Adware.GenericKD.3648311_f583b9474f

not-a-virus:AdWare.NSIS.Agent.iv (Kaspersky), Adware.GenericKD.3646019 (B) (Emsisoft), Adware.GenericKD.3648311 (AdAware), Trojan.NSIS.StartPage.FD, GenericInjector.YR (Lavasoft MAS)Behaviour: Trojan, Adware

The description has been automatically generated by Lavasoft Malware Analysis System and it may contain incomplete or inaccurate information.

..U..

.k.....i..........,w.E.....5 ...c}.@>...qQ..&.....#\>.....8DSC.........!............e....m.....u......a.r.....C.......&....o.&-....c......C.e..=e.U.k.\L.>.$H.

.ps...g.....e

...

(V.XS...E...;..u)D.9<.uc....6....}...3*...q..T...z.... U9.w......N?-.hM.$.o.=...._4>..qI

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:21 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=7q1ukpgiccdju7q7ekqfo5ffr2; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341018943668; expires=Mon, 06-Nov-2017 12:08:21 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434101; expires=Mon, 06-Nov-2017 12:08:21 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:21 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=39,59,15,84,54,9,2,38,24,27; expires=Mon, 06-Nov-2017 12:08:21 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w1|WB8dO|WB8dO; path=/

GET /ocsp/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBTy4Gr5hYodjXCbSRkjeqm1Gih+ZAQUSt0GFhu89mi1dvWBtrtiGrpagS8CCB2zJf1Xylv2 HTTP/1.1

Connection: Keep-Alive

Accept: */*

User-Agent: Microsoft-CryptoAPI/6.1

Host: clients1.google.com

HTTP/1.1 200 OK

Content-Type: application/ocsp-response

Date: Wed, 02 Nov 2016 19:55:20 GMT

Expires: Sun, 06 Nov 2016 19:55:20 GMT

Server: ocsp_responder

Content-Length: 463

X-XSS-Protection: 1; mode=block

X-Frame-Options: SAMEORIGIN

Age: 317603

Cache-Control: public, max-age=345600

0..........0..... .....0......0...0......J......h.v....b..Z./..20161102070147Z0k0i0A0... ..........j.....p.I.#z...(~d..J......h.v....b..Z./....%.W.[.....20161102070147Z....20161109070147Z0...*.H.............V....R4F..k.g.......^.......E_I.........h...I.@...E...dT.8.`...y..c...|..8s~..7.`W......".......WH..w..r.V......5.An.g~.#...d..Y&.DT3.!|.q..:.\\.u.....a...gw.z...H..5..(..0...O.2....w....H...x.V.........>.A.u ....z....fko.....X..8M....H..f>.;j./.o... .`.T.HTTP/1.1 200 OK..Content-Type: application/ocsp-response..Date: Wed, 02 Nov 2016 19:55:20 GMT..Expires: Sun, 06 Nov 2016 19:55:20 GMT..Server: ocsp_responder..Content-Length: 463..X-XSS-Protection: 1; mode=block..X-Frame-Options: SAMEORIGIN..Age: 317603..Cache-Control: public, max-age=345600..0..........0..... .....0......0...0......J......h.v....b..Z./..20161102070147Z0k0i0A0... ..........j.....p.I.#z...(~d..J......h.v....b..Z./....%.W.[.....20161102070147Z....20161109070147Z0...*.H.............V....R4F..k.g.......^.......E_I.........h...I.@...E...dT.8.`...y..c...|..8s~..7.`W......".......WH..w..r.V......5.An.g~.#...d..Y&.DT3.!|.q..:.\\.u.....a...gw.z...H..5..(..0...O.2....w....H...x.V.........>.A.u ....z....fko.....X..8M....H..f>.;j./.o... .`.T...

GET /installer/progress?section=2.0&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:13 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=jlsgq50hs57bg9pfqdn4qbm7l1; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784340939525590; expires=Mon, 06-Nov-2017 12:08:13 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434093; expires=Mon, 06-Nov-2017 12:08:13 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:13 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:13 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w32|WB8dM|WB8dM; path=/

GET /widgets.js?1.00401.0 HTTP/1.1

Accept: application/javascript, */*;q=0.8

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: platform.twitter.com

Connection: Keep-Alive

HTTP/1.1 200 OK

Last-Modified: Tue, 01 Nov 2016 23:44:43 GMT

Cache-Control: public, max-age=1800

Content-Type: application/javascript; charset=utf-8

Etag: "fbfd77ed3a7a01d7ce6ff7ca0baa7a4d gzip"

Content-Encoding: gzip

Content-Length: 32775

Accept-Ranges: bytes

Date: Sun, 06 Nov 2016 12:08:41 GMT

Via: 1.1 varnish

Age: 1080

Connection: keep-alive

X-Served-By: cache-tw-fra1-cr1-3-TWFRA1

X-Cache: HIT

X-Timer: S1478434121.386304,VS0,VE0

Vary: Accept-Encoding,Host

P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

............k{.F.0.....0Y..[...m.....L4...J....=.............OU....(..d..'y.......u..."..$.\..{.ssS........9.z7.H.xs..~....w......A.......2..b.(y...g.w...@..fp~^.TU..i?.n...W....4.c......|r=..{O.......Uyw.w...w.L..$;..^-.......</.r|...$.W..|..-Y......7F...Za.(LS7Q-........Z.1.?,..,.'.....@O.`9L#/\....-.!.......b....../.}.../.XrR.mnF.......yz.F.........{I....$<.r..^.X....j....U2.\O.6[.).....5 .\..n.......'PAQ(.x'vc..ArR........u.....,....`K.<-....`G...<Z.......)...w.....p.]........X^....V\.v.2*.y.x.|..(p*....%.........(y.8.j......m..~..<.E...qxqp..@.]....<....g...w-?...bE...I..^....z.."..x...P.Q.....K...........EU...v|G....."....;.....}...").|....<L..=..*..4..............W^..8}.e.........$:x.................3.|x..EO.............>.Q.tg..$..a..........~4......)......d..p...y/..6=..^.Eq..`............g...dvwv.......>.2..2|.>}.wG{;...~L..>....=.w.D....`4}...._..x7zJ........'.......C.......`|.........tX...g...$...[.)..p .QP.......y.oo.......bL....(.m;..Co........9....y...{....v<V..=....}R?G....b......w....w....yo.cs,.....>.0..P.2p..3.....c.].m..K..~1.........p`.?...}_....n.w.....!.......v.|E..a)....5.s.Ma.4&8.y..q........,../....b .^......8..c......../......x.^r8.....v.....,>.........,...QB.......".L2.>(..z%...<.E.L......TR~.........E..uT[..Y...5YH<U..UR....Cb...Q.J-[.....GU.A..:..............p.@....S.......*,e...9.t.I....Z..&E......?.oz.._..:.9.....co....$..%....h.z..'.)._........MWU....F^og8...._-..........Y.U.r..X.i......./..i.YU$....../...Ub....?>..x......-..{

<<< skipped >>>

GET /index.php?firstrun=1&lp=1&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

Accept: text/html, application/xhtml xml, */*

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434107; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34

HTTP/1.1 302 Found

Date: Sun, 06 Nov 2016 12:08:40 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=rlivefmasanafnoloud4mvv1v1; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wal=1478434120; expires=Mon, 06-Nov-2017 12:08:40 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:40 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:40 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:40 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Location: /signup?aid=3673&inline=0&afr=0

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w20|WB8dS|WB8dS; path=/

GET /MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6kg== HTTP/1.1

Cache-Control: max-age = 564348

Connection: Keep-Alive

Accept: */*

If-Modified-Since: Wed, 12 Oct 2016 22:33:53 GMT

User-Agent: Microsoft-CryptoAPI/6.1

Host: g.symcd.com

HTTP/1.1 200 OK

Server: nginx/1.4.7

Content-Type: application/ocsp-response

Content-Length: 1362

content-transfer-encoding: binary

Cache-Control: max-age=593013, public, no-transform, must-revalidate

Last-Modified: Sun, 6 Nov 2016 08:48:44 GMT

Expires: Sun, 13 Nov 2016 08:48:44 GMT

Date: Sun, 06 Nov 2016 12:08:43 GMT

Connection: keep-alive

0..N......G0..C.. .....0.....40..00.......j.#.p.e$.\ps.*.. .j..20161106084844Z0f0d0<0... ..........9.....yP..`...<.......*.A.....>U....... ...:.....20161106084844Z....20161113084844Z0...*.H....................?....@~...r[...0}..r.lg..........Y.....9F3.DOzk..}.B..'.....)......e"J~].G.a.......1.g.' .......w..f,.J.D...#..E....=6{....!9....t!.T.y....2NT.9.h.S.......N...f...... .a.....5X......10....L..@.Q.A.1....mq.@.....b...D...K...v,AiX..1....5F=..X.....2U.....0...0..|0..d........:.0...*.H........0B1.0...U....US1.0...U....GeoTrust Inc.1.0...U....GeoTrust Global CA0...151203170230Z..161214170230Z02100...U...'GeoTrust Global CA TGV OCSP Responder 40.."0...*.H.............0.........[.c.#zj......RME.....,......(..U......!-.l..R..E.~..%."./8mv..D...*...Rx........mw.~2..Q5T\.H...Wk*..a.z.$._..T......;T.S.r(._*.G....^.P.!.3..t.......s......P....C._.g.b.oK...EV..>...>.|.o.~quo.............v4..Tt....Q.]A.Y......... w.E..=.%.n7.......{" *C........0..0...U.#..0....z.h.....d..}.}e...N0... .....0......0...U.%..0... .......0...U...........0...U.......0.0 ..U....0...0.1.0...U....TGV-C-670...*.H...............aEc<..'R......]C.ri.Zm.....|..B.$..76..h....l...Xbxua...C.X.S....~K..A..._.T@$.....9(.... ......\.*.....5.b.x...[QM.._9P.=..l...gf..L.?..3 ......Z....._...20R;...x.......C..0....l.G.A..5TS>d.U......w.(\....v..9.z7.....J..;..'...u.Y...BB.@.2u.e..eW..J.U....

<<< skipped >>>

POST /web/log?evt=10035&v=d9.75.1.48&os_mj=6&os_mn=1&os_bitness=32&mid=9c331592e812c97b86f3693753f893e6&uid=47936C0FEA50B790BD59E50713FEF01C&aid=3673&aid2=none&ts=1478434084&ts2= HTTP/1.1

Accept: */*

Accept-Encoding: gzip, deflate, sdch

Connection: close

Content-Length: 433

Content-Type: application/x-www-form-urlencoded

Host: VVV.technologieyvonlheureux.com

"Chrome"

"Chrome Media Router"

"Chrome Web Store Payments"

"Gmail"

"Google Docs"

"Google Docs Offline"

"Google Drive"

"YouTube

]

"Firefox"

"Default"

"Multi-process staged rollout"

"Pocket"

"Web Compat

]

"IE"

"Adobe PDF Link Helper"

"Java(tm) Plug-In 2 SSV Helper

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:19 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=gomt8vjejoqp9n1h5e9uhto307; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784340994137684; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434099; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=39,19,47,57,68,42,33,68,41,41; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w14|WB8dN|WB8dN; path=/

GET /installer/progress?section=3.0&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:14 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=idkkn56hjfddpc56i58dv2c426; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784340943821025; expires=Mon, 06-Nov-2017 12:08:14 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434094; expires=Mon, 06-Nov-2017 12:08:14 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:14 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:14 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w51|WB8dM|WB8dM; path=/

GET /installer/progress?section=5.0&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:22 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=ic3uqmv1992pb0bb9janpuicg5; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341027425325; expires=Mon, 06-Nov-2017 12:08:22 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434102; expires=Mon, 06-Nov-2017 12:08:22 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:22 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:22 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w66|WB8dO|WB8dO; path=/

GET /css?family=Signika:400,300,600,700 HTTP/1.1

Accept: text/css

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: fonts.googleapis.com

Connection: Keep-Alive

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8

Access-Control-Allow-Origin: *

Timing-Allow-Origin: *

Expires: Sun, 06 Nov 2016 12:08:44 GMT

Date: Sun, 06 Nov 2016 12:08:44 GMT

Cache-Control: private, max-age=86400

Content-Encoding: gzip

Transfer-Encoding: chunked

Server: ESF

X-XSS-Protection: 1; mode=block

X-Frame-Options: SAMEORIGIN

12e..............Mo.@.....bo`R.Z...5.6...=....,..5..........p i....l....i.'!..x...U.1i. x1.........A..h.B...P.#n..Y.z,..@h..x.a..&...(r"F._.I.v..3.y.L..JLb..R9..j.6..9.u}..G=T......r4...z.E..v.<.h...c...(t.0^..G._.)......"\......5Y..G?..3.d{.........y(...\.Y.#<9.fj&.....u.e.?......qZ.Tm*....[.)Y...@.........a.....-..y.....0..HTTP/1.1 200 OK..Content-Type: text/css; charset=utf-8..Access-Control-Allow-Origin: *..Timing-Allow-Origin: *..Expires: Sun, 06 Nov 2016 12:08:44 GMT..Date: Sun, 06 Nov 2016 12:08:44 GMT..Cache-Control: private, max-age=86400..Content-Encoding: gzip..Transfer-Encoding: chunked..Server: ESF..X-XSS-Protection: 1; mode=block..X-Frame-Options: SAMEORIGIN..12e..............Mo.@.....bo`R.Z...5.6...=....,..5..........p i....l....i.'!..x...U.1i. x1.........A..h.B...P.#n..Y.z,..@h..x.a..&...(r"F._.I.v..3.y.L..JLb..R9..j.6..9.u}..G=T......r4...z.E..v.<.h...c...(t.0^..G._.)......"\......5Y..G?..3.d{.........y(...\.Y.#<9.fj&.....u.e.?......qZ.Tm*....[.)Y...@.........a.....-..y.....0..

GET /js/min_fancybox.js?1.00401.0 HTTP/1.1

Accept: application/javascript, */*;q=0.8

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434120; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dS|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:41 GMT

Server: Apache/2.4.7 (Ubuntu)

Expires: Sun, 06 Nov 2016 14:08:41 GMT

Cache-Control: max-age=7200, public

Pragma: cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wal=1478434121; expires=Mon, 06-Nov-2017 12:08:41 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:41 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Length: 8131

Connection: close

Content-Type: application/javascript

Set-Cookie: APPSESSID=w20|WB8dT|WB8dS; path=/

Cache-control: private

...........=ks........1.!...I.....(....%.(..q. ..)H @..d...t..~.u..... ...%.Z..LOwOOO.f.mo...9.q...dh'~8#.]..i..4]...,.......vb..$..>...m......8I...g..,. %~HX?q..=..?...v].%.P...]..F$.N....A./.O........q<<.8&....x.....~.{..B.D....2t.'2.3.%{....g..:....?;K...7..t.'..(.y..........~z... .4!..x.........I...%.J@Hd.x(....L...^.Q<Otr.hI...h..y..S....N...G.^..S.."..}.\zf.tB.(.. *.(t}*%:h..f5g..X..D.........*..'.%v...Q."...OH......I.n.. ...?.b....%.B...t.....@...#. |zn.,.^..b............v.P....2.....u..|:..B{.!K..%,j.l.].g.!...(^.......{.....Y.....#L,.t..>...B..D.M. \p.C..sP.`.......L..Df...hL....?........~...w..g..................hL......|4.99>...?........x.?.....A..............h8..h..w.;....@B............tJx}..vD.qx4..-......3%.nt......>9.....'{.#rxrtx...g.;.......]....d..p...?....&b.&|.i.x.3(.vg...w.....wwt4.........X....p8...E>.y....}.9...............T.......h..Y..7>.....O......v......F...G....R.@..O.....t....xD.7...ztrx<:..`.?....>......>.......}F.(...:..a..G(_*.>.c.....`@..y,..2.?|.7z?......1}....,..8|.h...>.=..GUA.@.%].....;...i$...@%.#.>T...\..#.6..Z.MR.8.8.;AR..:...Qg.0..o..%.9.tf..*...6.$.2....<......y.&.qJ,R....Z6..lZW-.....3........2.qi......7.t.:.....N..."p......../N..J....l..@..X.a..5...r......Q..=....l.i.r...4.DB...8,-..<j...J.F....S.R4m@..t5".lon...9..&h...Z. ..Qe....w.*.*.<...Zi.mu.......!.....aD.... ..V$N...;T...PWHQ6..r....a...:..(..B...HH.bz.........}......ui.........A...C...}?..k..Y....g..RV._..S.gz...1o..;...."z.rXo...m2!f>.Et.n...A.8..R&..x

<<< skipped >>>

GET /crls/secureca.crl HTTP/1.1

Connection: Keep-Alive

Accept: */*

If-Modified-Since: Thu, 13 Oct 2016 09:30:22 GMT

If-None-Match: "b6a46da3cf1aa70c10b101b12c9733f4:1476351022"

User-Agent: Microsoft-CryptoAPI/6.1

Host: crl.geotrust.com

HTTP/1.1 200 OK

Server: Apache

ETag: "422ad394b282092665011bc408d8ad5e:1478433628"

Last-Modified: Sun, 06 Nov 2016 12:00:28 GMT

Date: Sun, 06 Nov 2016 12:08:42 GMT

Content-Length: 325

Connection: keep-alive

Content-Type: application/pkix-crl

0..A0..0...*.H........0N1.0...U....US1.0...U....Equifax1-0 ..U...$Equifax Secure Certificate Authority..161106114300Z..161116114300Z0,0....%...020514181157Z0.....3..020515130611Z0...*.H............X.Hb5b...*s0.!..J9.w9.t....!.....x....wlU...c@gf.r@.~.)8W%..........3.*_./..N7Y]6t..:....4.1Rh6...p....%.E.p......../....0../...HTTP/1.1 200 OK..Server: Apache..ETag: "422ad394b282092665011bc408d8ad5e:1478433628"..Last-Modified: Sun, 06 Nov 2016 12:00:28 GMT..Date: Sun, 06 Nov 2016 12:08:42 GMT..Content-Length: 325..Connection: keep-alive..Content-Type: application/pkix-crl..0..A0..0...*.H........0N1.0...U....US1.0...U....Equifax1-0 ..U...$Equifax Secure Certificate Authority..161106114300Z..161116114300Z0,0....%...020514181157Z0.....3..020515130611Z0...*.H............X.Hb5b...*s0.!..J9.w9.t....!.....x....wlU...c@gf.r@.~.)8W%..........3.*_./..N7Y]6t..:....4.1Rh6...p....%.E.p......../....0../.....

GET /installer/logging?evt=1&pge=0&pr=0&ar=0&dr=0&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:12 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=l03nh5jjfj1900d9hjf5ro0mu1; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784340926478105; expires=Mon, 06-Nov-2017 12:08:12 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434092; expires=Mon, 06-Nov-2017 12:08:12 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:12 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:12 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w2|WB8dL|WB8dL; path=/

GET /installer/progress?section=1.0&getinstructions=1&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:12 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=5jebfbutnmp140nudcmfb89o93; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784340921913994; expires=Mon, 06-Nov-2017 12:08:12 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434092; expires=Mon, 06-Nov-2017 12:08:12 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:12 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:12 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w9|WB8dL|WB8dL; path=/

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEATh56TcXPLzbcArQrhdFZ8= HTTP/1.1

Cache-Control: max-age = 511667

Connection: Keep-Alive

Accept: */*

If-Modified-Since: Thu, 13 Oct 2016 04:57:34 GMT

If-None-Match: "57ff143e-1d7"

User-Agent: Microsoft-CryptoAPI/6.1

Host: ocsp.digicert.com

HTTP/1.1 200 OK

Accept-Ranges: bytes

Cache-Control: max-age=499258

Content-Type: application/ocsp-response

Date: Sun, 06 Nov 2016 12:08:50 GMT

Etag: "581eb58e-1d7"

Expires: Sun, 13 Nov 2016 00:08:50 GMT

Last-Modified: Sun, 06 Nov 2016 04:46:06 GMT

Server: ECS (vie/F2D5)

X-Cache: HIT

Content-Length: 471

0..........0..... .....0......0...0.......>.i...G...&....cd ...20161105210000Z0s0q0I0... ............(..A...B..G@B.X....>.i...G...&....cd ........\..m. B.]......20161105210000Z....20161112210000Z0...*.H.............:u.....)(........'....@WHh.B..6Ex.!K^..}H.1..r..0.Ds.6[..[.j.....M.{q,.>p.v...'Q........c.9|Z..j2..!.,z.. ..yG.L..k3.I...Y..p.7...ZFg:.. 1...0&\......D).re@l.I.9R.0...O..$.aS.:]~*..KxP.2,0..D....M.#N......aF...CZ*..xt/.....B..{...~i.yeA..;..{..EMoB>...W8..HTTP/1.1 200 OK..Accept-Ranges: bytes..Cache-Control: max-age=499258..Content-Type: application/ocsp-response..Date: Sun, 06 Nov 2016 12:08:50 GMT..Etag: "581eb58e-1d7"..Expires: Sun, 13 Nov 2016 00:08:50 GMT..Last-Modified: Sun, 06 Nov 2016 04:46:06 GMT..Server: ECS (vie/F2D5)..X-Cache: HIT..Content-Length: 471..0..........0..... .....0......0...0.......>.i...G...&....cd ...20161105210000Z0s0q0I0... ............(..A...B..G@B.X....>.i...G...&....cd ........\..m. B.]......20161105210000Z....20161112210000Z0...*.H.............:u.....)(........'....@WHh.B..6Ex.!K^..}H.1..r..0.Ds.6[..[.j.....M.{q,.>p.v...'Q........c.9|Z..j2..!.,z.. ..yG.L..k3.I...Y..p.7...ZFg:.. 1...0&\......D).re@l.I.9R.0...O..$.aS.:]~*..KxP.2,0..D....M.#N......aF...CZ*..xt/.....B..{...~i.yeA..;..{..EMoB>...W8......

<<< skipped >>>

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTPJvUY+sl+j4yzQuAcL2oQno5fCgQUUWj/kK8CB3U8zNllZGKiErhZcjsCEA7LCTmysQFUuJVwx7Irekc= HTTP/1.1

Connection: Keep-Alive

Accept: */*

User-Agent: Microsoft-CryptoAPI/6.1

Host: ocsp.digicert.com

HTTP/1.1 200 OK

Accept-Ranges: bytes

Cache-Control: max-age=496111

Content-Type: application/ocsp-response

Date: Sun, 06 Nov 2016 12:08:50 GMT

Etag: "581ead2c-1d7"

Expires: Sun, 13 Nov 2016 00:08:50 GMT

Last-Modified: Sun, 06 Nov 2016 04:10:20 GMT

Server: ECS (vie/F2BA)

X-Cache: HIT

Content-Length: 471

0..........0..... .....0......0...0......Qh.....u<..edb...Yr;..20161106033900Z0s0q0I0... .........&....~...B../j..._...Qh.....u<..edb...Yr;.....9...T..p.. zG....20161106033900Z....20161113025400Z0...*.H..............0<.F...PlF....ly@?...r5..J.bYwT.F.|.)... ..-D..9%. #.k..9A?)..F.mxP.q.r-....t...^......6c.F/..cz..3G),sR. k.x..1.o..?...a.r.........)....`.... .P......6.....E..i%N.j...lw.j.l:..`C..#R..`8.....BQud...@...1...J.mT..6..I.@..C?....4$.. q...|...7.5...w..a...y.HTTP/1.1 200 OK..Accept-Ranges: bytes..Cache-Control: max-age=496111..Content-Type: application/ocsp-response..Date: Sun, 06 Nov 2016 12:08:50 GMT..Etag: "581ead2c-1d7"..Expires: Sun, 13 Nov 2016 00:08:50 GMT..Last-Modified: Sun, 06 Nov 2016 04:10:20 GMT..Server: ECS (vie/F2BA)..X-Cache: HIT..Content-Length: 471..0..........0..... .....0......0...0......Qh.....u<..edb...Yr;..20161106033900Z0s0q0I0... .........&....~...B../j..._...Qh.....u<..edb...Yr;.....9...T..p.. zG....20161106033900Z....20161113025400Z0...*.H..............0<.F...PlF....ly@?...r5..J.bYwT.F.|.)... ..-D..9%. #.k..9A?)..F.mxP.q.r-....t...^......6c.F/..cz..3G),sR. k.x..1.o..?...a.r.........)....`.... .P......6.....E..i%N.j...lw.j.l:..`C..#R..`8.....BQud...@...1...J.mT..6..I.@..C?....4$.. q...|...7.5...w..a...y...

<<< skipped >>>

GET /installer/progress?section=6.0&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:25 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=j99nudh0f6ad5nu1vm3urtpme2; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341055624630; expires=Mon, 06-Nov-2017 12:08:25 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434105; expires=Mon, 06-Nov-2017 12:08:25 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:25 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:25 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w22|WB8dP|WB8dP; path=/

POST /installer/downloadsLog?unique_id=47936C0FEA50B790BD59E50713FEF01C&affiliate_id=3673 HTTP/1.1

Content-Type: application/x-www-form-urlencoded

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0E; .NET4.0C)

Host: VVV.technologieyvonlheureux.com

Content-Length: 0

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:26 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=vo7vi6ivng3trr1iuu5r10pui5; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341069875129; expires=Mon, 06-Nov-2017 12:08:26 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434106; expires=Mon, 06-Nov-2017 12:08:26 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:26 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:26 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w8|WB8dP|WB8dP; path=/

GET /webenhancer/update?v=d9.75.1.48&os_mj=6&os_mn=1&os_bitness=32&mid=9c331592e812c97b86f3693753f893e6&uid=47936C0FEA50B790BD59E50713FEF01C&aid=3673&aid2=none&ts=1478434084&ts2=&retry_count=0&retry_version=&sc=1&scfr=&ie_status=-2&ch_status=-2&ff_status=-2&avs=0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0 HTTP/1.1

Accept: */*

Accept-Encoding: gzip, deflate, sdch

Connection: close

Host: VVV.technologieyvonlheureux.com

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:24 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=tqj3dbb2pk62tph7d960m9dar4; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341043367090; expires=Mon, 06-Nov-2017 12:08:24 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434104; expires=Mon, 06-Nov-2017 12:08:24 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:24 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=39,12,47,39,82,74,94,16,62,69; expires=Mon, 06-Nov-2017 12:08:24 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 99

Connection: close

Content-Type: application/octet-stream

Set-Cookie: APPSESSID=w28|WB8dO|WB8dO; path=/

....n*..o.a........%.."........YI.U......?..B..(.Z..sIe. ,9...........Yf....T......t......z...:.i....

GET /css/min_bootstrap3_social2search.css?1.00401.0 HTTP/1.1

Accept: text/css

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434120; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dS|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:41 GMT

Server: Apache/2.4.7 (Ubuntu)

Expires: Sun, 06 Nov 2016 14:08:42 GMT

Cache-Control: max-age=7200, public

Pragma: cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wal=1478434122; expires=Mon, 06-Nov-2017 12:08:42 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:42 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Length: 18546

Connection: close

Content-Type: text/css;charset=UTF-8

Set-Cookie: APPSESSID=w20|WB8dT|WB8dS; path=/

Cache-control: private

...........}k..8r._.{bb......T.S..v....O....>.%R%.P..........H$.$....E.;<[...Df..$..}{(/...Nv..(.=6...4y]..&_..oE;i....)..O.....}L.......k..*.v9..Kq|..i...2..M...,o..l...e....:.?.u>.UU...}.f..^..|....8>.....~.7.V.h.....% .S.~{.....kz..j.M...f|...:o..g.ke .cY...h..9....$-....&mr^ .=..../[...*.O...cu...y..o..~..Y..?...........M......M.UY..m.8|J...^.....3c...b.\.s.I.l.l._..-.O.MU3.L6U.V....u..?....7.......I.*....(...[.?.-....O.X..*?..'....8..WV..ER.C..O....v.....Ri.h..........T5...c.36.1.....O...mA.sLmuz.D.F..}Q..DS^R.^.7..../BJ.5S.....]Y}y.".J..#N.x....u__..Z.7.WNiq|y..g..EL..........h.I.mu.VL...dL%.q..N.t;T..i.6..........1.8...s;.N...._l2...d....&.35....>IY._..%.s...2.=H..1...... .XA..b1....~;.?..OcP..\.:%L....t..NO.<e....l..=..#.T.......6.RF]..vk./.Q...s....(D....fR..l!.....).2.<..Z....*..q -.`4.}......t...;B..f......RC!..x>l......L.f.....jJ.../....BU.....{rL..!O..p...y...X.e.d....`C..|[.)_.(...-:g.k."...f.-...V..Oz.....Zg.R.Te....d..Z./.1....Twu...[.[..z......MI....Q.qm.q..._.|.."..j6...8~..l:...t.4.,..P.NU....IZ.}.1.8[@....~..GOh...k..._..E.....#.1..U.e_..Of.B........m[....F.>...3.-...@..~~..;.?6E.M.fb[.'..C....c.....m^..V..^..<~a;.&...d.....sUd..ou.vA.{"w?......^......C.u......y......x?.T.i...8{b`....UV..bX..2.........m....D....m.R..(.........3.>.4....&/..1.k.L.O.!..9bSA...._x<...{..&c.(#(...`..Y..m.......v..Le......i.K..SSo..u.>.....?....^.M...\.u.....M...E. .~.q3......-`..lR............T........mA..>.7..v{?X..2...bg.?}.F.....-&...y,. ?...[.'.|....."..:.v..]..U.iN.6

<<< skipped >>>

GET /js/min_general_en.js?1.00401.0 HTTP/1.1

Accept: application/javascript, */*;q=0.8

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434120; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dS|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:41 GMT

Server: Apache/2.4.7 (Ubuntu)

Expires: Sun, 06 Nov 2016 14:08:41 GMT

Cache-Control: max-age=7200, public

Pragma: cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wal=1478434121; expires=Mon, 06-Nov-2017 12:08:41 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:41 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Length: 30573

Connection: close

Content-Type: application/javascript

Set-Cookie: APPSESSID=w20|WB8dT|WB8dS; path=/

Cache-control: private

.............v.8.(.;^...V...2..c"E.u<t.;.IR]U....DJb,..H.q.:.q..>.....$....;..J......=..h4._.Q<...<....V}....h8..w...g.[.....x._.:...2..Y.....U<..&."r^M.u.T..$.3.......,.'.E..'..."N>..7.>9.d.O..*.O.y.N3'......4.%.8r...O..........~..i~;..l..$...?..q.f..b:.6.I.....{:.:..,.A..d0O7?.W.I.'...q.=.....y.L2......T.K..|.n4d...P.%.x......B........'.:s/..A..%C/.v........i.w...}..........dB..E..z..~1......h.~....,......t.Z.vYO../.p..I..J,....D..9`.....JM...~.:.;qwR..j.7......Yg...n.|0.b.n.f.S;K...A.3:.......k..A.,.vq...Z...Fx0..A..8<.xm..J..0.....2M'q8Umn.j~.G'_gZ..,]..q..6._.<...I..q..7L.ZL.d.LcLV?0'.M.~..#.*~-.y5....E.....QI..h..s..`....x:.....f.....a.P#.6;Q}...r...f0.B2.*.{8....Z........U(:Dh....bG@..........<.5.]....|..w..$......@>_..t^Kh..I.......C.......=.._...,...p.76.u..........1A...y.^".F...=jkP....a.....l.\.*...w.Y...H...I...f.. ..-...!.>S.l.}G.....e=Cv....-..8....;..).......yw3..8...mp.e...p0....W.,8...K...K..C2.....O&y<...k...68....8.._..l_...S.>.....=.cH2....#..o. .JNQ......~W........7...^vj.I.."".kI..........^..b. ...Ea.j..kft.~ ../.G..t....|.....n.Db.V.g...p...V5..5.......@nq)......~yX..$..K.5.e6B}.0.l..".....xc......<.0/...,..q...R..H......"..o..L..tQ.M&0....A..c..z..e4p1.1..Al...v.(..$xX........R...b1.^W...8o)...[.N.(......&n.M.o2.\.N...c...G$.3............r...Z(..v..v..}.n.a...?<.%i.../.Y.B?H....D@..q...]..;....x.8Y....4#Z=.`-...4.j...T.@..oA.......;...!..p.\..E\S.F...3....Mt.DZ...v_~.....7...WE....{.q@.`]Y..7F..@.r..H........0.....D0k.....B..0.....y........

<<< skipped >>>

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEATh56TcXPLzbcArQrhdFZ8= HTTP/1.1

Cache-Control: max-age = 511667

Connection: Keep-Alive

Accept: */*

If-Modified-Since: Thu, 13 Oct 2016 04:57:34 GMT

If-None-Match: "57ff143e-1d7"

User-Agent: Microsoft-CryptoAPI/6.1

Host: ocsp.digicert.com

HTTP/1.1 200 OK

Accept-Ranges: bytes

Cache-Control: max-age=499258

Content-Type: application/ocsp-response

Date: Sun, 06 Nov 2016 12:08:50 GMT

Etag: "581eb58e-1d7"

Expires: Sun, 13 Nov 2016 00:08:50 GMT

Last-Modified: Sun, 06 Nov 2016 04:46:06 GMT

Server: ECS (vie/F2D5)

X-Cache: HIT

Content-Length: 471

0..........0..... .....0......0...0.......>.i...G...&....cd ...20161105210000Z0s0q0I0... ............(..A...B..G@B.X....>.i...G...&....cd ........\..m. B.]......20161105210000Z....20161112210000Z0...*.H.............:u.....)(........'....@WHh.B..6Ex.!K^..}H.1..r..0.Ds.6[..[.j.....M.{q,.>p.v...'Q........c.9|Z..j2..!.,z.. ..yG.L..k3.I...Y..p.7...ZFg:.. 1...0&\......D).re@l.I.9R.0...O..$.aS.:]~*..KxP.2,0..D....M.#N......aF...CZ*..xt/.....B..{...~i.yeA..;..{..EMoB>...W8..HTTP/1.1 200 OK..Accept-Ranges: bytes..Cache-Control: max-age=499258..Content-Type: application/ocsp-response..Date: Sun, 06 Nov 2016 12:08:50 GMT..Etag: "581eb58e-1d7"..Expires: Sun, 13 Nov 2016 00:08:50 GMT..Last-Modified: Sun, 06 Nov 2016 04:46:06 GMT..Server: ECS (vie/F2D5)..X-Cache: HIT..Content-Length: 471..0..........0..... .....0......0...0.......>.i...G...&....cd ...20161105210000Z0s0q0I0... ............(..A...B..G@B.X....>.i...G...&....cd ........\..m. B.]......20161105210000Z....20161112210000Z0...*.H.............:u.....)(........'....@WHh.B..6Ex.!K^..}H.1..r..0.Ds.6[..[.j.....M.{q,.>p.v...'Q........c.9|Z..j2..!.,z.. ..yG.L..k3.I...Y..p.7...ZFg:.. 1...0&\......D).re@l.I.9R.0...O..$.aS.:]~*..KxP.2,0..D....M.#N......aF...CZ*..xt/.....B..{...~i.yeA..;..{..EMoB>...W8......

<<< skipped >>>

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTPJvUY+sl+j4yzQuAcL2oQno5fCgQUUWj/kK8CB3U8zNllZGKiErhZcjsCEA7LCTmysQFUuJVwx7Irekc= HTTP/1.1

Connection: Keep-Alive

Accept: */*

User-Agent: Microsoft-CryptoAPI/6.1

Host: ocsp.digicert.com

HTTP/1.1 200 OK

Accept-Ranges: bytes

Cache-Control: max-age=496111

Content-Type: application/ocsp-response

Date: Sun, 06 Nov 2016 12:08:50 GMT

Etag: "581ead2c-1d7"

Expires: Sun, 13 Nov 2016 00:08:50 GMT

Last-Modified: Sun, 06 Nov 2016 04:10:20 GMT

Server: ECS (vie/F2BA)

X-Cache: HIT

Content-Length: 471

0..........0..... .....0......0...0......Qh.....u<..edb...Yr;..20161106033900Z0s0q0I0... .........&....~...B../j..._...Qh.....u<..edb...Yr;.....9...T..p.. zG....20161106033900Z....20161113025400Z0...*.H..............0<.F...PlF....ly@?...r5..J.bYwT.F.|.)... ..-D..9%. #.k..9A?)..F.mxP.q.r-....t...^......6c.F/..cz..3G),sR. k.x..1.o..?...a.r.........)....`.... .P......6.....E..i%N.j...lw.j.l:..`C..#R..`8.....BQud...@...1...J.mT..6..I.@..C?....4$.. q...|...7.5...w..a...y.HTTP/1.1 200 OK..Accept-Ranges: bytes..Cache-Control: max-age=496111..Content-Type: application/ocsp-response..Date: Sun, 06 Nov 2016 12:08:50 GMT..Etag: "581ead2c-1d7"..Expires: Sun, 13 Nov 2016 00:08:50 GMT..Last-Modified: Sun, 06 Nov 2016 04:10:20 GMT..Server: ECS (vie/F2BA)..X-Cache: HIT..Content-Length: 471..0..........0..... .....0......0...0......Qh.....u<..edb...Yr;..20161106033900Z0s0q0I0... .........&....~...B../j..._...Qh.....u<..edb...Yr;.....9...T..p.. zG....20161106033900Z....20161113025400Z0...*.H..............0<.F...PlF....ly@?...r5..J.bYwT.F.|.)... ..-D..9%. #.k..9A?)..F.mxP.q.r-....t...^......6c.F/..cz..3G),sR. k.x..1.o..?...a.r.........)....`.... .P......6.....E..i%N.j...lw.j.l:..`C..#R..`8.....BQud...@...1...J.mT..6..I.@..C?....4$.. q...|...7.5...w..a...y...

<<< skipped >>>

GET /web/log?evt=10002&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:32 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=dfb70m77u4d4keeodlvpnbeb63; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341128429013; expires=Mon, 06-Nov-2017 12:08:32 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434112; expires=Mon, 06-Nov-2017 12:08:32 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:32 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:32 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w9|WB8dQ|WB8dQ; path=/

POST /installer/urlsLog?unique_id=47936C0FEA50B790BD59E50713FEF01C&affiliate_id=3673&br=iexplore HTTP/1.1

Content-Type: application/x-www-form-urlencoded

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0E; .NET4.0C)

Host: VVV.technologieyvonlheureux.com

Content-Length: 406

Cache-Control: no-cache

Cookie: PHPSESSID=vo7vi6ivng3trr1iuu5r10pui5; _wau=14784341069875129; _wal=1478434106; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; APPSESSID=w8|WB8dP|WB8dP

hXXp://go.microsoft.com/fwlink/?LinkId=129791

hXXp://go.microsoft.com/fwlink/?LinkId=129792

hXXp://go.microsoft.com/fwlink/?LinkId=121315

hXXps://ieonline.microsoft.com/#ieslice

hXXps://VVV.mozilla.org/en-US/about/

hXXps://VVV.mozilla.org/en-US/contribute/

hXXps://VVV.mozilla.org/en-US/firefox/customize/

hXXps://VVV.mozilla.org/en-US/firefox/help/

hXXps://VVV.mozilla.org/en-US/firefox/central/

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:27 GMT

Server: Apache/2.4.7 (Ubuntu)

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wal=1478434107; expires=Mon, 06-Nov-2017 12:08:27 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:27 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:27 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

POST /installer/installedProgramsLogs?unique_id=47936C0FEA50B790BD59E50713FEF01C&affiliate_id=3673 HTTP/1.1

Content-Type: application/x-www-form-urlencoded

Filename: nsiFCFE.tmp

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Content-Length: 459

Connection: Keep-Alive

Cache-Control: no-cache

7-Zip 9.20

Adobe Flash Player 23 ActiveX

Social2Search

Google Chrome

Mozilla Firefox 49.0.1 (x86 en-US)

Total Commander (Remove or Repair)

WinPcap 4.1.3

Wireshark 0.99.6a

Microsoft Visual C 2008 Redistributable - x86 9.0.30729.4148

Java(TM) 6 Update 18

VMware Tools

Java Auto Updater

ActivePerl 5.16.2 Build 1602

Google Update Helper

Microsoft .NET Framework 4.5

Microsoft PowerPoint Viewer

Microsoft .NET Framework 4.5

Adobe Reader 9.3.4

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:28 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=kg2996i2b84m0jots8mavlbcf2; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341084013938; expires=Mon, 06-Nov-2017 12:08:28 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434108; expires=Mon, 06-Nov-2017 12:08:28 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:28 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:28 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w29|WB8dP|WB8dP; path=/

GET /crls/secureca.crl HTTP/1.1

Connection: Keep-Alive

Accept: */*

If-Modified-Since: Thu, 13 Oct 2016 09:30:22 GMT

If-None-Match: "b6a46da3cf1aa70c10b101b12c9733f4:1476351022"

User-Agent: Microsoft-CryptoAPI/6.1

Host: crl.geotrust.com

HTTP/1.1 200 OK

Server: Apache

ETag: "422ad394b282092665011bc408d8ad5e:1478433628"

Last-Modified: Sun, 06 Nov 2016 12:00:28 GMT

Date: Sun, 06 Nov 2016 12:08:42 GMT

Content-Length: 325

Connection: keep-alive

Content-Type: application/pkix-crl

0..A0..0...*.H........0N1.0...U....US1.0...U....Equifax1-0 ..U...$Equifax Secure Certificate Authority..161106114300Z..161116114300Z0,0....%...020514181157Z0.....3..020515130611Z0...*.H............X.Hb5b...*s0.!..J9.w9.t....!.....x....wlU...c@gf.r@.~.)8W%..........3.*_./..N7Y]6t..:....4.1Rh6...p....%.E.p......../....0../...HTTP/1.1 200 OK..Server: Apache..ETag: "422ad394b282092665011bc408d8ad5e:1478433628"..Last-Modified: Sun, 06 Nov 2016 12:00:28 GMT..Date: Sun, 06 Nov 2016 12:08:42 GMT..Content-Length: 325..Connection: keep-alive..Content-Type: application/pkix-crl..0..A0..0...*.H........0N1.0...U....US1.0...U....Equifax1-0 ..U...$Equifax Secure Certificate Authority..161106114300Z..161116114300Z0,0....%...020514181157Z0.....3..020515130611Z0...*.H............X.Hb5b...*s0.!..J9.w9.t....!.....x....wlU...c@gf.r@.~.)8W%..........3.*_./..N7Y]6t..:....4.1Rh6...p....%.E.p......../....0../.....

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEATh56TcXPLzbcArQrhdFZ8= HTTP/1.1

Cache-Control: max-age = 511667

Connection: Keep-Alive

Accept: */*

If-Modified-Since: Thu, 13 Oct 2016 04:57:34 GMT

If-None-Match: "57ff143e-1d7"

User-Agent: Microsoft-CryptoAPI/6.1

Host: ocsp.digicert.com

HTTP/1.1 200 OK

Accept-Ranges: bytes

Cache-Control: max-age=499258

Content-Type: application/ocsp-response

Date: Sun, 06 Nov 2016 12:08:50 GMT

Etag: "581eb58e-1d7"

Expires: Sun, 13 Nov 2016 00:08:50 GMT

Last-Modified: Sun, 06 Nov 2016 04:46:06 GMT

Server: ECS (vie/F2D5)

X-Cache: HIT

Content-Length: 471

0..........0..... .....0......0...0.......>.i...G...&....cd ...20161105210000Z0s0q0I0... ............(..A...B..G@B.X....>.i...G...&....cd ........\..m. B.]......20161105210000Z....20161112210000Z0...*.H.............:u.....)(........'....@WHh.B..6Ex.!K^..}H.1..r..0.Ds.6[..[.j.....M.{q,.>p.v...'Q........c.9|Z..j2..!.,z.. ..yG.L..k3.I...Y..p.7...ZFg:.. 1...0&\......D).re@l.I.9R.0...O..$.aS.:]~*..KxP.2,0..D....M.#N......aF...CZ*..xt/.....B..{...~i.yeA..;..{..EMoB>...W8..HTTP/1.1 200 OK..Accept-Ranges: bytes..Cache-Control: max-age=499258..Content-Type: application/ocsp-response..Date: Sun, 06 Nov 2016 12:08:50 GMT..Etag: "581eb58e-1d7"..Expires: Sun, 13 Nov 2016 00:08:50 GMT..Last-Modified: Sun, 06 Nov 2016 04:46:06 GMT..Server: ECS (vie/F2D5)..X-Cache: HIT..Content-Length: 471..0..........0..... .....0......0...0.......>.i...G...&....cd ...20161105210000Z0s0q0I0... ............(..A...B..G@B.X....>.i...G...&....cd ........\..m. B.]......20161105210000Z....20161112210000Z0...*.H.............:u.....)(........'....@WHh.B..6Ex.!K^..}H.1..r..0.Ds.6[..[.j.....M.{q,.>p.v...'Q........c.9|Z..j2..!.,z.. ..yG.L..k3.I...Y..p.7...ZFg:.. 1...0&\......D).re@l.I.9R.0...O..$.aS.:]~*..KxP.2,0..D....M.#N......aF...CZ*..xt/.....B..{...~i.yeA..;..{..EMoB>...W8......

<<< skipped >>>

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTPJvUY+sl+j4yzQuAcL2oQno5fCgQUUWj/kK8CB3U8zNllZGKiErhZcjsCEA7LCTmysQFUuJVwx7Irekc= HTTP/1.1

Connection: Keep-Alive

Accept: */*

User-Agent: Microsoft-CryptoAPI/6.1

Host: ocsp.digicert.com

HTTP/1.1 200 OK

Accept-Ranges: bytes

Cache-Control: max-age=496111

Content-Type: application/ocsp-response

Date: Sun, 06 Nov 2016 12:08:50 GMT

Etag: "581ead2c-1d7"

Expires: Sun, 13 Nov 2016 00:08:50 GMT

Last-Modified: Sun, 06 Nov 2016 04:10:20 GMT

Server: ECS (vie/F2BA)

X-Cache: HIT

Content-Length: 471

0..........0..... .....0......0...0......Qh.....u<..edb...Yr;..20161106033900Z0s0q0I0... .........&....~...B../j..._...Qh.....u<..edb...Yr;.....9...T..p.. zG....20161106033900Z....20161113025400Z0...*.H..............0<.F...PlF....ly@?...r5..J.bYwT.F.|.)... ..-D..9%. #.k..9A?)..F.mxP.q.r-....t...^......6c.F/..cz..3G),sR. k.x..1.o..?...a.r.........)....`.... .P......6.....E..i%N.j...lw.j.l:..`C..#R..`8.....BQud...@...1...J.mT..6..I.@..C?....4$.. q...|...7.5...w..a...y.HTTP/1.1 200 OK..Accept-Ranges: bytes..Cache-Control: max-age=496111..Content-Type: application/ocsp-response..Date: Sun, 06 Nov 2016 12:08:50 GMT..Etag: "581ead2c-1d7"..Expires: Sun, 13 Nov 2016 00:08:50 GMT..Last-Modified: Sun, 06 Nov 2016 04:10:20 GMT..Server: ECS (vie/F2BA)..X-Cache: HIT..Content-Length: 471..0..........0..... .....0......0...0......Qh.....u<..edb...Yr;..20161106033900Z0s0q0I0... .........&....~...B../j..._...Qh.....u<..edb...Yr;.....9...T..p.. zG....20161106033900Z....20161113025400Z0...*.H..............0<.F...PlF....ly@?...r5..J.bYwT.F.|.)... ..-D..9%. #.k..9A?)..F.mxP.q.r-....t...^......6c.F/..cz..3G),sR. k.x..1.o..?...a.r.........)....`.... .P......6.....E..i%N.j...lw.j.l:..`C..#R..`8.....BQud...@...1...J.mT..6..I.@..C?....4$.. q...|...7.5...w..a...y...

<<< skipped >>>

GET /imgs/app/social2search/login-bg-img.png HTTP/1.1

Accept: image/png, image/svg xml, image/*;q=0.8, */*;q=0.5

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: main-social2search.netdna-ssl.com

Connection: Keep-Alive

Cookie: APPSESSID=w5|WB8dT|WB8dT

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:45 GMT

Content-Type: image/png

Content-Length: 2520039

Connection: keep-alive

Last-Modified: Mon, 09 May 2016 20:24:41 GMT

ETag: "2673e7-5326e9931c20c"

Server: NetDNA-cache/2.2

X-Cache: HIT

Accept-Ranges: bytes

.PNG........IHDR.......\...... ......gAMA......a...@.IDATx...k.%.....Wuk$..B.&..L.}..`...0h..k...V.[u.? .w..........{.................Wo.....W.^.~....7o_...|x.._..z..]>...W...........o.^..O^o..........>||....W.....u......7o;............W......z..[.............^........;K....W..|{....Wo..../....O.^}..Y.....~d..O.~{......[....7s..M.{..}0..........2.........?|..............t.f.........b.<6............Wor].7.a...H{...^C....). .....W_.|m...~.R:.. ..V.....s_.}....y...Q....?!>}..d*..L...}E.7.........L......._;~...u......7s|..........g:....X........n..G...]|...L.."K.|yl....G.~..7.....:....,.|..........>..7..c?F...7......h......Gx............M....C.-..>...z. ....|..%x.[.h...E..~..g.q|.......]........1.E........B....../?.......>T........Q.L....g~dN.Py[..70....o.../.._...&..8.^.........i.3}..~.~........9..;...}~.C.26}.g.<.......sb.Y...m./.......g.i.T.....~.........,.^........Q...#...G..en..g.{~..]..a.:......J.O...x......t.........9..5..>4.........X.....s...9......m...GO_C..~...z.%nW..$......?../O.k...g...............=...o..0.....}.N.._....I<{...o.&7......M.a.C........*....O..-.)v%......7..]0..>=..&=6...8,..&c[.N.....l.?{p.....J.......C9@%s...V..o..&Zp...:.'&..En.:c../<D...I.l.|...~......ZG<....7.....k..y.'X..k.7.c...5}.\..g...>..<..O..~1.z.....W..'..Oq.....=...?se0a[.w.S.c#.c.x....;.....k>..,w-~....7..Wc.9b...fS.%*......6y...;..~GQ.E...K.j..N..\..;.%..K.._.....9.......zr<.a.6..~...R93.x:....vv!...dk.9(.$w..{...LP....}.X.g...<~...x.F.7~...!.....ozh.H=..W..g._<....z.%

<<< skipped >>>

GET /installer/getTimestamp HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:04 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=grulj1pnksagiapuikkdk8ifa1; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784340842021152; expires=Mon, 06-Nov-2017 12:08:04 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434084; expires=Mon, 06-Nov-2017 12:08:04 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=0,91,10,51,81,86,83,5,52,84; expires=Mon, 06-Nov-2017 12:08:04 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 10

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w16|WB8dJ|WB8dJ; path=/

1478434084..

GET /installer/progress?section=8.0&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:29 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=ip86d1ccjd8dkiqnjr2o8qkon2; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341098383326; expires=Mon, 06-Nov-2017 12:08:29 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434109; expires=Mon, 06-Nov-2017 12:08:29 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:29 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:29 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w1|WB8dQ|WB8dQ; path=/

GET /css/min_signup.css?1.00401.0 HTTP/1.1

Accept: text/css

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434120; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dS|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:41 GMT

Server: Apache/2.4.7 (Ubuntu)

Expires: Sun, 06 Nov 2016 14:08:42 GMT

Cache-Control: max-age=7200, public

Pragma: cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wal=1478434122; expires=Mon, 06-Nov-2017 12:08:42 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:42 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Length: 616

Connection: close

Content-Type: text/css;charset=UTF-8

Set-Cookie: APPSESSID=w20|WB8dT|WB8dS; path=/

Cache-control: private

...........T...0...TQ.D...B......o..d`.w.m..a....Kv...iT^.{|f.93.Y.jR."..........#...&F.K.XES#a..`.......$.../..L(DU..._.G....o-g.. !Q..u..%.*..)..15.......:..B.Q.b...V..8....H.KF1"....dcv.?!S...M.8/T.Y..'.1. .. YD2....L..P.b.H. ..C....d`.B..a/J`[.&.... .D....w....-.....vY..&.....E4........."...Z.]h..4...".....9. .(..DPk...@.(..z...2......q.....w.f.iC....u..P..k.]S&..@.....KD.!A....V.yOe..r0.ct.qx=...v.9#.[r.......Y...8:..9....*.$.........s'...n.HG........\AA....Xs....I..)......3*...X....G.]{....v.F.Y...}....{.........M..N....,P:W.Y.^....r...b....6..#..k.}........)....,Y..R.......}...j.......<.G[..i...^........

GET /MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6kg== HTTP/1.1

Cache-Control: max-age = 564348

Connection: Keep-Alive

Accept: */*

If-Modified-Since: Wed, 12 Oct 2016 22:33:53 GMT

User-Agent: Microsoft-CryptoAPI/6.1

Host: g.symcd.com

HTTP/1.1 200 OK

Server: nginx/1.4.7

Content-Type: application/ocsp-response

Content-Length: 1362

content-transfer-encoding: binary

Cache-Control: max-age=592825, public, no-transform, must-revalidate

Last-Modified: Sun, 6 Nov 2016 08:48:44 GMT

Expires: Sun, 13 Nov 2016 08:48:44 GMT

Date: Sun, 06 Nov 2016 12:08:43 GMT

Connection: keep-alive

0..N......G0..C.. .....0.....40..00.......j.#.p.e$.\ps.*.. .j..20161106084844Z0f0d0<0... ..........9.....yP..`...<.......*.A.....>U....... ...:.....20161106084844Z....20161113084844Z0...*.H....................?....@~...r[...0}..r.lg..........Y.....9F3.DOzk..}.B..'.....)......e"J~].G.a.......1.g.' .......w..f,.J.D...#..E....=6{....!9....t!.T.y....2NT.9.h.S.......N...f...... .a.....5X......10....L..@.Q.A.1....mq.@.....b...D...K...v,AiX..1....5F=..X.....2U.....0...0..|0..d........:.0...*.H........0B1.0...U....US1.0...U....GeoTrust Inc.1.0...U....GeoTrust Global CA0...151203170230Z..161214170230Z02100...U...'GeoTrust Global CA TGV OCSP Responder 40.."0...*.H.............0.........[.c.#zj......RME.....,......(..U......!-.l..R..E.~..%."./8mv..D...*...Rx........mw.~2..Q5T\.H...Wk*..a.z.$._..T......;T.S.r(._*.G....^.P.!.3..t.......s......P....C._.g.b.oK...EV..>...>.|.o.~quo.............v4..Tt....Q.]A.Y......... w.E..=.%.n7.......{" *C........0..0...U.#..0....z.h.....d..}.}e...N0... .....0......0...U.%..0... .......0...U...........0...U.......0.0 ..U....0...0.1.0...U....TGV-C-670...*.H...............aEc<..'R......]C.ri.Zm.....|..B.$..76..h....l...Xbxua...C.X.S....~K..A..._.T@$.....9(.... ......\.*.....5.b.x...[QM.._9P.=..l...gf..L.?..3 ......Z....._...20R;...x.......C..0....l.G.A..5TS>d.U......w.(\....v..9.z7.....J..;..'...u.Y...BB.@.2u.e..eW..J.U....

<<< skipped >>>

POST /web/log?evt=10023&v=d9.75.1.48&os_mj=6&os_mn=1&os_bitness=32&mid=9c331592e812c97b86f3693753f893e6&uid=47936C0FEA50B790BD59E50713FEF01C&aid=3673&aid2=none&ts=1478434084&ts2= HTTP/1.1

Accept: */*

Accept-Encoding: gzip, deflate, sdch

Connection: close

Content-Length: 942

Content-Type: application/x-www-form-urlencoded

Host: VVV.technologieyvonlheureux.com

7-Zip 9.20

Adobe Flash Player 23 ActiveX

Google Chrome

Mozilla Firefox 49.0.1 (x86 en-US)

Total Commander (Remove or Repair)

WinPcap 4.1.3

Wireshark 0.99.6a

Microsoft Visual C 2008 Redistributable - x86 9.0.30729.4148

Java(TM) 6 Update 18

VMware Tools

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Java Auto Updater

ActivePerl 5.16.2 Build 1602

Google Update Helper

Microsoft .NET Framework 4.5

Microsoft PowerPoint Viewer

Microsoft .NET Framework 4.5

Adobe Reader 9.3.4

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:19 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=pg8goq1gu85g7o8m9ffm8sm466; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784340996807822; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434099; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=39,56,65,99,61,30,96,68,79,25; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w2|WB8dN|WB8dN; path=/

GET /signup?aid=3673&inline=0&afr=0 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:30 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=sf1v45nucnc8unf1qbf40nusf1; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341107850532; expires=Mon, 06-Nov-2017 12:08:30 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434110; expires=Mon, 06-Nov-2017 12:08:30 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=0,93,1,98,73,21,3,22,58,51; expires=Mon, 06-Nov-2017 12:08:30 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Vary: Accept-Encoding

Content-Length: 5089

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w66|WB8dQ|WB8dQ; path=/

<!DOCTYPE html>.<html xmlns="hXXp://VVV.w3.org/1999/xhtml" xmlns:fb="hXXp://ogp.me/ns/fb#" xml:lang="en" prefix="og: hXXp://ogp.me/ns#">..<head>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>...<base href="hXXp://VVV.technologieyvonlheureux.com" />...<title>Social2Search.com | Download Social2Search for Free</title>..<meta name="title" content="Social2Search.com | Download Social2Search for Free" />....<meta name="description" content="Enhance Your Search Experience With Results From Your Friends! Download Social2Search and get Social Results and Recommendations in Your Regular Search Results | Social2Search.com" />..<meta name="keywords" content="Download Social2Search, Social2Search Download, Install Social2Search, Get Social2Search, Social2Search, Social Search, Social results, Social Search Results, Recommendations from your friends, recommendations, Facebook friends recommendations, Find a Friend's Facebook Post, Find a Tweet" />.......<!-- Google Chrome Web Store Verification -->..<meta name="google-site-verification" content="5KnCIaGgQoFFL2URoeiXrg0xTbPK3qJZLbDJpbIoC9U" />...<link rel="shortcut icon" href="/imgs/social2search/favicon.ico" type="image/x-icon" />..<link href="hXXps://fonts.googleapis.com/css?family=Merriweather:300,400,700,900" rel="stylesheet" type="text/css">..<link href="hXXps://fonts.googleapis.com/css?family=Open Sans:300,400,600,700,800" rel="stylesheet" type="text/css">

<<< skipped >>>

GET /ajax/libs/jqueryui/1.8.16/jquery-ui.js?1.00401.0 HTTP/1.1

Accept: application/javascript, */*;q=0.8

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: ajax.googleapis.com

Connection: Keep-Alive

HTTP/1.1 200 OK

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Type: text/javascript; charset=UTF-8

Access-Control-Allow-Origin: *

Timing-Allow-Origin: *

Date: Thu, 27 Oct 2016 05:14:47 GMT

Expires: Fri, 27 Oct 2017 05:14:47 GMT

Last-Modified: Fri, 27 Nov 2015 19:30:24 GMT

X-Content-Type-Options: nosniff

Server: sffe

Content-Length: 89894

X-XSS-Protection: 1; mode=block

Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000

Age: 888834

............y..7.(..-}.6.gHF..$.E.........Z.dr5:.....1..a..4...[ P.F..c.vg.=...R....B-[.=XO>K~.?.lz.|..........a..br;./.g....N/y...w....g7..s9.M...~._l:....j = ...6}:OG.(.d.2.&..0.&..,yqx....O..'...e^..].W..e.o..^l.g.J...A..J8....qk.s>..f.m'y..q..1@.M~^_..J&..}6.%....MgY2*.a>......L.....m.B..l.]%g. ..Yr.a..m......$:X........q{.\.0..._s.C...\.?.... ..~.%..n.=?O:T../k...M..|:._.[.F..,...Z..J....{.......n...l. .=~~.......~......~...^B..<~}....'...[K..^.x....~.|...q..|.....T..t..|~s...........W.........?;......z..K..F~..|.%.y...........b........9.>|y......5b.>.Z/.....0.2X..../^?~...S.og..K..gO._<FXw.m.....>...S.@n...........?b..L......y...a..X........... ..5..Y.~......G.D..sj{..!Nu.....|...?.....QO..../a.#..`......|.F...p.a.|...x..:y<.M....?.Q.G...go.......7.)e....Qz.K........$ ..krpp......l.J.A.5<..,.\.........$.#y@gu...lv._e@y....v.A...t....9....&2HG#./......@..w.d.A.K.O'..m...%..b~.d...w.b.`Z.F..)..5..q^.....v.....u.M.We.%..m.....t..~..D..}....gY9..8....'E.c..n..{...\...,[R...B" .../X..y>.e..R...|../:./..M6tp>....'GG.D......x..|V..p45 .....kl...m.v....R....og.~......(k........6a..#.<.3......2y.<...K8.._.UB....e{c.?.....'%....W._3.X.........:.....a..C.p.l'.I...4{..t4.h../s....kO.....!.:oG*.r.^..i..m3'....... Hx..<Rr}....aP.arF.A"'\.>F&.*}...x\..s`..Z.o.k........Ja/.R{)..........:.-.^.2AtDpq\.&v..*..........vhiK.#.....\O|.Q)..T!..0..i1..3..6..X........d..<...E.s..e.....l...V......`..A........%)...P!....l".#o%..v=}5..C.....%...l.l....~..[.E...q.....2;..:v... ..l'..

<<< skipped >>>

GET /webenhancer/config?v=d9.75.1.48&os_mj=6&os_mn=1&os_bitness=32&mid=9c331592e812c97b86f3693753f893e6&uid=47936C0FEA50B790BD59E50713FEF01C&aid=3673&aid2=none&ts=1478434084&ts2= HTTP/1.1

Accept: */*

Accept-Encoding: gzip, deflate, sdch

Connection: close

Host: VVV.technologieyvonlheureux.com

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:19 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=86jb7uggdj5jlnjf1djes7aqk2; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784340992775019; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434099; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=39,20,52,39,16,13,58,15,23,87; expires=Mon, 06-Nov-2017 12:08:19 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Connection: close

Transfer-Encoding: chunked

Content-Type: application/octet-stream

Set-Cookie: APPSESSID=w29|WB8dN|WB8dN; path=/

155f5......:`x....dn...G>..T.....'U..Z..T...L.%...$Yu.-zp.!....r8*.0y...1.d.........j..9.hc...xWX...Y..N.C. .d..n.jT......[...<.}..#.%.{3#.b...@....W...<..m...7.X.. ....x.3.....[..}5...& k....|.m.1..fn....)T...;..GW.#>g5.A.J.pJQ.Qhu....Q.. .?..../!.k....}FX...ji...&.Y.......N...>....yE..........IA.V1.!.....`....b.M..&.......i...K.x.6.m....4|......W?x~F.......=...A3....h...."...Hr....k.C................O..........7.h..j..."M(...4xv.Y.t.........s.$....5.....B...V.J......v7H...b5..,...{...D...G.......-9...V..z.QK1....(h..a.MS...RR)i....n~.@.6.g1.........b.....2.E/n.......a...Ym.......}!u....RJ...p........{zO.o.iT-......C1k&mj.....9AS..f<...j.%..uG>p..KzW.e.....my.../......Q...>..Z..$.O.A/.X.[.aF...,]F.(...3.r.l%.....,.Y.B......lj..ot;1.6"C..:9u)................5..y...mm..Mk....W.....o.r.Z$...Q,q..m2.....*.$.z..3&..-..u...kEm...@zb.6...t.....Q..M..NBR.....~N..`C" '.;.Q.0..w.N....BM.I?3..<....6.E$.-.Z.:.jmLi..... .g.....n..)}..M.=..1m......;.!............Q..D.P......7...2D...U.....h.....5..F4....~aJ.m..!.z.W?$....f...^F..D`5..U[ti..j.. uk....@P.......d..M.}L.'{..*'......#..Y.....2."E.'.M...#P^0....AHe.a...w.....c....B...tC..8).MJ....... ..*.c.M(.;i..FE.%..(.\G..HX?."T.;.k...tc..84.0.WA....YAE1..;...n^Z..A.h......Y.A.m...'.~7d........m..S.7%....g.M!^...d..-].v..Pf..!...R;..-9!)a..3..K...I...............w,Cu.8..p'."$.@8.........{..oP.S....#.O...Y.V.#.F.i3W.{...R..m...L$8-s......&...?.J?..l........_0.....R....xg........wwk$..:.....Nv^'.....J..$.f..DmS.\..t.K8.......B0.'.[.....r...4..._P.O.#jA

<<< skipped >>>

GET /en_US/all.js HTTP/1.1

Accept: application/javascript, */*;q=0.8

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: connect.facebook.net

Connection: Keep-Alive

HTTP/1.1 200 OK

Access-Control-Expose-Headers: X-FB-Content-MD5

x-fb-content-md5: a17fb71a1a0f9fe8f1ac75bd270cd266

ETag: "8cb6e5a3ee5717d0c084c670ee9114b2"

X-Frame-Options: DENY

timing-allow-origin: *

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data:;style-src data: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* hXXps://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com;

Cache-Control: public,max-age=1200,stale-while-revalidate=3600

X-XSS-Protection: 0

Content-Type: application/x-javascript; charset=utf-8

X-Content-Type-Options: nosniff

Strict-Transport-Security: max-age=15552000; preload

Expires: Sun, 06 Nov 2016 12:21:30 GMT

Vary: Accept-Encoding

Content-Encoding: gzip

Content-MD5: WS13IM Y6i4YSFBWj58 Pw==

X-FB-Debug: W0GBFxyNJfAqCHR4yj mn7aEyJq8Cjkbs7f11Xahv7hMBK6EcBdhNG8MDUd5/PdrMcIa1yOOPlpQryhcX5Myrw==

Date: Sun, 06 Nov 2016 12:08:45 GMT

Connection: keep-alive

Content-Length: 58308

............{..8.0............./..............I...'....B..y...H.d.I..>....L...,.J..R].~..?}v|t..y........$N..Yg.&q.ts........ n.z....._.?...J?A...$..MK.E'h'...!.T....%..q.tK...LJ.^Pz5...#.x.....>Q:...Eo:.5....yUP.j2.>..vz...7.>.......k:. -.a.M......R.j....\.........?...T........._z/.WG.d.L.FA.^5K%.S..M....vZ..=.F...\S_..$..&qV..v....pYV.U..jGD...W....0...... .w.......`..Q...k...>k...G......?..x....(.i...I..U.UU.....".....z.4..t..:..N.L... .M.{,.. ...H.t.@L.JT...J...dR*..B....?/.>[...z.......O.<_.<...~.%a.....{f.|r.....o.D...>......z.......d.F0.M......6...S......h..R\J....d*.......{....$..U..j..p'].q.m....R.1I#.1..a..Xym_.8,.......;..... .3.EQ..D........R.....U.......U.kU..:..m........:k../.e....._.....:..i......So..W.TGb"....z...\...S..:..NE79.-.b..(.#8.8.....S..A....Z.~y..6`.n......?........S..T./..M...ws......uP......l....T8.0.. ._m..>b..86..........~..Ny....00...........a..H.6O$b.I..5..jB_8....P..|c.[.B.....S..ZC..y...KWa[....|......NL..C.U.~\.&.Y.Tp).q5.`,.5W..$.l.c../.U..8O..2.K...`6D.mS.&........M.F.W.U...U'...$.`...`..o..g..^..7.....o..u.....t..6Ar..i..G#.=.k.|.. ..6..t.}Qd.<.].@..o....%...Y8..V..,...e..i.......Q@.d.....l....."....#.<...d2M......)...;;..H?../...7. .........z.]P..^YT}..........$....4..S.</A.%@.R;..............t].......Jt.g.$.......&,X.O.Z3z.6#8..).O.^.w.]....%S.h.a...@..\.../...UA.....\..^....jA......-....!f.4...7..... 8Wfi.N..*..ox.......\..`.....PL.o..(....g.i...x.^..Z..k ..=P.\4.!G...p..] ^qG...z......R.....>...;.g...en.wY...;;y5..@..KO...(....

<<< skipped >>>

GET /imgs/social2search/favicon.ico HTTP/1.1

Accept: */*

Accept-Encoding: gzip, deflate

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434122; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dT|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:51 GMT

Server: Apache/2.4.7 (Ubuntu)

Last-Modified: Mon, 22 Feb 2016 16:43:16 GMT

ETag: "5a596-52c5e8791889d"

Accept-Ranges: bytes

Content-Length: 370070

Connection: close

Content-Type: image/vnd.microsoft.icon

Set-Cookie: APPSESSID=w20|WB8dV|WB8dS; path=/

Cache-control: private

............ .h...f... .... .........00.... ..%..v...@@.... .(B...;........ .(...F}........ .( ..n...(....... ..... .........................J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..I ..M1..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J-..........S8..J,..J,..J,..J,..J,..J,..I-.._H%.`I'.J...J,..I ..............K...J,..J,..J,..T8..Q6..........................^G'.........O2..J,..J,..J,..J,..R6..................................nX8.L...J,..J,..M...P/..Q0..............}c?..d>..d>.~d>.............Q0..O/..M-..V3..Y4..Z6...............gB.`8...vU...r.............]:..Y4..V3.._8..a9..tR"..................i?.yS..................~^2.a9.._8..g=..i>..{W#......................a..._)..............c3.i>..g=..nA..pB..rD........................q.wF..............uI..pB..nA..tD..wF..yG................S.{I..}J...l8.............yG..wF..tD..yG..|I...K...S...................................Z..~K..|I..yG..~J...L...M...Z...]...........................]...]...M...L..~J...L...N...O...Q...R...S...W...q-..r/..X...S...R...Q...P...N...L...N...O...Q...S...T...U...V...W...W...V...U...T...S...Q...O...N...O...P...R...T...U...V...W...X...X...W...W...U...T...R...P...O..................................................................(... ...@..... .........................O...K,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..K,..N...K,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..J,..E*..YB#.F ..J,.

<<< skipped >>>

GET /css/webfonts/F37F5_0.eot? HTTP/1.1

Accept: */*

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Origin: hXXp://VVV.technologieyvonlheureux.com

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434122; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dT|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:44 GMT

Server: Apache/2.4.7 (Ubuntu)

Last-Modified: Tue, 09 Feb 2016 18:41:20 GMT

ETag: "1025c-52b5aa9da82b9"

Accept-Ranges: bytes

Content-Length: 66140

Connection: close

Content-Type: application/vnd.ms-fontobject

\.................................LP................... .....3...........................&....V.e.r.s.i.o.n. .1...0.0.0.;.P.S. .1...1.0.;.h.o.t.c.o.n.v. .1...0...5.7.;.m.a.k.e.o.t.f...l.i.b.2...0...2.1.8.9.5.;.c.o.m...m.y.f.o.n.t.s...u.r.w...c.o.o.p.e.r...b.l.a.c.k.-.d...w.f.k.i.t.2...6.7.t.X......&C.o.o.p.e.r.B.l.a.D................`OS/2g......D...`cmap..u4........cvt .!.....H...6fpgm../........egasp.......@....glyf...... H....head...$.......6hhea...p...X...$hmtx$..#...|...Ploca...........4maxp.:.k....... name..W........@post:.p$........prep.. ...................................................3._.<......................W....................._.........X...K...X...^.~..............................UKWN.@. .....!...... .............. .....................&. .....~...S.a.x.~...... . . . " & 0 : .!"..... ...R.`.x.}...... . . . & 0 9 .!"...................p.H.G.F.E.B.9.3...h...............................................!.....W.^.............................M.......4.(...!.X. .X.!. ...e.....!...C.....X.^.X.<.,.......,.#.....X...X.(.X...X...X...X. .X...X...X...X...,.#.,.....!.X.<...!.........;..........."...............".......s...;...y...t...>...........................4...#.....................{...'...............M.7...y...................B.......d...q.......m...........Z...........................s.......Z...k.........#...........[.....4.(.X.M.X...X...X.........A.........{.........!...........2...!.X.<.............X...X...,.#.................................;...;...;...;...;...;...................

<<< skipped >>>

GET /installer/finish?v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:32 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=1puqibqvk9jug8kffdqrobj696; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341121831392; expires=Mon, 06-Nov-2017 12:08:32 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434112; expires=Mon, 06-Nov-2017 12:08:32 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:32 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:32 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w69|WB8dQ|WB8dQ; path=/

GET /css/min_fancybox.css?1.00401.0 HTTP/1.1

Accept: text/css

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434120; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dS|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:41 GMT

Server: Apache/2.4.7 (Ubuntu)

Expires: Sun, 06 Nov 2016 14:08:41 GMT

Cache-Control: max-age=7200, public

Pragma: cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wal=1478434121; expires=Mon, 06-Nov-2017 12:08:41 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:41 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Length: 1531

Connection: close

Content-Type: text/css;charset=UTF-8

Set-Cookie: APPSESSID=w20|WB8dT|WB8dS; path=/

Cache-control: private

...........Y.n.6....."..:.l.Y..b.v...>.C..J.l".).t....wH]L...u.....)...3...".<~...1.....\(...aJ7$.k..3....T...&z.N.|3_..X.b.a.....(p....'.J*!.\P....'"S&...&....DyB6.x...t.P.3..r..?.m.^B.vPq..[ib...V........q!..'.fxA..dW......J...@.,.....p..b.Xd.4[...J=..|qy.`4......m?4u..t.Y..qb...... .2!...E.J..M....!..X.5...b....n;$....Ek.=R..|H..V...=Q&^...<..J...O..[.W;..5......]D...q}$L.....3..4O..^... ...~.....^$H..R.3..86` -1W9.`...].1..d...L"........x.F..'.<..$9..CS...`2...J...o..V.pi..}O...5PG:.R.m,....N......e..7.WnM(z.%...6..i6.....v.......A^3B5......!.....xGbA.!.9.*.GL..nV.....Z2..-.Z.,t2..P...>t..W.~.{.z8b.?..4....M`.x.....EX6|_([.Os.,F4.m..g..X........lg2;v.....)..>.Y4.s..Gu.o.....3..K0...I(............w.].i....D..(..9.C...b.......z(.Yd..b......EOT. .....|.....1.-....a.......}.....D...Gz.~5.@L.t......=H......H.{.....~..j!....0.}..j.....^..r....5.'3..c.u.{.........t......T3R...%..l.c........7..:.7I.bR.......k.d{.-L*h.......].&.]..1.UQY.O&.nk7........[G..x........m.5..(..cN..*...r./_..[..N(w.......Jy0RJ.4.....I..>.T.......p.....q......0.CwX..4h..=[y:i.f.....MCbV..l.........GoK.x.h..-..(#j.0.....h..[.."........GT.:,<.....i.I~.c.f=..1..;.}.2p..R..&..X.$...?L`}3.R!..W.K.D.G.Y..v.O..hWJ....>..js........H>]*.....C..t.....O...!*.u.....v.RN.?/.Zi._...0'. .9)..u<...T|...w..rE.>G...;S....$...Zto.r.NZ?..g3...(....^R5*,..H.(f....u.O....G.A(.ik......D.v..D..j/..*..*.a.j..#.{../.....a....sk..6.=.a.$_..ixW.|a..........^.6./...k...Z... .o....-..R..f....f.....N..Z.D.......u..q..Dke...>..:5....

<<< skipped >>>

GET /css/webfonts/Lato-Black-webfont.eot? HTTP/1.1

Accept: */*

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Origin: hXXp://VVV.technologieyvonlheureux.com

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434122; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dT|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:44 GMT

Server: Apache/2.4.7 (Ubuntu)

Last-Modified: Tue, 09 Feb 2016 18:41:20 GMT

ETag: "8832-52b5aa9daa1fb"

Accept-Ranges: bytes

Content-Length: 34866

Connection: close

Content-Type: application/vnd.ms-fontobject

2...`.............................LP....J`.@........... ....T.os....................L.a.t.o.....B.l.a.c.k...H.V.e.r.s.i.o.n. .1...0.1.0.;. .W.e.s.t.e.r.n. .c.h.a.r.a.c.t.e.r. .s.e.t.....L.a.t.o. .B.l.a.c.k.................FFTMZps2........GDEF.......(... OS/2...I...H...`cmap.R.i........cvt ...\...|...Ffpgm../........egasp.......,....glyf...2...8..x.head...........6hhea.1.#...@...$hmtx p ....d..."loca.u0`........maxp........... name7.O........ppostlO.....,....prep^..y... ...@.................8.'.....8. ...................................'.........3.......3........................@.`J........tyPL. . ...q.q...... ........%..... .....................................(. .....~............ . . . . " & / _ .!"......... ............ . . . . " & / _ .!".....................j.e.b.`.\.Y.Q."...a ................................................................................................................ !"#$%&'()* ,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`a...................................cd.~..hf.i........e.....................b.....xy|}z{.................................................%.......=...............:...J. ...1.R.../.A.4.L.D.........#..........,...K.*PX.JvY..#?... X=YK.*PX}Y ......-.., ... -..,KRXE#Y!-..,i. .@PX!.@Y-..,.. X!#!zX...Y.KRXX...Y.#!.. X.FvYX...YYY.-..,.\Z-..,."..PX. .\\...Y-..,.$..PX.@.\\...Y-..,.. 9/-.., }.. X...Y ..%I# ..&J..PX.e.a ..PX8.!!Y...a ..RX8.!!YY.-..,.. X!...!Y-.., ... -.., /.. \X G#Faj X db8.!!Y.!Y-..,.. 9/ . G.Fa#. .#J..PX#..RX.@8.!Y.#..PX.@e8.!YY-..,.. X=..!!. ..

<<< skipped >>>

GET /MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6kg== HTTP/1.1

Cache-Control: max-age = 564348

Connection: Keep-Alive

Accept: */*

If-Modified-Since: Wed, 12 Oct 2016 22:33:53 GMT

User-Agent: Microsoft-CryptoAPI/6.1

Host: g.symcd.com

HTTP/1.1 200 OK

Server: nginx/1.4.7

Content-Type: application/ocsp-response

Content-Length: 1362

content-transfer-encoding: binary

Cache-Control: max-age=593013, public, no-transform, must-revalidate

Last-Modified: Sun, 6 Nov 2016 08:48:44 GMT

Expires: Sun, 13 Nov 2016 08:48:44 GMT

Date: Sun, 06 Nov 2016 12:08:43 GMT

Connection: keep-alive

0..N......G0..C.. .....0.....40..00.......j.#.p.e$.\ps.*.. .j..20161106084844Z0f0d0<0... ..........9.....yP..`...<.......*.A.....>U....... ...:.....20161106084844Z....20161113084844Z0...*.H....................?....@~...r[...0}..r.lg..........Y.....9F3.DOzk..}.B..'.....)......e"J~].G.a.......1.g.' .......w..f,.J.D...#..E....=6{....!9....t!.T.y....2NT.9.h.S.......N...f...... .a.....5X......10....L..@.Q.A.1....mq.@.....b...D...K...v,AiX..1....5F=..X.....2U.....0...0..|0..d........:.0...*.H........0B1.0...U....US1.0...U....GeoTrust Inc.1.0...U....GeoTrust Global CA0...151203170230Z..161214170230Z02100...U...'GeoTrust Global CA TGV OCSP Responder 40.."0...*.H.............0.........[.c.#zj......RME.....,......(..U......!-.l..R..E.~..%."./8mv..D...*...Rx........mw.~2..Q5T\.H...Wk*..a.z.$._..T......;T.S.r(._*.G....^.P.!.3..t.......s......P....C._.g.b.oK...EV..>...>.|.o.~quo.............v4..Tt....Q.]A.Y......... w.E..=.%.n7.......{" *C........0..0...U.#..0....z.h.....d..}.}e...N0... .....0......0...U.%..0... .......0...U...........0...U.......0.0 ..U....0...0.1.0...U....TGV-C-670...*.H...............aEc<..'R......]C.ri.Zm.....|..B.$..76..h....l...Xbxua...C.X.S....~K..A..._.T@$.....9(.... ......\.*.....5.b.x...[QM.._9P.=..l...gf..L.?..3 ......Z....._...20R;...x.......C..0....l.G.A..5TS>d.U......w.(\....v..9.z7.....J..;..'...u.Y...BB.@.2u.e..eW..J.U....

<<< skipped >>>

GET /js/min_signup_page.js?1.00401.0 HTTP/1.1

Accept: application/javascript, */*;q=0.8

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434120; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dS|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:42 GMT

Server: Apache/2.4.7 (Ubuntu)

Expires: Sun, 06 Nov 2016 14:08:42 GMT

Cache-Control: max-age=7200, public

Pragma: cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wal=1478434122; expires=Mon, 06-Nov-2017 12:08:42 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:42 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Length: 333

Connection: close

Content-Type: application/javascript

Set-Cookie: APPSESSID=w20|WB8dT|WB8dS; path=/

Cache-control: private

.............j.1...-......%ji.T.....>..8...&K2Q...M6...^y....d2...._.......r......h.g_.w..g.R*X..YH....X.-.bH;$..[f.P...;X.kk.....6j..(.V*. N.c..r... ..H..c...XZ.s`E.... `..]J../."cS....C..v.....<.Rc#.....i.?..O..;gBO.....!._..2,.....J...'V.u..W..\<.6.E..........5..>.E...0 .>.;;u.....l.....};>....~5. ..g6...7_q..O...9.\1..o....o.....

GET /dc.js HTTP/1.1

Accept: application/javascript, */*;q=0.8

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: stats.g.doubleclick.net

Connection: Keep-Alive

HTTP/1.1 200 OK

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload

Date: Sun, 06 Nov 2016 11:06:28 GMT

Expires: Sun, 06 Nov 2016 13:06:28 GMT

Last-Modified: Wed, 28 Sep 2016 20:19:01 GMT

X-Content-Type-Options: nosniff

Content-Type: text/javascript

Vary: Accept-Encoding

Content-Encoding: gzip

Server: Golfe2

Content-Length: 15977

Age: 3736

Cache-Control: public, max-age=7200

...........}kW....w~........pk..f......Z.R..Y.C 8i.pi......b..}.>g..Kl...}4....d....O...-.....`~...E...]7..>..>....Pf.a.yU."HCC...i...T*..b.....'..Olf[.Y.[c6P/.....'n.m'..m.... !_XXll..&..(..E..V=/.u.X..%.w...i..rDoT.....?>z..1`.D...y...y7. \...5ZI...TA..........C...p3..A..x.k.q4.2...?L.k=.v....4.:sB[...l.w.o {.....?Nc....|..........q.........[.n..2..X~.......S.f.]h~....7:.n...m.C#6...........#....y...7.|..f.W.>..wS......)..Q....i......z......D.`...7N....y.C;....`1....x..p.tG.L..=..1r...M..2..)xa...{0!..5...^...7..."..........J8... ...5.O....l...r...|....R...P.0ok.8.Z.2....i|...S.y.od...~..k.>.....0vGr.mI.....0.&&yg.sf2......m.....G=0..B.6..u....A.h.A.0.V.:.-...j..L.....5.E.[...Q.{2imA......T........~. ...0*%.....>......hX...ga1./$......f.#..d,.|www5/XX...c5..D-.....p.h..8D.@./.X,.....&gTV..5..,.x..?.....(.>?6Sy.].`.]...'-"....-...........(.n.@_"p"`.*...T.1.$..t.....o?.."../.kX.)L.....-.....E1M.....@..T.F9.,HP........# ....d...-,.......-.j..BS....9...%.~Sug,...`."...4a..@.p]..yn.i(5.....U.r..$j..0{|.i.5........H}.......A=..&.Vq....4<..*7c.<b.....OQ8X...&..a/a.....aI.j.7.E.:cuV=.P.q..d.....X....#..@.T...q......U.T~.@.C......S.#....Q.....K......A.y._....z|..9...9.zM......%m........m).?4.Q...c.....PTDB&..7.-G....E.....E.7.t.V..G....._..!.....xt..}.......Ev..x..a.{...d.. .q./..OB|..6..{....a^.......@?.......o.....*T.;/Oa.......J..........I.)......J..#..A....FS.....t.H..h...W..|B.~..t.6..........t"<..z..||.......8..B9......x.a....m.V[.=...K!..\.....w."d...=>.B..(K...u.....~.".@b

<<< skipped >>>

GET /signup?aid=3673&inline=0&afr=0 HTTP/1.1

Accept: text/html, application/xhtml xml, */*

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434120; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dS|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:40 GMT

Server: Apache/2.4.7 (Ubuntu)

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wal=1478434120; expires=Mon, 06-Nov-2017 12:08:40 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:40 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:40 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Length: 1996

Connection: close

Content-Type: text/html; charset=utf-8

...........X{o.8......X..v..d'..e.h.(....%.........."U..-\..oHI~5... .-.....3..>......).....z...S.t.......l6.f..TI.=88.... ......L. .P.p<....r*....#..1..=...M.....r........u$>|.....Ka@.....#Q.....MhE9"..*..............2A.kz..&Br.0(.R.....y...#.A........;.@U4... 9.3.%...&.KE..@/,..:....i.V....J.5..t.Xf.. ..bBE......PN..(.v...L.............X.~J.*b...V..v..P..OS .&L..W....d..|%.;..vk.=@1.*. .=.Y{C...M..6..M...-.Gh....m.J.....^...0..-.%..q...F.&g4....5.#..ML .4.....f.}3.0..1H...}.|.2.@.'(.:.F..H.._..c.9...7,..S.f......'............b.......t.7...w.......o..\..|.3.3......'R.(7.E..L.....u.................XJ...~y....^...$...:(....6..H.wc.2^...J..P3.u..........t:^%.)8..3j......~....._.).........qE.e..n..)-W.\.).....!.|.I.4!...s.j.....Q.~-...4R7.*.L.a...\q..Z.....^K. ....P.!........r@.^X.......E...t.iL..r6.....T.v...1H.@..u.N.M.?........2....V.~.^.u...b..f....x.X......^.h.a....C.{...4KD..3L......U...i....t.T).. B.6....j......F.lw.V.^..r.K.-L.=^u=...-a@@...HH...J@.[6&...Srp7X.o.9...[u.......wk(..w.Q9..4...9d..8u.S.....\^.?....x.^.":...c/2.....ay......V,...{..(.}..8...............m.4fx..Y...p.c..k.}...V..@...C..........v..w.v....I&...fWK.2d..4...._].47.r.-| %l...e.g..|.......o.].o..V.QqX..gya../h$...ke{..d...n.C...G...i.I..{..........m.m?F~".V..`.dOlT..>q.=.rv.q...Y.=B.E&z...:e0..Z..v.4E....". ....[.Y...}.d.....7,.t....ye7...9. .f..4I..Q.9....!...#...j....>o._.6.].....G."...@....k.k".2zU...*E....&..K.n;wGD..UH....c.....0....6..j..[........7.qA"N5......Z..!..FI.1.3..#k.%v..[.....)aq...|......TmT..i.@.E....7..

<<< skipped >>>

GET /installer/progress?section=7.0&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:28 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=d07ar9u04vrn17cocnmdc481g2; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341086100816; expires=Mon, 06-Nov-2017 12:08:28 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434108; expires=Mon, 06-Nov-2017 12:08:28 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:28 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:28 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w28|WB8dP|WB8dP; path=/

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEATh56TcXPLzbcArQrhdFZ8= HTTP/1.1

Cache-Control: max-age = 511667

Connection: Keep-Alive

Accept: */*

If-Modified-Since: Thu, 13 Oct 2016 04:57:34 GMT

If-None-Match: "57ff143e-1d7"

User-Agent: Microsoft-CryptoAPI/6.1

Host: ocsp.digicert.com

HTTP/1.1 200 OK

Accept-Ranges: bytes

Cache-Control: max-age=499258

Content-Type: application/ocsp-response

Date: Sun, 06 Nov 2016 12:08:50 GMT

Etag: "581eb58e-1d7"

Expires: Sun, 13 Nov 2016 00:08:50 GMT

Last-Modified: Sun, 06 Nov 2016 04:46:06 GMT

Server: ECS (vie/F2D5)

X-Cache: HIT

Content-Length: 471

0..........0..... .....0......0...0.......>.i...G...&....cd ...20161105210000Z0s0q0I0... ............(..A...B..G@B.X....>.i...G...&....cd ........\..m. B.]......20161105210000Z....20161112210000Z0...*.H.............:u.....)(........'....@WHh.B..6Ex.!K^..}H.1..r..0.Ds.6[..[.j.....M.{q,.>p.v...'Q........c.9|Z..j2..!.,z.. ..yG.L..k3.I...Y..p.7...ZFg:.. 1...0&\......D).re@l.I.9R.0...O..$.aS.:]~*..KxP.2,0..D....M.#N......aF...CZ*..xt/.....B..{...~i.yeA..;..{..EMoB>...W8..HTTP/1.1 200 OK..Accept-Ranges: bytes..Cache-Control: max-age=499258..Content-Type: application/ocsp-response..Date: Sun, 06 Nov 2016 12:08:50 GMT..Etag: "581eb58e-1d7"..Expires: Sun, 13 Nov 2016 00:08:50 GMT..Last-Modified: Sun, 06 Nov 2016 04:46:06 GMT..Server: ECS (vie/F2D5)..X-Cache: HIT..Content-Length: 471..0..........0..... .....0......0...0.......>.i...G...&....cd ...20161105210000Z0s0q0I0... ............(..A...B..G@B.X....>.i...G...&....cd ........\..m. B.]......20161105210000Z....20161112210000Z0...*.H.............:u.....)(........'....@WHh.B..6Ex.!K^..}H.1..r..0.Ds.6[..[.j.....M.{q,.>p.v...'Q........c.9|Z..j2..!.,z.. ..yG.L..k3.I...Y..p.7...ZFg:.. 1...0&\......D).re@l.I.9R.0...O..$.aS.:]~*..KxP.2,0..D....M.#N......aF...CZ*..xt/.....B..{...~i.yeA..;..{..EMoB>...W8......

<<< skipped >>>

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTPJvUY+sl+j4yzQuAcL2oQno5fCgQUUWj/kK8CB3U8zNllZGKiErhZcjsCEA7LCTmysQFUuJVwx7Irekc= HTTP/1.1

Connection: Keep-Alive

Accept: */*

User-Agent: Microsoft-CryptoAPI/6.1

Host: ocsp.digicert.com

HTTP/1.1 200 OK

Accept-Ranges: bytes

Cache-Control: max-age=496111

Content-Type: application/ocsp-response

Date: Sun, 06 Nov 2016 12:08:50 GMT

Etag: "581ead2c-1d7"

Expires: Sun, 13 Nov 2016 00:08:50 GMT

Last-Modified: Sun, 06 Nov 2016 04:10:20 GMT

Server: ECS (vie/F2BA)

X-Cache: HIT

Content-Length: 471

0..........0..... .....0......0...0......Qh.....u<..edb...Yr;..20161106033900Z0s0q0I0... .........&....~...B../j..._...Qh.....u<..edb...Yr;.....9...T..p.. zG....20161106033900Z....20161113025400Z0...*.H..............0<.F...PlF....ly@?...r5..J.bYwT.F.|.)... ..-D..9%. #.k..9A?)..F.mxP.q.r-....t...^......6c.F/..cz..3G),sR. k.x..1.o..?...a.r.........)....`.... .P......6.....E..i%N.j...lw.j.l:..`C..#R..`8.....BQud...@...1...J.mT..6..I.@..C?....4$.. q...|...7.5...w..a...y.HTTP/1.1 200 OK..Accept-Ranges: bytes..Cache-Control: max-age=496111..Content-Type: application/ocsp-response..Date: Sun, 06 Nov 2016 12:08:50 GMT..Etag: "581ead2c-1d7"..Expires: Sun, 13 Nov 2016 00:08:50 GMT..Last-Modified: Sun, 06 Nov 2016 04:10:20 GMT..Server: ECS (vie/F2BA)..X-Cache: HIT..Content-Length: 471..0..........0..... .....0......0...0......Qh.....u<..edb...Yr;..20161106033900Z0s0q0I0... .........&....~...B../j..._...Qh.....u<..edb...Yr;.....9...T..p.. zG....20161106033900Z....20161113025400Z0...*.H..............0<.F...PlF....ly@?...r5..J.bYwT.F.|.)... ..-D..9%. #.k..9A?)..F.mxP.q.r-....t...^......6c.F/..cz..3G),sR. k.x..1.o..?...a.r.........)....`.... .P......6.....E..i%N.j...lw.j.l:..`C..#R..`8.....BQud...@...1...J.mT..6..I.@..C?....4$.. q...|...7.5...w..a...y...

<<< skipped >>>

GET /css/min_general.css?1.00401.0 HTTP/1.1

Accept: text/css

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cookie: _wau=14784341069875129; _wal=1478434120; not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; _waab=37,22,71,50,81,44,51,39,61,34; PHPSESSID=rlivefmasanafnoloud4mvv1v1; APPSESSID=w20|WB8dS|WB8dS

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:41 GMT

Server: Apache/2.4.7 (Ubuntu)

Expires: Sun, 06 Nov 2016 14:08:41 GMT

Cache-Control: max-age=7200, public

Pragma: cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wal=1478434121; expires=Mon, 06-Nov-2017 12:08:41 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:41 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Length: 18549

Connection: close

Content-Type: text/css;charset=UTF-8

Set-Cookie: APPSESSID=w20|WB8dT|WB8dS; path=/

Cache-control: private

...........}...H...h.0\.H2/IT&zf..............(.J.M.,.r.....xq...C.T.gm..DF..^D...k. .C58.....{.)..q|_..y...q.*v.V...l.].......>...F.7...).;..7o.....6.*}.........d..<ysw<.ny;....*]m.E^.g..O.>...Cz.,.|...iw...T...<Y}..g...H..../7Y..>.y;...]R}.&.-..:]..2.W_.......{(6....y).U.aW.Sz...?..<.&..7o.ZQ`.s.|C...h..v...9.g.[..L..l.O.-..:=.zO.b.e..>..e.......j.m....n..6.n..6.n'..tX..y.......ayH..0Y...du(._vC......U.N..4..7.a..f.....5.]...a..O.0...,.....B..y.$U..>...U....*).... ..jS......y. _..z...lE.&.....2...=..!.O.C......S9.'d.d..n....}s...............Uw.Rh5.GINN..erL.l.>i.I.$....1..1.M[.v...tr...<.rK.......=...o..Y.>..zd}...<O.cz{L...T)...,....IN,..c.~..P.tS..?.......B.w..H..>..7vO%..5..hs....<}...v..eN...&...........4Ov...7....G........WO..`..1.....X....... ..._O..Kq......f....o.t.....![W[X{...T>"t........MQ.C....L9m.'.m>.s..Jaf..d.....m...5^f..e.YE..h..;.P..wyZUhAG.....:].d....i....q...M.......n.....25..!.1.d.yv$.R}.9........[..l..,-.{.,.-F#r.5.....O.G.(..Y..y...*.r....O...]...Lw....w..k.B...Z.<m.gd..i.....o.F...&.&t6..d]<.....V`H6......P%..^g.2..hkyN...Ye.X..G...t.......H.m..>....!..W..t..v.pa@.p...SHz. .Wt6'.X..M>%.).:.{hL.._....N.8k........|.D.....8o@O..@v.9........ [....*v.|.FK.....aY|24..Cm.....U.8[.r....'z[.?..k.c'......c...d....RA.0.zS......DG?...........5.....v.O..>...9%...=.K...R.V..$.Y:...o....i.&..:.....s.iL.3.......@..^...d.r..|j.?}?.1|........).&..6..f 5.7.Xbo.v.$....w...i....D.)q..L}b.J.8...EUo..#,.<....M4.:J..........%....~....h...*..

<<< skipped >>>

GET /ajax/libs/jquery/1.7/jquery.min.js?1.00401.0 HTTP/1.1

Accept: application/javascript, */*;q=0.8

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: ajax.googleapis.com

Connection: Keep-Alive

HTTP/1.1 200 OK

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Type: text/javascript; charset=UTF-8

Access-Control-Allow-Origin: *

Timing-Allow-Origin: *

Date: Tue, 25 Oct 2016 05:15:53 GMT

Expires: Wed, 25 Oct 2017 05:15:53 GMT

Last-Modified: Fri, 16 Oct 2015 18:27:31 GMT

X-Content-Type-Options: nosniff

Server: sffe

Content-Length: 33622

X-XSS-Protection: 1; mode=block

Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000

Age: 1061568

...............F.?...).hM...H.l....qeYn...Xr.=,..\$..%.u.E......m|#2...,.g....H$... ..>o....6.|<....o..g..x......<.6...H..6?{.._..v......U.<.........|w.Y..;...b....p..qg......y.E.>.;Y>.o......~.w..&_....uy([.E...o..a<.....Y...d.}TY4.. .....^....|.._.I..(.....e.v=.?zA?.l......>5..x..2..{......~..7.|...].f./h\.W.7."....t....M.o"z./...?.y1...^..=...b.Q{._ ...-.Wi:H.....rgW`./K.\..\..._*.w.7....qg{.^.6;Z..oi.....E.w..g..b...ibm.....j/1.y'...X.,.Ce.1W@..D2...W5S...te].t..WQ~........t..i.x..;y.N.t.I.....?.....-`.......G[5.M..(..A.t.t.E..Q..m.h.....|u.......~..-.Z....>.m>..^..gq.......>..4..."..........|......>..lh....iSc.f.[...I...?Lh.....L...*..|s~...[..J.q........hK..xP.5U...y....j.n.l....Z..Z.u.......?.*..v.O....e.7..bI..M..7..6....gS:>...XN<.[>.vv.oV...u...]r>.NGA...p........s/....|Nx...-.;?....q.......Q.(..Ftj..s.p..e...........Y......Og....M.......W......#i..[.. *]...j.z.e.....f..VA?.3ss.........9..fC.{...d.[..xC..k/....!X.^.w.[....l.6.h9X.i...........c@.......@.[5.....6.v."..U...-..[. T`.&.....p2,F#...6...r...."<3-.;?P..QB.L....$.F..3.w?....cB...Gv....bU...<......s.......DP:.K..0kL51..5.E..P.h...D.....k..)^....n.x.&*..,........^.*...bfqD6.......,&.....{.........%%.J..c..'_.L.*f.}..h.........#o....$..G...'Bv.|.R...P.Q../1C.V&.l.9.....7%.e...Y=.t...:..^.g...|..........5.n.{.n.-COi...QK....o....>PO..s.../......o..............4Dc...l..I4A.j2....0.#x.'.n=5.....qa..L..}..<.~q5................N..7a^.h-.>..G.y...3..&.@..r.s.<.........G..W.Q.*...;.....*.

<<< skipped >>>

GET /installer/start?v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:04 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=sb30ufbssqerpn069qsljfldf1; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784340844690433; expires=Mon, 06-Nov-2017 12:08:04 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434084; expires=Mon, 06-Nov-2017 12:08:04 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:04 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:04 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w26|WB8dJ|WB8dJ; path=/

GET /connect/xd_arbiter/r/fTmIQU3LxvB.js?version=42 HTTP/1.1

Accept: text/html, application/xhtml xml, */*

Referer: hXXp://VVV.technologieyvonlheureux.com/signup?aid=3673&inline=0&afr=0

Accept-Language: en-US

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Accept-Encoding: gzip, deflate

Host: staticxx.facebook.com

Connection: Keep-Alive

HTTP/1.1 200 OK

Expires: Sat, 04 Nov 2017 21:55:06 GMT

Strict-Transport-Security: max-age=15552000; preload

Cache-Control: public,max-age=31536000,immutable

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data:;style-src data: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* hXXps://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com;

Content-Type: text/html; charset=utf-8

X-Content-Type-Options: nosniff

X-XSS-Protection: 0

Vary: Accept-Encoding

Content-Encoding: gzip

X-FB-Debug: NOFfziK/Z 3Hc6pFjPrQIcxs05h62zzPT CBRjMm 7EsvDNwhAgxHQGuEsp/8YUEar3M/3Z7A0Ta7cFDLNxzmQ==

Date: Sun, 06 Nov 2016 12:08:46 GMT

Connection: keep-alive

Content-Length: 11595

...........}i{.H.....X.-..u.....5.*WO.[.VU......@"....l.......$H..g.y.yz,.32"2....'.?....... _F.C....|..yD....:I..^.I...N.$...4..,.gZ@..M...z..}.....37.W.....%....;....Q.n....i..8..t9.c7Z{4.V..A..'.iJ6m?M.f.h.....$6...V...u..y.&.ZLo.....L.$5.......f....T[.....z.9.!...$.1 .qob.......<.3..| ......O|..f.$.m...H.=R...aNS.'i_.._..^y.fr..2...r:.'....Zsk.X...\6.. r<...'l..........aD..ciG.....i..bjn...}C.5..g..v..."...Vh...pb..-.7x..#......)..i....8SlSQ............v......86...X.^...0F.(....6........F.o.^..8'.Wi.'.u;O..)l.>91a......d..L....t.........v.....D.Ys`).cr.....C]......N...(.i0....Cs..'*....J...$..r...C5..].O.;.!.."..~~...>7...h>...Y.e...G.g..lb.,j...3I.S.aI.....;Pc;.0....T.....'..q%.....L...68..H.k.t2P..:.@t.PY........xUbS.S....H...ci`....{...%.3hkfu.>..c....."..v.. #..q..=..0..0.......s.......Vk. ...>.L.T...........r.j..a..p...../.b.z.HLj.......kw.@..j...l.O.#.N.x4Mj..........b.(...G.d0r...........Jf.....oy......<C.........80....:..Z3..3..=c..v4........mqV).....$.$n..(Q^[.........F.f..d...Q...Us.tm..p.A[.[......@....W.,@DK.E.uhq...R..J..Kc4.lw..R.K..f. .6..\.q.l.'..f......".'.7$'.)...W.%K..8,.....Kc..,...BTS........9.........>.S~..1.....8..d.f.1.3.iA.U...0"Y.t.G...w..D-2...3..4....V.*..|.m6I...pjH....Ic.......n..W...E5....\.,...:.....E....]........@..vpnwGA.vZ.`!..X3.NO......I...A.H..'......gi^\.V....i............S.\d...k9C.CsVQ.l......V @.....}..?..x.9j..E.%..... .g....q..g65...*....M\t=.D.3....Y...F...m...n H..$.....Zf.(.>.. ?B.V..4E|.........G.n..(..^:4....v.!.Vy.C....%c.\o6e.

<<< skipped >>>

GET /ocsp/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBTy4Gr5hYodjXCbSRkjeqm1Gih+ZAQUSt0GFhu89mi1dvWBtrtiGrpagS8CCB2zJf1Xylv2 HTTP/1.1

Connection: Keep-Alive

Accept: */*

User-Agent: Microsoft-CryptoAPI/6.1

Host: clients1.google.com

HTTP/1.1 200 OK

Content-Type: application/ocsp-response

Date: Fri, 04 Nov 2016 10:35:29 GMT

Expires: Tue, 08 Nov 2016 10:35:29 GMT

Server: ocsp_responder

Content-Length: 463

X-XSS-Protection: 1; mode=block

X-Frame-Options: SAMEORIGIN

Age: 178394

Cache-Control: public, max-age=345600

0..........0..... .....0......0...0......J......h.v....b..Z./..20161104010148Z0k0i0A0... ..........j.....p.I.#z...(~d..J......h.v....b..Z./....%.W.[.....20161104010148Z....20161111010148Z0...*.H.............P............-9..K.......}...Ad{N..K...ddlbi..C8.._:..K......O29..:..........r.....w[.."m...y"-.B..'..Z#..1.o.^*JzAz.)..V...?...79&Z...0....l<...$..o.f.-....(...P.I..U..|.....!2^ .f..m..8K.2dHQ...?.y......a...JK.b..!...XA.$0..X...M._..t....h...E.?.<.Op....HTTP/1.1 200 OK..Content-Type: application/ocsp-response..Date: Fri, 04 Nov 2016 10:35:29 GMT..Expires: Tue, 08 Nov 2016 10:35:29 GMT..Server: ocsp_responder..Content-Length: 463..X-XSS-Protection: 1; mode=block..X-Frame-Options: SAMEORIGIN..Age: 178394..Cache-Control: public, max-age=345600..0..........0..... .....0......0...0......J......h.v....b..Z./..20161104010148Z0k0i0A0... ..........j.....p.I.#z...(~d..J......h.v....b..Z./....%.W.[.....20161104010148Z....20161111010148Z0...*.H.............P............-9..K.......}...Ad{N..K...ddlbi..C8.._:..K......O29..:..........r.....w[.."m...y"-.B..'..Z#..1.o.^*JzAz.)..V...?...79&Z...0....l<...$..o.f.-....(...P.I..U..|.....!2^ .f..m..8K.2dHQ...?.y......a...JK.b..!...XA.$0..X...M._..t....h...E.?.<.Op......

GET /installer/progress?section=4.0&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6 HTTP/1.1

User-Agent: NSIS_Inetc (Mozilla)

Host: VVV.technologieyvonlheureux.com

Connection: Keep-Alive

Cache-Control: no-cache

HTTP/1.1 200 OK

Date: Sun, 06 Nov 2016 12:08:21 GMT

Server: Apache/2.4.7 (Ubuntu)

Set-Cookie: PHPSESSID=bs0m4ij9jv9hskjmh7m4irlt76; path=/; domain=.technologieyvonlheureux.com

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Set-Cookie: _wau=14784341012219988; expires=Mon, 06-Nov-2017 12:08:21 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _wal=1478434101; expires=Mon, 06-Nov-2017 12:08:21 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: not_logged_unique_id=47936C0FEA50B790BD59E50713FEF01C; expires=Mon, 06-Nov-2017 12:08:21 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Set-Cookie: _waab=37,22,71,50,81,44,51,39,61,34; expires=Mon, 06-Nov-2017 12:08:21 GMT; Max-Age=31536000; path=/; domain=.technologieyvonlheureux.com

Content-Length: 0

Connection: close

Content-Type: text/html; charset=utf-8

Set-Cookie: APPSESSID=w14|WB8dO|WB8dO; path=/

x%c

x%c

RegDeleteKeyExA

RegDeleteKeyExA

sers\"%CurrentUserName%"\AppData\Local\Temp\nsn66FD.tmp\inetc.dll

sers\"%CurrentUserName%"\AppData\Local\Temp\nsn66FD.tmp\inetc.dll

02&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

02&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

C:\Users\"%CurrentUserName%"\AppData\Local\Temp\nsn66FD.tmp\inetc.dll

C:\Users\"%CurrentUserName%"\AppData\Local\Temp\nsn66FD.tmp\inetc.dll

firstrun=1&lp=1&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

firstrun=1&lp=1&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

C:\Users\"%CurrentUserName%"\AppData\Local\Temp\nsn66FD.tmp

C:\Users\"%CurrentUserName%"\AppData\Local\Temp\nsn66FD.tmp

AC76BA86-7AD7-1033-7B44-A93000000001}

AC76BA86-7AD7-1033-7B44-A93000000001}

run=1&lp=1&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

run=1&lp=1&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

q*R.bl_

q*R.bl_

e.XM.

e.XM.

$X.Zp

$X.Zp

X:\7|E

X:\7|E

.dJb& &:pa

.dJb& &:pa

.Aakr

.Aakr

%5X*/

%5X*/

MJ.Qm

MJ.Qm

;#;(;-;2;;;

;#;(;-;2;;;

: :%:3:<:>

: :%:3:<:>

: :$:(:,:0:4:8:<:>

: :$:(:,:0:4:8:<:>

5"64686

5"64686

= =$=(=,=0=4=8=

= =$=(=,=0=4=8=

= =$=(=,=0=4=8=

= =$=(=,=0=4=8=

3"3,363@3

3"3,363@3

= =(=0=8=

= =(=0=8=

1 1$1(1,10141

1 1$1(1,10141

:\Users\"%CurrentUserName%"\AppData\Local\Temp\nsn66FD.tmp\inetc.dll

:\Users\"%CurrentUserName%"\AppData\Local\Temp\nsn66FD.tmp\inetc.dll

p?firstrun=1&lp=1&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

p?firstrun=1&lp=1&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

C:\Users\"%CurrentUserName%"\AppData\Local\Temp\nsiFCFE.tmp

C:\Users\"%CurrentUserName%"\AppData\Local\Temp\nsiFCFE.tmp

nsiFCFE.tmp

nsiFCFE.tmp

File: skipped: "C:\Users\"%CurrentUserName%"\AppData\Local\Temp\nsn66FD.tmp\inetc.dll" (overwriteflag=1)

File: skipped: "C:\Users\"%CurrentUserName%"\AppData\Local\Temp\nsn66FD.tmp\inetc.dll" (overwriteflag=1)

D.tmp\inetc.dll"

D.tmp\inetc.dll"

902d1298b7313b2bf0050dd40.ico,0, sw=0, hk=0

902d1298b7313b2bf0050dd40.ico,0, sw=0, hk=0

\AppData\Local\Temp\nsn66FD.tmp\inetc.dll

\AppData\Local\Temp\nsn66FD.tmp\inetc.dll

Windows\815346a4778321839cef8ab48bf110e2.exe

Windows\815346a4778321839cef8ab48bf110e2.exe

Adobe Reader 9.3.4

Adobe Reader 9.3.4

.NET Framework 4 Client Profile (KB2656405)

.NET Framework 4 Client Profile (KB2656405)

gram Files\Internet Explorer\iexplore.exe

gram Files\Internet Explorer\iexplore.exe

:\Program Files\Internet Explorer\iexplore.exe

:\Program Files\Internet Explorer\iexplore.exe

c:\%original file name%.exe

c:\%original file name%.exe

%Program Files%\be105bbb97d93cef6c0d6cf170a32291\5fc72d63d5eb71c8dff05712551a63cb

%Program Files%\be105bbb97d93cef6c0d6cf170a32291\5fc72d63d5eb71c8dff05712551a63cb

%original file name%.exe

%original file name%.exe

ers\"%CurrentUserName%"\AppData\Local\Temp\nsd5EB3.tmp

ers\"%CurrentUserName%"\AppData\Local\Temp\nsd5EB3.tmp

C:\Users\"%CurrentUserName%"\AppData\Local\Temp\

C:\Users\"%CurrentUserName%"\AppData\Local\Temp\

269092128

269092128

1478434084

1478434084

%Program Files%\Internet Explorer\iexplore.exe

%Program Files%\Internet Explorer\iexplore.exe

%Program Files%\be105bbb97d93cef6c0d6cf170a32291

%Program Files%\be105bbb97d93cef6c0d6cf170a32291

88dcd395-b062-45b3-a6cd-79f37c0eba08

88dcd395-b062-45b3-a6cd-79f37c0eba08

hXXp://VVV.technologieyvonlheureux.com/web/log

hXXp://VVV.technologieyvonlheureux.com/web/log

hXXp://VVV.technologieyvonlheureux.com/web/log?evt=10002&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

hXXp://VVV.technologieyvonlheureux.com/web/log?evt=10002&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

IE.HTTP

IE.HTTP

"%Program Files%\Internet Explorer\iexplore.exe" -nohome

"%Program Files%\Internet Explorer\iexplore.exe" -nohome

C:\Users\"%CurrentUserName%"\AppData\Local\Temp\nss92DE.tmp

C:\Users\"%CurrentUserName%"\AppData\Local\Temp\nss92DE.tmp

0728832

0728832

twitter.ico

twitter.ico

03967CDD-F8BD-4AC9-8369-0D2BD8F246F5}

03967CDD-F8BD-4AC9-8369-0D2BD8F246F5}

6.1.7600.16385 (win7_rtm.090713-1255)

6.1.7600.16385 (win7_rtm.090713-1255)

C:\ProgramData\Microsoft\Windows\Start Menu\Programs

C:\ProgramData\Microsoft\Windows\Start Menu\Programs

815346a4778321839cef8ab48bf110e2.exe

815346a4778321839cef8ab48bf110e2.exe

dd4e70c902d1298b7313b2bf0050dd40.ico

dd4e70c902d1298b7313b2bf0050dd40.ico

bc5601ccb5de9f6cb8cd31285eef3bbe.ico

bc5601ccb5de9f6cb8cd31285eef3bbe.ico

ffdefbf88c95cae97a1671206e9fe39e.ico

ffdefbf88c95cae97a1671206e9fe39e.ico

-2046754816

-2046754816

-2147410511

-2147410511

61fda4ee77910796d32333421184d8b6.exe

61fda4ee77910796d32333421184d8b6.exe

3514ea1003608a0c7fb4630ce20fd94c.exe

3514ea1003608a0c7fb4630ce20fd94c.exe

ce1c22c865645f1f8a89a398e374a17f.exe

ce1c22c865645f1f8a89a398e374a17f.exe

fe31ca0af645687ee3c5b1da57895877.exe

fe31ca0af645687ee3c5b1da57895877.exe

c850ebe35760d7b12fc1318953221f59.exe

c850ebe35760d7b12fc1318953221f59.exe

525bac57de7cb6660b9a54b1a6b27dc9.exe

525bac57de7cb6660b9a54b1a6b27dc9.exe

C:\Windows\815346a4778321839cef8ab48bf110e2.exe

C:\Windows\815346a4778321839cef8ab48bf110e2.exe

hXXp://VVV.technologieyvonlheureux.com/index.php?firstrun=1&lp=1&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

hXXp://VVV.technologieyvonlheureux.com/index.php?firstrun=1&lp=1&v=d9.75.1.48&tv=1.0-10000&unique_id=47936C0FEA50B790BD59E50713FEF01C&mid=9c331592e812c97b86f3693753f893e6&aid=3673&aid2=none&ts=1478434084&ts2=&brw=iexplore&mi=1&ma=6

)-.Yln

)-.Yln

Nullsoft Install System v19-Mar-2012.cvs

Nullsoft Install System v19-Mar-2012.cvs

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear\Uninstall Social2Search\uninstall.lnk

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear\Uninstall Social2Search\uninstall.lnk

lorer\iexplore.exe" -nohome

lorer\iexplore.exe" -nohome

er 9.3.4

er 9.3.4

%original file name%.exe_2472_rwx_10004000_00001000:

callback%d

callback%d

61fda4ee77910796d32333421184d8b6.exe_656:

.text

.text

`.rdata

`.rdata

.xdata

.xdata

@.rsrc

@.rsrc

@.reloc

@.reloc

zcÁ

zcÁ

.?AV?$_Ref_count_del@PAUHKEY__@@V@@@std@@

.?AV?$_Ref_count_del@PAUHKEY__@@V@@@std@@

function not supported

function not supported

operation canceled

operation canceled

address_family_not_supported

address_family_not_supported

operation_in_progress

operation_in_progress

operation_not_supported

operation_not_supported

protocol_not_supported

protocol_not_supported

operation_would_block

operation_would_block

address family not supported

address family not supported

broken pipe

broken pipe

inappropriate io control operation

inappropriate io control operation

not supported

not supported

operation in progress

operation in progress

operation not permitted

operation not permitted

operation not supported

operation not supported

operation would block

operation would block

protocol not supported

protocol not supported

Operation not permitted

Operation not permitted

Inappropriate I/O control operation

Inappropriate I/O control operation

Broken pipe

Broken pipe

operator

operator

GetProcessWindowStation

GetProcessWindowStation

4#

4#

$!=820%4

$!=820%4

FVAEPYKD.pdb

FVAEPYKD.pdb

NtDelayExecution

NtDelayExecution

KERNEL32.dll

KERNEL32.dll

USER32.dll

USER32.dll

RegOpenKeyExW

RegOpenKeyExW

RegCloseKey

RegCloseKey

ADVAPI32.dll

ADVAPI32.dll

SHDeleteKeyW

SHDeleteKeyW

SHLWAPI.dll

SHLWAPI.dll

CreateNamedPipeW

CreateNamedPipeW

GetWindowsDirectoryW

GetWindowsDirectoryW

GetProcessHeap

GetProcessHeap

GetCPInfo

GetCPInfo

RegOpenKeyW

RegOpenKeyW

RegCreateKeyW

RegCreateKeyW

ole32.dll

ole32.dll

405;6{6(8

405;6{6(8

1a2%4s4

1a2%4s4

: :$:(:,:0:4:8:

: :$:(:,:0:4:8:

;";=;`;{;

;";=;`;{;

4989

4989

1 1(10181@1

1 1(10181@1

ADVAPI32.DLL

ADVAPI32.DLL

- floating point support not loaded

- floating point support not loaded

- CRT not initialized

- CRT not initialized

- Attempt to initialize the CRT more than once.

- Attempt to initialize the CRT more than once.

USER32.DLL

USER32.DLL

ntdll.dll

ntdll.dll

kernel32.dll

kernel32.dll

mscoree.dll

mscoree.dll

%Program Files%\be105bbb97d93cef6c0d6cf170a32291\61fda4ee77910796d32333421184d8b6.exe

%Program Files%\be105bbb97d93cef6c0d6cf170a32291\61fda4ee77910796d32333421184d8b6.exe

wajam.dll

wajam.dll

\\.\pipe\

\\.\pipe\

\BaseNamedObjects\_MMapEvent_0x%x_0x%x

\BaseNamedObjects\_MMapEvent_0x%x_0x%x

9.75.1.48

9.75.1.48

61fda4ee77910796d32333421184d8b6.exe_656_rwx_010EA000_00002000:

zcÁ

zcÁ

.?AV?$_Ref_count_del@PAUHKEY__@@V@@@std@@

.?AV?$_Ref_count_del@PAUHKEY__@@V@@@std@@

61fda4ee77910796d32333421184d8b6.exe_656_rwx_01103000_00005000:

4#

4#

$!=820%4

$!=820%4

FVAEPYKD.pdb

FVAEPYKD.pdb

NtDelayExecution

NtDelayExecution

.text

.text

KERNEL32.dll

KERNEL32.dll

USER32.dll

USER32.dll

RegOpenKeyExW

RegOpenKeyExW

RegCloseKey

RegCloseKey

ADVAPI32.dll

ADVAPI32.dll

SHDeleteKeyW

SHDeleteKeyW

SHLWAPI.dll

SHLWAPI.dll

CreateNamedPipeW

CreateNamedPipeW

GetWindowsDirectoryW

GetWindowsDirectoryW

GetProcessHeap

GetProcessHeap

GetCPInfo

GetCPInfo

%Program Files%\be105bbb97d93cef6c0d6cf170a32291\61fda4ee77910796d32333421184d8b6.exe

%Program Files%\be105bbb97d93cef6c0d6cf170a32291\61fda4ee77910796d32333421184d8b6.exe

wajam.dll

wajam.dll

ntdll.dll

ntdll.dll

kernel32.dll

kernel32.dll

\\.\pipe\

\\.\pipe\

\BaseNamedObjects\_MMapEvent_0x%x_0x%x

\BaseNamedObjects\_MMapEvent_0x%x_0x%x

61fda4ee77910796d32333421184d8b6.exe_2552:

.text

.text

`.rdata

`.rdata

.xdata

.xdata

@.rsrc

@.rsrc

@.reloc

@.reloc

zcÁ

zcÁ

.?AV?$_Ref_count_del@PAUHKEY__@@V@@@std@@

.?AV?$_Ref_count_del@PAUHKEY__@@V@@@std@@

function not supported

function not supported

operation canceled

operation canceled

address_family_not_supported

address_family_not_supported

operation_in_progress

operation_in_progress

operation_not_supported

operation_not_supported

protocol_not_supported

protocol_not_supported

operation_would_block

operation_would_block

address family not supported

address family not supported

broken pipe

broken pipe

inappropriate io control operation

inappropriate io control operation

not supported

not supported

operation in progress

operation in progress

operation not permitted

operation not permitted

operation not supported

operation not supported

operation would block

operation would block

protocol not supported

protocol not supported

Operation not permitted

Operation not permitted

Inappropriate I/O control operation

Inappropriate I/O control operation

Broken pipe

Broken pipe

operator

operator

GetProcessWindowStation

GetProcessWindowStation

4#

4#

$!=820%4

$!=820%4

FVAEPYKD.pdb

FVAEPYKD.pdb

NtDelayExecution

NtDelayExecution

KERNEL32.dll

KERNEL32.dll

USER32.dll

USER32.dll

RegOpenKeyExW

RegOpenKeyExW

RegCloseKey

RegCloseKey

ADVAPI32.dll

ADVAPI32.dll

SHDeleteKeyW

SHDeleteKeyW

SHLWAPI.dll

SHLWAPI.dll

CreateNamedPipeW

CreateNamedPipeW

GetWindowsDirectoryW

GetWindowsDirectoryW

GetProcessHeap

GetProcessHeap

GetCPInfo

GetCPInfo

RegOpenKeyW

RegOpenKeyW

RegCreateKeyW

RegCreateKeyW

ole32.dll

ole32.dll

405;6{6(8

405;6{6(8

1a2%4s4

1a2%4s4

: :$:(:,:0:4:8:

: :$:(:,:0:4:8:

;";=;`;{;

;";=;`;{;

4989

4989

1 1(10181@1

1 1(10181@1

ADVAPI32.DLL

ADVAPI32.DLL

- floating point support not loaded

- floating point support not loaded

- CRT not initialized

- CRT not initialized

- Attempt to initialize the CRT more than once.

- Attempt to initialize the CRT more than once.

USER32.DLL

USER32.DLL

ntdll.dll

ntdll.dll

kernel32.dll

kernel32.dll

mscoree.dll

mscoree.dll

c:\program files\be105bbb97d93cef6c0d6cf170a32291\61fda4ee77910796d32333421184d8b6.exe

c:\program files\be105bbb97d93cef6c0d6cf170a32291\61fda4ee77910796d32333421184d8b6.exe

wajam.dll

wajam.dll

\\.\pipe\

\\.\pipe\

\BaseNamedObjects\_MMapEvent_0x%x_0x%x

\BaseNamedObjects\_MMapEvent_0x%x_0x%x

9.75.1.48

9.75.1.48

61fda4ee77910796d32333421184d8b6.exe_2552_rwx_010EA000_00002000:

zcÁ

zcÁ

.?AV?$_Ref_count_del@PAUHKEY__@@V@@@std@@

.?AV?$_Ref_count_del@PAUHKEY__@@V@@@std@@

61fda4ee77910796d32333421184d8b6.exe_2552_rwx_01103000_00005000:

4#

4#

$!=820%4

$!=820%4

FVAEPYKD.pdb

FVAEPYKD.pdb

NtDelayExecution

NtDelayExecution

.text

.text

KERNEL32.dll

KERNEL32.dll

USER32.dll

USER32.dll

RegOpenKeyExW

RegOpenKeyExW

RegCloseKey

RegCloseKey

ADVAPI32.dll

ADVAPI32.dll

SHDeleteKeyW

SHDeleteKeyW

SHLWAPI.dll

SHLWAPI.dll

CreateNamedPipeW

CreateNamedPipeW

GetWindowsDirectoryW

GetWindowsDirectoryW

GetProcessHeap

GetProcessHeap

GetCPInfo

GetCPInfo

c:\program files\be105bbb97d93cef6c0d6cf170a32291\61fda4ee77910796d32333421184d8b6.exe

c:\program files\be105bbb97d93cef6c0d6cf170a32291\61fda4ee77910796d32333421184d8b6.exe

wajam.dll

wajam.dll

ntdll.dll

ntdll.dll

kernel32.dll

kernel32.dll

\\.\pipe\

\\.\pipe\

\BaseNamedObjects\_MMapEvent_0x%x_0x%x

\BaseNamedObjects\_MMapEvent_0x%x_0x%x

61fda4ee77910796d32333421184d8b6.exe_2552_rwx_6C1A1000_00001000:

VERSION.dll

VERSION.dll

iexplore.exe_1304:

.text

.text

`.data

`.data

.rsrc

.rsrc

@.reloc

@.reloc

v9.uj

v9.uj

>.uzf

>.uzf

.us;}

.us;}

IEFRAME.dll

IEFRAME.dll

MLANG.dll

MLANG.dll

iertutil.dll

iertutil.dll

urlmon.dll

urlmon.dll

ole32.dll

ole32.dll

SHELL32.dll

SHELL32.dll

SHLWAPI.dll

SHLWAPI.dll

msvcrt.dll

msvcrt.dll

USER32.dll

USER32.dll

KERNEL32.dll

KERNEL32.dll

ADVAPI32.dll

ADVAPI32.dll

RegOpenKeyExW

RegOpenKeyExW

RegCloseKey

RegCloseKey

GetWindowsDirectoryW

GetWindowsDirectoryW

_amsg_exit

_amsg_exit

_wcmdln

_wcmdln

UrlApplySchemeW

UrlApplySchemeW

PathIsURLW

PathIsURLW

UrlCanonicalizeW

UrlCanonicalizeW

UrlCreateFromPathW

UrlCreateFromPathW

iexplore.pdb

iexplore.pdb

KEYW

KEYW

KEYWh

KEYWh

KEYWD

KEYWD

.ENNNG.

.ENNNG.

a.ry.v

a.ry.v

l.igM4

l.igM4

?1%SGf

?1%SGf

xh.JW^

xh.JW^

.97777"7" " " !

.97777"7" " " !

3.... ))

3.... ))

8888888888888

8888888888888

8888888888

8888888888

.lPV)

.lPV)

úW1

úW1

.ApX/

.ApX/

H.ZAf

H.ZAf

ð[U

ð[U

%s!FK

%s!FK

1YYYY1YY9GEAA=77YRNNNW:.VT1

1YYYY1YY9GEAA=77YRNNNW:.VT1

888777777

888777777

Y.hilkRROMLK=C,

Y.hilkRROMLK=C,

..(((($$

..(((($$

3...((((%

3...((((%

3....(.''$

3....(.''$

3.2...((((%

3.2...((((%

33.2....(,'

33.2....(,'

55323222...

55323222...

(%&'00443445?

(%&'00443445?

00.,,,4(

00.,,,4(

000.,,9(

000.,,9(

0020..9(

0020..9(

003200;(

003200;(

(#'( (''''!'!

(#'( (''''!'!

Microsoft.InternetExplorer.Default

Microsoft.InternetExplorer.Default

user32.dll

user32.dll

Kernel32.DLL

Kernel32.DLL

xfire.exe

xfire.exe

wlmail.exe

wlmail.exe

winamp.exe

winamp.exe

waol.exe

waol.exe

sidebar.exe

sidebar.exe

psocdesigner.exe

psocdesigner.exe

np.exe

np.exe

netscape.exe

netscape.exe

netcaptor.exe

netcaptor.exe

neoplanet.exe

neoplanet.exe

msn.exe

msn.exe

mshtmpad.exe

mshtmpad.exe

mshta.exe

mshta.exe

loader42.exe

loader42.exe

infopath.exe

infopath.exe

iexplore.exe

iexplore.exe

iepreview.exe

iepreview.exe

groove.exe

groove.exe

explorer.exe

explorer.exe

dreamweaver.exe

dreamweaver.exe

contribute.exe

contribute.exe

aol.exe

aol.exe

{28fb17e0-d393-439d-9a21-9474a070473a}

{28fb17e0-d393-439d-9a21-9474a070473a}

Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings

Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings

DShell32.dll

DShell32.dll

Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe

Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe

Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}

Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}

"%s" %s

"%s" %s

Kernel32.dll

Kernel32.dll

\AppPatch\sysmain.sdb

\AppPatch\sysmain.sdb

-extoff go.microsoft.com/fwlink/?LinkId=106323

-extoff go.microsoft.com/fwlink/?LinkId=106323

-extoff go.microsoft.com/fwlink/?LinkId=106322

-extoff go.microsoft.com/fwlink/?LinkId=106322

-extoff go.microsoft.com/fwlink/?LinkId=106320

-extoff go.microsoft.com/fwlink/?LinkId=106320

kernel32.dll

kernel32.dll

{00000000-0000-0000-0000-000000000000}

{00000000-0000-0000-0000-000000000000}

\\?\Volume

\\?\Volume

shell:%s

shell:%s

Imaging_CreateWebPagePreview_Perftrack

Imaging_CreateWebPagePreview_Perftrack

Browseui_Tabs_Tearoff_BetweenWindows

Browseui_Tabs_Tearoff_BetweenWindows

Frame_URLEntered

Frame_URLEntered

Imaging_CreateWebPagePreview

Imaging_CreateWebPagePreview

WS_ExecuteQuery

WS_ExecuteQuery

Shdocvw_BaseBrowser_FireEvent_WindowStateChanged

Shdocvw_BaseBrowser_FireEvent_WindowStateChanged

IdleTask_Execution_Time

IdleTask_Execution_Time

9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

IEXPLORE.EXE

IEXPLORE.EXE

Windows

Windows

9.00.8112.16421

9.00.8112.16421

iexplore.exe_1412:

.text

.text

`.data

`.data

.rsrc

.rsrc

@.reloc

@.reloc

v9.uj

v9.uj

>.uzf

>.uzf

.us;}

.us;}

IEFRAME.dll

IEFRAME.dll

MLANG.dll

MLANG.dll

iertutil.dll

iertutil.dll

urlmon.dll

urlmon.dll

ole32.dll

ole32.dll

SHELL32.dll

SHELL32.dll

SHLWAPI.dll

SHLWAPI.dll

msvcrt.dll

msvcrt.dll

USER32.dll

USER32.dll

KERNEL32.dll

KERNEL32.dll

ADVAPI32.dll

ADVAPI32.dll

RegOpenKeyExW

RegOpenKeyExW

RegCloseKey

RegCloseKey

GetWindowsDirectoryW

GetWindowsDirectoryW

_amsg_exit

_amsg_exit

_wcmdln

_wcmdln

UrlApplySchemeW

UrlApplySchemeW

PathIsURLW

PathIsURLW

UrlCanonicalizeW

UrlCanonicalizeW

UrlCreateFromPathW

UrlCreateFromPathW

iexplore.pdb

iexplore.pdb

KEYW

KEYW

KEYWh

KEYWh

KEYWD

KEYWD

.ENNNG.

.ENNNG.

a.ry.v

a.ry.v

l.igM4

l.igM4

?1%SGf

?1%SGf

xh.JW^

xh.JW^

.97777"7" " " !

.97777"7" " " !

3.... ))

3.... ))

8888888888888

8888888888888

8888888888

8888888888

.lPV)

.lPV)

úW1

úW1

.ApX/

.ApX/

H.ZAf

H.ZAf

ð[U

ð[U

%s!FK

%s!FK

1YYYY1YY9GEAA=77YRNNNW:.VT1

1YYYY1YY9GEAA=77YRNNNW:.VT1

888777777

888777777

Y.hilkRROMLK=C,

Y.hilkRROMLK=C,

..(((($$

..(((($$

3...((((%

3...((((%

3....(.''$

3....(.''$

3.2...((((%

3.2...((((%

33.2....(,'

33.2....(,'

55323222...

55323222...

(%&'00443445?

(%&'00443445?

00.,,,4(

00.,,,4(

000.,,9(

000.,,9(

0020..9(

0020..9(

003200;(

003200;(

(#'( (''''!'!

(#'( (''''!'!

Microsoft.InternetExplorer.Default

Microsoft.InternetExplorer.Default

user32.dll

user32.dll

Kernel32.DLL

Kernel32.DLL

xfire.exe

xfire.exe

wlmail.exe

wlmail.exe

winamp.exe

winamp.exe

waol.exe

waol.exe

sidebar.exe

sidebar.exe

psocdesigner.exe

psocdesigner.exe

np.exe

np.exe

netscape.exe

netscape.exe

netcaptor.exe

netcaptor.exe

neoplanet.exe

neoplanet.exe

msn.exe

msn.exe

mshtmpad.exe

mshtmpad.exe

mshta.exe

mshta.exe

loader42.exe

loader42.exe

infopath.exe

infopath.exe

iexplore.exe

iexplore.exe

iepreview.exe

iepreview.exe

groove.exe

groove.exe

explorer.exe

explorer.exe

dreamweaver.exe

dreamweaver.exe

contribute.exe

contribute.exe

aol.exe

aol.exe

{28fb17e0-d393-439d-9a21-9474a070473a}

{28fb17e0-d393-439d-9a21-9474a070473a}

Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings

Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings

DShell32.dll

DShell32.dll

Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe

Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe

Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}

Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}

"%s" %s

"%s" %s

Kernel32.dll

Kernel32.dll

\AppPatch\sysmain.sdb

\AppPatch\sysmain.sdb

-extoff go.microsoft.com/fwlink/?LinkId=106323

-extoff go.microsoft.com/fwlink/?LinkId=106323

-extoff go.microsoft.com/fwlink/?LinkId=106322

-extoff go.microsoft.com/fwlink/?LinkId=106322

-extoff go.microsoft.com/fwlink/?LinkId=106320

-extoff go.microsoft.com/fwlink/?LinkId=106320

kernel32.dll

kernel32.dll

{00000000-0000-0000-0000-000000000000}

{00000000-0000-0000-0000-000000000000}

\\?\Volume

\\?\Volume

shell:%s

shell:%s

Imaging_CreateWebPagePreview_Perftrack

Imaging_CreateWebPagePreview_Perftrack

Browseui_Tabs_Tearoff_BetweenWindows

Browseui_Tabs_Tearoff_BetweenWindows

Frame_URLEntered

Frame_URLEntered

Imaging_CreateWebPagePreview

Imaging_CreateWebPagePreview

WS_ExecuteQuery

WS_ExecuteQuery

Shdocvw_BaseBrowser_FireEvent_WindowStateChanged

Shdocvw_BaseBrowser_FireEvent_WindowStateChanged

IdleTask_Execution_Time

IdleTask_Execution_Time

9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

IEXPLORE.EXE

IEXPLORE.EXE

Windows

Windows

9.00.8112.16421

9.00.8112.16421