha256: d5aef23e26c649450ee31e6d65fe05937d337e1e91efdc884893e9f2b1e89971
                                        
                                            GET /5.8.0/video.js HTTP/1.1 
Host: vjs.zencdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         151.101.84.207
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 07 Mar 2016 20:30:19 GMT
Etag: "5862b4eeaa1d01a08d76baf058325ef5"
Content-Encoding: gzip
Content-Length: 150932
Date: Tue, 22 Aug 2017 17:39:16 GMT
Connection: keep-alive
X-Served-By: cache-bma7032-BMA
X-Cache: HIT
X-Cache-Hits: 3
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   150932
Md5:    f5d4886d09c9dc4eab6bfc5896ed09cd
Sha1:   eaf637ba56a238f9c8bb49aa9b18458edf26ea34
Sha256: 2bdf7cf16aa1cacfc5403680ddc5ba67e753d3d27df7e8f43dc675892ec83cec
                                        
                                            GET /tse/script.js HTTP/1.1 
Host: www.clictrkid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         130.211.9.122
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-cache
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: http://www.theprofitsmaker.net, *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Cache-Control
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:16 GMT
Content-Length: 1459
Via: 1.1 google


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   1459
Md5:    a176b11e8f0e0ba32a8c31575ae6af41
Sha1:   e218375a3d85040aea44ffe7d97266ed49a04493
Sha256: 42c7b74afd4b7d29d0f102d2f454ce42f8fc934953f15535dad967769f42b3ee

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /B2439_A41266_TClick.aspx HTTP/1.1 
Host: partners.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         107.154.116.121
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: http://partners.etoro.com/aw.aspx?B=2439&A=41266&Task=Click
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:15 GMT
X-Cnection: close
Content-Length: 190
X-Frame-Options: SAMEORIGIN
Set-Cookie: visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; expires=Wed, 22 Aug 2018 10:00:04 GMT; path=/; Domain=.etoro.com incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; path=/; Domain=.etoro.com ___utmvmiyuORYI=tRhVqviIACo; path=/; Max-Age=900 ___utmvaiyuORYI=BTwnHSa; path=/; Max-Age=900 ___utmvbiyuORYI=uZV XCBOYalo: xtT; path=/; Max-Age=900
X-Iinfo: 11-19761213-19754058 PNNN RT(1503423555069 0) q(0 0 0 0) r(1 1) U11
X-CDN: Incapsula


--- Additional Info ---
Magic:  HTML document text
Size:   190
Md5:    2368be595957495c541fe241a831f714
Sha1:   325aa032bbe8b47b4089540909c24eaaa5be1b9a
Sha256: 160dd29d216936fce8764101d2477271c24ebc58c03ae97e234fd01174ab3fb7
                                        
                                            GET /tcmodal/tcdark.js HTTP/1.1 
Host: staticjs.obox.netdna-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         198.232.127.32
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Last-Modified: Thu, 07 Jul 2016 07:09:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"577e002e-b02"
Server: NetDNA-cache/2.2
Expires: Tue, 22 Aug 2017 17:39:16 GMT
Cache-Control: max-age=0
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1224
Md5:    dbeae069499948393e49f9b18d03e145
Sha1:   ce643db3693ad5ece2e74c918c6c6ffbc0e609ea
Sha256: 63f490e479e41617bd035835c74141920562ce0e960735ae08967879c42e95a9
                                        
                                            GET /lp/stno/img/smlogos.png HTTP/1.1 
Host: www.theprofitsmaker.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         198.232.125.32
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Content-Length: 6086
Connection: keep-alive
Last-Modified: Wed, 04 May 2016 16:59:03 GMT
Etag: "572a2a57-17c6"
Server: NetDNA-cache/2.2
Expires: Wed, 23 Aug 2017 17:39:16 GMT
Cache-Control: max-age=86400
X-Cache: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 402 x 28, 8-bit colormap, non-interlaced
Size:   6086
Md5:    cb0ba356e5961a7cd54ef8d0d356f3ef
Sha1:   a8a9e74b032c82ee0430e1a5239022c2f4881c31
Sha256: 1b6c3ab75d8fef117a7939856ac0ea309f8e4a0c6b82e103ec87d47fe6f91bc2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Server: Apache
Last-Modified: Mon, 21 Aug 2017 21:40:11 GMT
Expires: Mon, 28 Aug 2017 21:40:11 GMT
Etag: 357DE41AB76BCC439BED78E45339DFCA50D5743C
Cache-Control: max-age=532254,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp7
Content-Length: 472
Connection: close

                                        
                                            GET /aw.aspx?B=2439&A=41266&Task=Click HTTP/1.1 
Host: partners.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; ___utmvmiyuORYI=tRhVqviIACo; ___utmvaiyuORYI=BTwnHSa; ___utmvbiyuORYI=uZV XCBOYalo: xtT

                                         
                                         107.154.116.121
HTTP/1.1 301 Moved Permanently
                                        
Cache-Control: private
Content-Length: 0
Location: http://pages.etoro.com/lp/rankings-lp/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
P3P: CP=`NOI DSP COR NID ADMa OPTa OUR NOR`
Set-Cookie: ASP.NET_SessionId=25vn2djwhlw0wwktdiqriowf; path=/; HttpOnly AffiliateWizAffiliateID=AffiliateID=41266&ClickBannerID=2439&SubAffiliateID=&Custom=&ClickDateTime=8/22/2017 5:39:16 PM&UserUniqueIdentifier=c31353af-d339-4264-a470-5f2b5d2fb53f; domain=.etoro.com; expires=Sat, 21-Oct-2017 00:00:00 GMT; path=/ RequestURL=URL=http://partners.etoro.com/aw.aspx?b=2439&a=41266&task=click; domain=.etoro.com; expires=Thu, 21-Sep-2017 00:00:00 GMT; path=/ visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; expires=Wed, 22 Aug 2018 10:00:06 GMT; path=/; Domain=.etoro.com incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; path=/; Domain=.etoro.com ___utmvbiyuORYI=a; Max-Age=0; path=/; expires=Tue, 15 Aug 2017 09:58:09 GMT ___utmvaiyuORYI=a; Max-Age=0; path=/; expires=Tue, 15 Aug 2017 09:58:09 GMT ___utmvmiyuORYI=a; Max-Age=0; path=/; expires=Tue, 15 Aug 2017 09:58:09 GMT
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:15 GMT
X-Cnection: close
X-Frame-Options: SAMEORIGIN
X-Iinfo: 3-5258558-5258559 NNNN CT(0 -1 0) RT(1503423555195 2) q(0 0 0 -1) r(1 1) U11
X-CDN: Incapsula


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Server: Apache
Last-Modified: Sat, 19 Aug 2017 22:42:46 GMT
Expires: Sat, 26 Aug 2017 22:42:46 GMT
Etag: E36C837690508D25CBFDECDD5664E2E14FCAB20C
Cache-Control: max-age=363209,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp7
Content-Length: 727
Connection: close

                                        
                                            GET /vod/obmvod.obox/vod/www-back/global/video-main.js HTTP/1.1 
Host: p.obmvod.obox.netdna-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         50.97.71.227
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Content-Length: 4742
Last-Modified: Thu, 03 Aug 2017 14:17:59 GMT
Connection: keep-alive
Etag: "59833097-1286"
Server: NetDNA-cache/2.2
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   4742
Md5:    30731cc233115f43753773d5393b5cb6
Sha1:   e772d045f960a4cf209af0b83b35b927236c0f7b
Sha256: 79e17d2e70df55e9af74f74b1a5e3be2acefc1080429a5f614400dd0bf477f83
                                        
                                            GET /lp/rankings-lp/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html HTTP/1.1 
Host: pages.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; AffiliateWizAffiliateID=AffiliateID=41266&ClickBannerID=2439&SubAffiliateID=&Custom=&ClickDateTime=8/22/2017 5:39:16 PM&UserUniqueIdentifier=c31353af-d339-4264-a470-5f2b5d2fb53f; RequestURL=URL=http://partners.etoro.com/aw.aspx?b=2439&a=41266&task=click

                                         
                                         107.154.116.121
HTTP/1.1 301 Moved Permanently
                                        
Location: https://pages.etoro.com/lp/rankings-lp/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html
Content-Length: 0
Connection: close


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Server: Apache
Last-Modified: Sat, 19 Aug 2017 22:42:46 GMT
Expires: Sat, 26 Aug 2017 22:42:46 GMT
Etag: 1C5824DB98377D1938828F94DEAC15C7EE5A0384
Cache-Control: max-age=363209,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp36
Content-Length: 471
Connection: close

                                        
                                            GET /ajax/libs/sweetalert/1.1.3/sweetalert.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         104.19.195.102
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:46:48 GMT
Expires: Sun, 12 Aug 2018 17:39:16 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 39279c4b79b74261-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3181
Md5:    2298deba1b34c99ac7c4ada90de626e6
Sha1:   59d10528931985b1a138d2a39d72339310e90b29
Sha256: 6e7fab4ca015214efb518c5b81748ed97e06172a67506d1acf226d9a19330b78
                                        
                                            GET /ajax/libs/sweetalert/1.1.3/sweetalert.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         104.19.195.102
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:46:48 GMT
Expires: Sun, 12 Aug 2018 17:39:16 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 39279c4b8a46426d-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5428
Md5:    b72ce7376f0777590a34d1ceb716ac43
Sha1:   caeed7eb7eeb2893ce3f6b915de56a5cd3d84d5f
Sha256: 569c4718cba953bd09c42f6087852c974f397951d63570e09a1db44b16fd6720
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Expires: Sat, 26 Aug 2017 17:39:16 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Server: Apache
Last-Modified: Tue, 22 Aug 2017 13:41:00 GMT
Expires: Tue, 29 Aug 2017 13:41:00 GMT
Etag: 7091E3F2754AF6F272E39CBE9B30B716BA311617
Cache-Control: max-age=589903,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp7
Content-Length: 472
Connection: close

                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Aug 2017 17:39:16 GMT
Server: Apache
Last-Modified: Sat, 19 Aug 2017 22:42:46 GMT
Expires: Sat, 26 Aug 2017 22:42:46 GMT
Etag: FF3A222A6B564AE71C47DCC19AD8B33F65E9089B
Cache-Control: max-age=363209,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp36
Content-Length: 727
Connection: close

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Tue, 22 Aug 2017 17:39:16 GMT
Etag: "599c1a75-1d7"
Expires: Tue, 29 Aug 2017 05:39:16 GMT
Last-Modified: Tue, 22 Aug 2017 11:50:13 GMT
Server: ECS (arn/45E2)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Tue, 22 Aug 2017 17:39:16 GMT
Etag: "599c07dd-1d7"
Expires: Tue, 29 Aug 2017 05:39:16 GMT
Last-Modified: Tue, 22 Aug 2017 10:30:53 GMT
Server: ECS (arn/4692)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /css?family=Montserrat:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         64.233.161.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 22 Aug 2017 17:39:16 GMT
Date: Tue, 22 Aug 2017 17:39:16 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   276
Md5:    108e99b5339d400c0204bd3adc7fb601
Sha1:   1b9b1aa0c89cccd285c97d87c546543638cfce8c
Sha256: a0e55320b4a4a479cdf51ea2dd2b510486c6857818253311edc569958192d3bd
                                        
                                            POST / HTTP/1.1 
Host: gv.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 102
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1412
Content-Transfer-Encoding: binary
Cache-Control: max-age=497536, public, no-transform, must-revalidate
Last-Modified: Mon, 21 Aug 2017 11:47:12 GMT
Expires: Mon, 28 Aug 2017 11:47:12 GMT
Date: Tue, 22 Aug 2017 17:39:16 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1412
Md5:    f9e6f0a6e60e84974f500076db37ac8e
Sha1:   4ef60ca7a8b49f95e763f401a3c7142197bab0bf
Sha256: 29293f9ef3fce522f6d8922e84bd919acd8ccd5c67f95d209889a1a342ef2e37
                                        
                                            GET /lp/img/bg.jpg HTTP/1.1 
Host: www.theprofitsmaker.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/pm.css

                                         
                                         198.232.125.32
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 22 Aug 2017 17:39:17 GMT
Content-Length: 22136
Connection: keep-alive
Last-Modified: Wed, 04 May 2016 16:56:53 GMT
Etag: "572a29d5-5678"
Server: NetDNA-cache/2.2
Expires: Wed, 23 Aug 2017 17:39:17 GMT
Cache-Control: max-age=86400
X-Cache: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   22136
Md5:    64ec0f1fa6f3966db918b0c28e46b15d
Sha1:   cac0034b06e102370e8f01ea4d87b4d8d331d55b
Sha256: c6b15c0462306aad9674577199ad765895f8ae4f762368f8c1c9bf35bc0d6174
                                        
                                            GET /ack/75307661475F3246556E3354385F3344 HTTP/1.1 
Host: www.clictrkid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         130.211.9.122
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Location: http://toij.directclicksonly.com:80/ack/75307661475F3246556E3354385F3344?rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: http://www.theprofitsmaker.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Cache-Control
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:16 GMT
Content-Length: 238
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text
Size:   238
Md5:    12e67592742abe5b1e0486c8adc4918b
Sha1:   ab8576cf8b07aeea07e647e352ae5c49d36e9f46
Sha256: 332ee40a50aa6601efbcbca02bed57698e18e59df4797a2acc6bc1e8e6b67d0e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bir.party
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: _ga=GA1.2.1109456284.1503423553; _gid=GA1.2.1543314433.1503423553; _gat=1

                                         
                                         104.238.167.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Tue, 22 Aug 2017 17:39:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   656
Md5:    2ce2bdb60d06f7e1bbf6cb3d061a2951
Sha1:   06c2324352b095892ea322a6bc82722af5dc3719
Sha256: 96c829346d92d8fae1d925a0db71fdaed16e490adcb772dbcb1161c887885383
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: frstlead.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=12%7CNO%7C03%7COSLO%7CXDSL%7CPOWERTECH+INFORMATION+SYSTEMS+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1503423555; OAID=26580a30a90a00169c475193e346fc0a; OXVAR=bGd5RHdOb3psa1BNc3A0WFZ4aW9EMkFqaEwvVjBOVjBrUE9WT2Iyd3hIMVJrb1psdWE3MGJKaGU3SGFmRE1TYw; pbk2=369c518107d771a1c2d308c245638eeb6457155002468461451; ltm_afu=1; f3d5bb63c9dbdcfb475795d659c65a4e=89KsVUbUAzW7MgxhILEmPDOwQjRBc-X8ksrS8tCGG7c; ppucnt=1; ppucntstart=1503423555; allcnt=1; _OACCAP[919684]=1; _OACBLOCK[919684]=1503423555; _OXCCLK[919684]=1; _OXPCLK[91529]=1

                                         
                                         194.187.98.182
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Tue, 22 Aug 2017 17:39:17 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: fastcloudway.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: jdha8jd=76a793904eac064d366b91a6f1d38df8ae86197a791b200f4e; unq_1177000=2017-08-22T17:39:15; dksd92=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA

                                         
                                         130.211.9.122
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:16 GMT
Content-Length: 1245
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1245
Md5:    5343c1a8b203c162a3bf3870d9f50fd4
Sha1:   04b5b886c20d88b57eea6d8ff882624a4ac1e51d
Sha256: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
                                        
                                            GET /tcmodal/tcmodal.css?v=1.2 HTTP/1.1 
Host: staticjs.obox.netdna-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         198.232.127.32
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 22 Aug 2017 17:39:17 GMT
Last-Modified: Mon, 27 Jun 2016 10:38:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"57710212-58b"
Server: NetDNA-cache/2.2
Expires: Tue, 22 Aug 2017 17:39:17 GMT
Cache-Control: max-age=0
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   545
Md5:    4d52c94ec710b63770a03a083d18795c
Sha1:   8b605a07e923eda4d017517462670575ebba48ec
Sha256: 77fc596bc0fa86c4bda9ec8c86e9c65f275cf891ac87358e89d6b68cbc2e4014
                                        
                                            GET /ack/75307661475F3246556E3354385F3344?rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA HTTP/1.1 
Host: toij.directclicksonly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         130.211.9.122
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: http://www.theprofitsmaker.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Cache-Control
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:42 GMT
Content-Length: 253
Via: 1.1 google


--- Additional Info ---
Magic:  exported SGML document text
Size:   253
Md5:    9eec67491961a21d663a8d64e98e4118
Sha1:   d4100c15fa54814ed8d436749449698a9b1010a1
Sha256: 0b262167600c2492aa61a341aa3aa72c90d573ab46d93d3d10991e03716ca507
                                        
                                            GET /tse/tracking.js?v=2A45A1222D21A5173BC747E8296BAE2F691C6C8F1B0488A8345C3AC7A7311C2F HTTP/1.1 
Host: www.clictrkid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         130.211.9.122
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-cache
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: http://www.theprofitsmaker.net, *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Cache-Control
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:17 GMT
Content-Length: 34771
Via: 1.1 google


--- Additional Info ---
Magic:  ASCII English text, with very long lines, with CRLF, LF line terminators
Size:   34771
Md5:    cc9edb7a8ee466b096aa798ad4cfc27b
Sha1:   63d6b98d6162cdd52aefd4f75d0d7d024a526629
Sha256: 2a45a1222d21a5173bc747e8296bae2f691c6c8f1b0488a8345c3ac7a7311c2f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /B2439_A41266_TClick.aspx HTTP/1.1 
Host: partners.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; ASP.NET_SessionId=25vn2djwhlw0wwktdiqriowf; AffiliateWizAffiliateID=AffiliateID=41266&ClickBannerID=2439&SubAffiliateID=&Custom=&ClickDateTime=8/22/2017 5:39:16 PM&UserUniqueIdentifier=c31353af-d339-4264-a470-5f2b5d2fb53f; RequestURL=URL=http://partners.etoro.com/aw.aspx?b=2439&a=41266&task=click

                                         
                                         107.154.116.121
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: http://partners.etoro.com/aw.aspx?B=2439&A=41266&Task=Click
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:16 GMT
X-Cnection: close
Content-Length: 190
X-Frame-Options: SAMEORIGIN
X-Iinfo: 11-19761213-19754058 SNNN RT(1503423555069 1573) q(0 0 0 -1) r(0 0) U11
X-CDN: Incapsula


--- Additional Info ---
Magic:  HTML document text
Size:   190
Md5:    2368be595957495c541fe241a831f714
Sha1:   325aa032bbe8b47b4089540909c24eaaa5be1b9a
Sha256: 160dd29d216936fce8764101d2477271c24ebc58c03ae97e234fd01174ab3fb7
                                        
                                            GET /tr/?id=1806130083042847&ev=system&rl=&if=false&ts=1486557238696&cd%5Bsystemname%5D=profitsmaker-NO&v=2.5.1 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         31.13.66.36
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 22 Aug 2017 17:39:17 GMT
Expires: Tue, 22 Aug 2017 17:39:17 GMT
Last-Modified: Fri, 21 Dec 2012 00:00:01 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Set-Cookie: fr=0iVRLFeVseNSKVRnD..BZnGxF...1.0.BZnGxF.; expires=Monday, 20-Nov-2017 17:39:17 GMT; path=/; domain=.facebook.com; HttpOnly; secure
Server: proxygen
Connection: keep-alive
Content-Length: 44


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   44
Md5:    b798f4ce7359fd815df4bdf76503b295
Sha1:   f8cc6addf1707ad236ad9970b0a48f9733d07da5
Sha256: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
                                        
                                            GET /aw.aspx?B=2439&A=41266&Task=Click HTTP/1.1 
Host: partners.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; ASP.NET_SessionId=25vn2djwhlw0wwktdiqriowf; AffiliateWizAffiliateID=AffiliateID=41266&ClickBannerID=2439&SubAffiliateID=&Custom=&ClickDateTime=8/22/2017 5:39:16 PM&UserUniqueIdentifier=c31353af-d339-4264-a470-5f2b5d2fb53f; RequestURL=URL=http://partners.etoro.com/aw.aspx?b=2439&a=41266&task=click

                                         
                                         107.154.116.121
HTTP/1.1 301 Moved Permanently
                                        
Cache-Control: private
Content-Length: 0
Location: http://pages.etoro.com/lp/rankings-lp/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
P3P: CP=`NOI DSP COR NID ADMa OPTa OUR NOR`
Set-Cookie: AffiliateWizAffiliateID=AffiliateID=41266&ClickBannerID=2439&SubAffiliateID=&Custom=&ClickDateTime=8/22/2017 5:39:17 PM&UserUniqueIdentifier=c31353af-d339-4264-a470-5f2b5d2fb53f; domain=.etoro.com; expires=Sat, 21-Oct-2017 00:00:00 GMT; path=/ RequestURL=URL=http://partners.etoro.com/aw.aspx?b=2439&a=41266&task=click; domain=.etoro.com; expires=Thu, 21-Sep-2017 00:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:17 GMT
X-Cnection: close
X-Frame-Options: SAMEORIGIN
X-Iinfo: 3-5258558-5258559 SNNN RT(1503423555195 1818) q(0 0 0 -1) r(0 0) U11
X-CDN: Incapsula


--- Additional Info ---
                                        
                                            GET /lp/rankings-lp/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html HTTP/1.1 
Host: pages.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; AffiliateWizAffiliateID=AffiliateID=41266&ClickBannerID=2439&SubAffiliateID=&Custom=&ClickDateTime=8/22/2017 5:39:16 PM&UserUniqueIdentifier=c31353af-d339-4264-a470-5f2b5d2fb53f; RequestURL=URL=http://partners.etoro.com/aw.aspx?b=2439&a=41266&task=click

                                         
                                         107.154.116.121
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 22 Aug 2017 17:39:24 GMT
Server: Apache
Location: https://pages.etoro.com/lp/welcome/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html
Content-Length: 418
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Set-Cookie: visid_incap_773285=0IdWYuHzTiu7+nkt9fcnEkVsnFkAAAAAQUIPAAAAAABrnTzMPAVivzKKHOkbJ043; expires=Wed, 22 Aug 2018 10:00:04 GMT; path=/; Domain=.etoro.com nlbi_773285=EjUtO1KCrx3jDPRBcVNDdAAAAAB8ilB3YstiljguflHSvOca; path=/; Domain=.etoro.com incap_ses_723_773285=iWIwXvoTkDo9Pq3/vZwICkVsnFkAAAAAy4/Tju+8Gv8fWG32PlIk/A==; path=/; Domain=.etoro.com ___utmvmiyuOIsS=evWtCdWXfhf; path=/; Max-Age=900 ___utmvaiyuOIsS=CnpGKNI; path=/; Max-Age=900 ___utmvbiyuOIsS=LZB XHZOFaln: oti; path=/; Max-Age=900
X-Iinfo: 11-19761238-19761329 PNNN RT(1503423555369 1650) q(0 0 0 0) r(0 0) U11
X-CDN: Incapsula


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   418
Md5:    438fb3c6e0b2dac941099836d15de81a
Sha1:   cd5c640985f3f98ba5a59e6d5f82f05535f942e1
Sha256: 7c687d6409567b571298df01002d5d073eaa3b41f8a85e3c2cd5e2a93388bfc9
                                        
                                            GET /tse/tse?r=&u=http%3A%2F%2Fwww.theprofitsmaker.net%2Flp%2Fstno%2Fhaax.html%3FRefCode%3Dd3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA%26rfx%3Dd3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA%26t%3D56248013&eveid=d11e7a77876011e7b17aaca9c1ce9a93&tgt=null&bu=1503423557942 HTTP/1.1 
Host: www.clictrkid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         130.211.9.122
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: http://www.theprofitsmaker.net, *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Cache-Control
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
X-AspNetMvc-Version: 5.2
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-AspNet-Version: 4.0.30319
Set-Cookie: jdha8jd=9817f00fe4bca0598a11bbd0ae534505cb6b54ded62f80d25d; expires=Fri, 17-Aug-2018 17:39:18 GMT; path=/ dksd92=d2dda077876011e7893e05d26bb76fab; expires=Mon, 20-Nov-2017 17:39:18 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 22 Aug 2017 17:39:18 GMT
Content-Length: 81
Via: 1.1 google


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   81
Md5:    2c2ca884ee355409f776bc1f97e14f0c
Sha1:   94cafa08c88d4b68a229d5c1258aa9cfc866a156
Sha256: ce25a4052ae7b3406fac1e28a51626ae9750602b4fde3b44bbfdbfdca3182bf2
                                        
                                            GET /lp/rankings-lp/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html HTTP/1.1 
Host: pages.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; AffiliateWizAffiliateID=AffiliateID=41266&ClickBannerID=2439&SubAffiliateID=&Custom=&ClickDateTime=8/22/2017 5:39:17 PM&UserUniqueIdentifier=c31353af-d339-4264-a470-5f2b5d2fb53f; RequestURL=URL=http://partners.etoro.com/aw.aspx?b=2439&a=41266&task=click

                                         
                                         107.154.116.121
HTTP/1.1 301 Moved Permanently
                                        
Location: https://pages.etoro.com/lp/rankings-lp/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html
Content-Length: 0
Connection: close


--- Additional Info ---
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Aug 2017 17:39:18 GMT
Expires: Sat, 26 Aug 2017 17:39:18 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /GP/NOR-MethodLong.ogv HTTP/1.1 
Host: 50.7.89.82
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=49934336-

                                         
                                         50.7.89.82
HTTP/1.1 206 Partial Content
Content-Type: video/ogg
                                        
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 22 Aug 2017 17:39:18 GMT
Content-Length: 4784
Last-Modified: Thu, 28 Apr 2016 12:04:40 GMT
Connection: keep-alive
Etag: "5721fc58-2fa02b0"
Content-Range: bytes 49934336-49939119/49939120


--- Additional Info ---
Magic:  data
Size:   4784
Md5:    88bc3e0d1f2d4b54e2e6b0490df44310
Sha1:   66e2a73d60d534e8472e942464dead56dd2a70ca
Sha256: 4369d79bc4e202adc210f3cfc6934cf3861c69c11ef6c56b8ccb87c8ea72fe10
                                        
                                            GET /?oftc=82379 HTTP/1.1 
Host: www.24option.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         104.20.53.58
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 22 Aug 2017 17:39:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd5dc655a711f96e8ec74c3a67b8fa0a41503423558; expires=Wed, 22-Aug-18 17:39:18 GMT; path=/; domain=.24option.com; HttpOnly
Accept-Ranges: bytes
Cache-Control: private, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://www.24option.com/eu/?oftc=82379
Server: cloudflare-nginx
CF-RAY: 39279c563c8842bb-OSL


--- Additional Info ---
                                        
                                            GET /GP/NOR-MethodLong.ogv HTTP/1.1 
Host: 50.7.89.82
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=49930240-

                                         
                                         50.7.89.82
HTTP/1.1 206 Partial Content
Content-Type: video/ogg
                                        
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 22 Aug 2017 17:39:18 GMT
Content-Length: 8880
Last-Modified: Thu, 28 Apr 2016 12:04:40 GMT
Connection: keep-alive
Etag: "5721fc58-2fa02b0"
Content-Range: bytes 49930240-49939119/49939120


--- Additional Info ---
Magic:  data
Size:   8880
Md5:    03503f9f20d46f1b0ceb289ebf6d5071
Sha1:   797ba8f9d10ffa555690db5b20a84c1b3b4e96f2
Sha256: a7f8a01a052c70af44a35e64d4381e755b845b645c30c0320e55aca937db3f14
                                        
                                            GET /lp/rankings-lp/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html HTTP/1.1 
Host: pages.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; AffiliateWizAffiliateID=AffiliateID=41266&ClickBannerID=2439&SubAffiliateID=&Custom=&ClickDateTime=8/22/2017 5:39:17 PM&UserUniqueIdentifier=c31353af-d339-4264-a470-5f2b5d2fb53f; RequestURL=URL=http://partners.etoro.com/aw.aspx?b=2439&a=41266&task=click; visid_incap_773285=0IdWYuHzTiu7+nkt9fcnEkVsnFkAAAAAQUIPAAAAAABrnTzMPAVivzKKHOkbJ043; nlbi_773285=EjUtO1KCrx3jDPRBcVNDdAAAAAB8ilB3YstiljguflHSvOca; incap_ses_723_773285=iWIwXvoTkDo9Pq3/vZwICkVsnFkAAAAAy4/Tju+8Gv8fWG32PlIk/A==; ___utmvmiyuOIsS=evWtCdWXfhf; ___utmvaiyuOIsS=CnpGKNI; ___utmvbiyuOIsS=LZB XHZOFaln: oti

                                         
                                         107.154.116.121
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 22 Aug 2017 17:39:25 GMT
Server: Apache
Location: https://pages.etoro.com/lp/welcome/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html
Content-Length: 418
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Set-Cookie: visid_incap_773285=0IdWYuHzTiu7+nkt9fcnEkVsnFkAAAAAQUIPAAAAAABrnTzMPAVivzKKHOkbJ043; expires=Wed, 22 Aug 2018 10:00:04 GMT; path=/; Domain=.etoro.com incap_ses_723_773285=iWIwXvoTkDo9Pq3/vZwICkVsnFkAAAAAy4/Tju+8Gv8fWG32PlIk/A==; path=/; Domain=.etoro.com ___utmvbiyuOIsS=a; Max-Age=0; path=/; expires=Tue, 15 Aug 2017 09:58:09 GMT ___utmvaiyuOIsS=a; Max-Age=0; path=/; expires=Tue, 15 Aug 2017 09:58:09 GMT ___utmvmiyuOIsS=a; Max-Age=0; path=/; expires=Tue, 15 Aug 2017 09:58:09 GMT
X-Iinfo: 11-19761238-19761329 SNNN RT(1503423555369 1898) q(0 0 0 -1) r(1 1) U11
X-CDN: Incapsula


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   418
Md5:    438fb3c6e0b2dac941099836d15de81a
Sha1:   cd5c640985f3f98ba5a59e6d5f82f05535f942e1
Sha256: 7c687d6409567b571298df01002d5d073eaa3b41f8a85e3c2cd5e2a93388bfc9
                                        
                                            GET /?oftc=82379&RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013 HTTP/1.1 
Host: www.24option.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://toij.directclicksonly.com/ack/75307661475F3246556E3354385F3344?rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA

                                         
                                         104.20.53.58
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 22 Aug 2017 17:39:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd230bd5e6081d90c74a31ef6c230313f1503423558; expires=Wed, 22-Aug-18 17:39:18 GMT; path=/; domain=.24option.com; HttpOnly
Accept-Ranges: bytes
Cache-Control: private, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://www.24option.com/eu/?oftc=82379&RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Server: cloudflare-nginx
CF-RAY: 39279c569cf042bb-OSL


--- Additional Info ---
                                        
                                            GET /s/montserrat/v10/zhcz-_WihjSQC0oHJ9TCYBsxEYwM7FgeyaSgU71cLG0.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: http://www.theprofitsmaker.net

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18800
Date: Fri, 04 Aug 2017 12:34:07 GMT
Expires: Sat, 04 Aug 2018 12:34:07 GMT
Last-Modified: Thu, 09 Feb 2017 01:12:56 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1573511
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   18800
Md5:    b20cc131034316b1c85d0498fb9ed5c5
Sha1:   ac2cc2149094816f45d610f6d7097c4237ac607a
Sha256: d0701b4b784dd0fa0c69a6d5ce17c785afa4465e53cab2e8262cd62ecd60cbf8
                                        
                                            GET /GP/NOR-MethodLong.ogv HTTP/1.1 
Host: 50.7.89.82
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=49926144-

                                         
                                         50.7.89.82
HTTP/1.1 206 Partial Content
Content-Type: video/ogg
                                        
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 22 Aug 2017 17:39:18 GMT
Content-Length: 12976
Last-Modified: Thu, 28 Apr 2016 12:04:40 GMT
Connection: keep-alive
Etag: "5721fc58-2fa02b0"
Content-Range: bytes 49926144-49939119/49939120


--- Additional Info ---
Magic:  data
Size:   12976
Md5:    409b01b015a1312d08244e227ae2c204
Sha1:   42177c020cde1fe44f13b0566799f3935a4afe20
Sha256: 350933e1b0d067024b2efda81639110747aa6e342bee17d62e1ca8a00ad0b7d5
                                        
                                            GET /lp/welcome/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html HTTP/1.1 
Host: pages.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; AffiliateWizAffiliateID=AffiliateID=41266&ClickBannerID=2439&SubAffiliateID=&Custom=&ClickDateTime=8/22/2017 5:39:17 PM&UserUniqueIdentifier=c31353af-d339-4264-a470-5f2b5d2fb53f; RequestURL=URL=http://partners.etoro.com/aw.aspx?b=2439&a=41266&task=click; visid_incap_773285=0IdWYuHzTiu7+nkt9fcnEkVsnFkAAAAAQUIPAAAAAABrnTzMPAVivzKKHOkbJ043; nlbi_773285=EjUtO1KCrx3jDPRBcVNDdAAAAAB8ilB3YstiljguflHSvOca; incap_ses_723_773285=iWIwXvoTkDo9Pq3/vZwICkVsnFkAAAAAy4/Tju+8Gv8fWG32PlIk/A==; ___utmvmiyuOIsS=evWtCdWXfhf; ___utmvaiyuOIsS=CnpGKNI; ___utmvbiyuOIsS=LZB XHZOFaln: oti

                                         
                                         107.154.116.121
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 22 Aug 2017 17:39:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Set-Cookie: visid_incap_773285=0IdWYuHzTiu7+nkt9fcnEkVsnFkAAAAAQUIPAAAAAABrnTzMPAVivzKKHOkbJ043; expires=Wed, 22 Aug 2018 10:00:10 GMT; path=/; Domain=.etoro.com incap_ses_723_773285=iWIwXvoTkDo9Pq3/vZwICkVsnFkAAAAAy4/Tju+8Gv8fWG32PlIk/A==; path=/; Domain=.etoro.com ___utmvbiyuOIsS=a; Max-Age=0; path=/; expires=Tue, 15 Aug 2017 09:58:09 GMT ___utmvaiyuOIsS=a; Max-Age=0; path=/; expires=Tue, 15 Aug 2017 09:58:09 GMT ___utmvmiyuOIsS=a; Max-Age=0; path=/; expires=Tue, 15 Aug 2017 09:58:09 GMT
X-Iinfo: 1-1740945-1740946 NNNN CT(38 81 0) RT(1503423557209 140) q(0 0 1 -1) r(2 2) U10000
X-CDN: Incapsula
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data
Size:   11113
Md5:    1dfa0cb8d0b1aab46000ec94fac0522d
Sha1:   66b4d47e9004f664de94944c02b4b921aacd70f0
Sha256: 3407b3179a7c44d030573886e7777c57591c7f64c913f7b737b84cdcfd55254b
                                        
                                            GET /tr/?id=1806130083042847&ev=PageView&rl=&if=false&ts=1486557238692&v=2.5.1 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013

                                         
                                         31.13.66.36
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 22 Aug 2017 17:39:18 GMT
Expires: Tue, 22 Aug 2017 17:39:18 GMT
Last-Modified: Fri, 21 Dec 2012 00:00:01 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Set-Cookie: fr=0wceeoZoMCgtKLyZw..BZnGxG...1.0.BZnGxG.; expires=Monday, 20-Nov-2017 17:39:18 GMT; path=/; domain=.facebook.com; HttpOnly; secure
Server: proxygen
Connection: keep-alive
Content-Length: 44


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   44
Md5:    b798f4ce7359fd815df4bdf76503b295
Sha1:   f8cc6addf1707ad236ad9970b0a48f9733d07da5
Sha256: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
                                        
                                            GET /eu/?oftc=82379&RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013 HTTP/1.1 
Host: www.24option.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://toij.directclicksonly.com/ack/75307661475F3246556E3354385F3344?rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA
Cookie: __cfduid=dd230bd5e6081d90c74a31ef6c230313f1503423558

                                         
                                         104.20.53.58
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 22 Aug 2017 17:39:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: private, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://www.24option.com/eu/binary-cfd/?oftc=82379&RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Server: cloudflare-nginx
CF-RAY: 39279c58de4c42bb-OSL


--- Additional Info ---
                                        
                                            GET /s/montserrat/v10/IQHow_FEYlDC4Gzy_m8fcgFhaRv2pGgT5Kf0An0s4MM.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: http://www.theprofitsmaker.net

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19012
Date: Fri, 04 Aug 2017 10:28:27 GMT
Expires: Sat, 04 Aug 2018 10:28:27 GMT
Last-Modified: Thu, 09 Feb 2017 01:14:05 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1581051
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   19012
Md5:    81826529772e52f0f14a4c73c2f2c7f1
Sha1:   dd7c8f645e1ca6b0df410afdb2128696ae119ea3
Sha256: 713bad35e12182d091cff60cd893719d62b814b836efe3c3b0451020da5c1471
                                        
                                            GET /eu/?oftc=82379 HTTP/1.1 
Host: www.24option.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: __cfduid=dd5dc655a711f96e8ec74c3a67b8fa0a41503423558

                                         
                                         104.20.53.58
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 22 Aug 2017 17:39:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: private, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://www.24option.com/eu/binary-cfd/?oftc=82379
Server: cloudflare-nginx
CF-RAY: 39279c572d6f42bb-OSL


--- Additional Info ---
                                        
                                            GET /lp/welcome/?dl=30000239&utm_medium=Affiliate&utm_source=41266&utm_content=2439&utm_serial=&utm_campaign=&utm_term=http://www.theprofitsmaker.net/lp/stno/haax.html HTTP/1.1 
Host: pages.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: visid_incap_172517=4hzG8BOCTYCtcjOjg39MfENsnFkAAAAAQUIPAAAAAADlFdUpea4kdEuRvFx5CU+o; incap_ses_723_172517=dB1YXLMki0oePa3/vZwICkNsnFkAAAAA8feD2c2em2ybFe/DmFLx4Q==; AffiliateWizAffiliateID=AffiliateID=41266&ClickBannerID=2439&SubAffiliateID=&Custom=&ClickDateTime=8/22/2017 5:39:17 PM&UserUniqueIdentifier=c31353af-d339-4264-a470-5f2b5d2fb53f; RequestURL=URL=http://partners.etoro.com/aw.aspx?b=2439&a=41266&task=click; visid_incap_773285=0IdWYuHzTiu7+nkt9fcnEkVsnFkAAAAAQUIPAAAAAABrnTzMPAVivzKKHOkbJ043; nlbi_773285=EjUtO1KCrx3jDPRBcVNDdAAAAAB8ilB3YstiljguflHSvOca; incap_ses_723_773285=iWIwXvoTkDo9Pq3/vZwICkVsnFkAAAAAy4/Tju+8Gv8fWG32PlIk/A==

                                         
                                         107.154.116.121
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 22 Aug 2017 17:39:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
X-Iinfo: 11-19761238-19761329 SNNN RT(1503423555369 2736) q(0 0 0 -1) r(0 0) U10000
X-CDN: Incapsula
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data
Size:   11113
Md5:    3eba613c38c3e49bf84f73505bb547cd
Sha1:   73bd0293aab248043a16160d5da36b4872ef9198
Sha256: 31f69727f982ab6f8ea54f2e7e71566002b332a4bdc7f54dbdbc6a39009a7983
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.theprofitsmaker.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: dksd92=d2dda077876011e7893e05d26bb76fab

                                         
                                         198.232.125.32
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 22 Aug 2017 17:39:19 GMT
Content-Length: 1150
Connection: keep-alive
Last-Modified: Wed, 04 May 2016 16:56:41 GMT
Etag: "572a29c9-47e"
Server: NetDNA-cache/2.2
Expires: Wed, 23 Aug 2017 17:39:19 GMT
Cache-Control: max-age=86400
X-Cache: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   9940
Md5:    7398e2ac2b67294aea78592a13d26c35
Sha1:   b30ed8c5725fcaae45ee8c22284b087a4e0faeee
Sha256: 1e2317ac7f1d6b573d3bd12e4eda8927482721a4834dc9b8c638ae3f9cb2ce68
                                        
                                            GET /GP/NOR-MethodLong.ogv HTTP/1.1 
Host: 50.7.89.82
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=86016-

                                         
                                         50.7.89.82
HTTP/1.1 206 Partial Content
Content-Type: video/ogg
                                        
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 22 Aug 2017 17:39:18 GMT
Content-Length: 49853104
Last-Modified: Thu, 28 Apr 2016 12:04:40 GMT
Connection: keep-alive
Etag: "5721fc58-2fa02b0"
Content-Range: bytes 86016-49939119/49939120


--- Additional Info ---
                                        
                                            GET /eu/binary-cfd/?oftc=82379 HTTP/1.1 
Host: www.24option.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theprofitsmaker.net/lp/stno/haax.html?RefCode=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&rfx=d3oe0WCH5xGxeqypwc6akwqPURAAAAAAA8LguAAAAAAA&t=56248013
Cookie: __cfduid=dd230bd5e6081d90c74a31ef6c230313f1503423558

                                         
                                         104.20.53.58
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 22 Aug 2017 17:39:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, must-revalidate, proxy-revalidate, no-store
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Server: cloudflare-nginx
CF-RAY: 39279c5c781742bb-OSL
Content-Encoding: gzip


--- Additional Info ---