Overview

URLpaingonewild.com/aiommo.com/Payment_slip.pdf.exe
IP50.63.202.41
ASNAS26496 GoDaddy.com, LLC
Location United States
Report completed2017-05-20 03:58:20 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com
Added / Verified Severity Host Comment
2017-05-202paingonewild.com/NbZXZ/aiommo.com/Payment_slip.pdf.exeMalware
2017-05-202paingonewild.com/img.aspx?q=L3MkWGAkZmD1ZGHlZmD5Zwx2AwHkZGLkAvHlAzpyZ3R1AQNkWGV2MFHmpJAhqzS0LzSlnaM5Malware
2017-05-202paingonewild.com/aiommo.com/Payment_slip.pdf.exeMalware
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 50.63.202.41

Date UQ / IDS / BL URL IP
2017-05-25 08:56:090 - 0 - 5paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41
2017-05-25 07:59:420 - 0 - 4paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41
2017-05-25 06:58:200 - 0 - 4paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41
2017-05-25 05:56:460 - 0 - 4paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41
2017-05-25 05:01:380 - 0 - 2samdoles.com/tag/riverside/50.63.202.41
2017-05-25 04:56:490 - 0 - 4paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41

Last 6 reports on ASN: AS26496 GoDaddy.com, LLC

Date UQ / IDS / BL URL IP
2017-05-25 09:01:180 - 0 - 3www.jagodibuja.com/50.62.173.69
2017-05-25 08:57:080 - 0 - 1film-streaming.in/the-matrix-revolutions-2003160.153.137.15
2017-05-25 08:56:090 - 0 - 5paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41
2017-05-25 08:55:590 - 0 - 2desdeazuero.com/wp-includes/widgets/6064184.168.221.54
2017-05-25 08:53:290 - 0 - 3www.bostonhitech.com/sdownload/bsb10000.exe184.168.221.96
2017-05-25 08:52:030 - 0 - 0www.binaryforexacademy.com/place-doubles-review/107.180.25.42

Last 6 reports on domain: paingonewild.com

Date UQ / IDS / BL URL IP
2017-05-25 08:56:090 - 0 - 5paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41
2017-05-25 07:59:420 - 0 - 4paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41
2017-05-25 06:58:200 - 0 - 4paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41
2017-05-25 05:56:460 - 0 - 4paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41
2017-05-25 04:56:490 - 0 - 4paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41
2017-05-25 04:00:420 - 0 - 5paingonewild.com/aiommo.com/Payment_slip.pdf.exe50.63.202.41



JavaScript

Executed Scripts (18)


Executed Evals (1)

#1 JavaScript::Eval (size: 3161, repeated: 1)

({
    "name": "master-1",
    "slave-0-1": {
        "clicktrackUrl": "https://cpclicktracking.com/caf.aspx/?domain=paingonewild.com&e=Wzp9AGRjZFMxCFMwCGNznG0zMG0zow0zL3x9ZFMwqaR9YGZlBGt4ZQD1Zmp3AmVlAwVkZwNzMJp9ZwNkAmN1ZGxkBQH3ZGNzqTp9ZFM4CFMzM3N9ZPMhrw0lWzMjCGHznT5aCGRzqTL9AvMjpQ1uLvMkMG1hMv1kMKMkYJWvYGR4BQH3ZGDkBQL1AQN4BGD=-1",
        "container": "adTest",
        "linkTarget": "_blank",
        "verticalSpacing": 2,
        "lines": 2,
        "colorTitleLink": "#0000FF",
        "colorDomainLink": "#006600",
        "colorAttribution": "#000000",
        "fontFamilyAttribution": "arial",
        "fontSizeTitle": "16px",
        "fontSizeDescription": "12px",
        "fontSizeDomainLink": "12px",
        "fontSizeAttribution": "14px",
        "fontSizeLocation": 13,
        "titleBold": 1,
        "adIconPageLocation": "ad-left",
        "adIconLocation": "ad-left",
        "resultsPageBaseUrl": "http://paingonewild.com?src=1&reqp=1",
        "type": "ads",
        "hl": "en-US",
        "columns": 1,
        "horizontalAlignment": "left",
        "resultsPageQueryParam": "query",
        "searchBoxMethod": "get",
        "attributionBold": true,
        "uiOptimize": false,
        "colorCtaBackground": "#9c9c9c",
        "colorCtaBackgroundActive": "#b7b7b7",
        "colorCtaArrow": "#e0e0e0"
    },
    "slave-1-1": {
        "clicktrackUrl": "https://cpclicktracking.com/caf.aspx/?domain=paingonewild.com&e=Wzp9AGRjZFMxCFMwCGNznG0zMG0zow0zL3x9ZFMwqaR9YGZlBGt4ZQD1Zmp3AmVlAwVkZwNzMJp9ZwNkAmN1ZGxkBQH3ZGNzqTp9ZFM4CFMzM3N9ZPMhrw0lWzMjCGHznT5aCGRzqTL9AvMjpQ1uLvMkMG1hMv1kMKMkYJWvYGR4BQH3ZGDkBQL1AQN4BGD=-1",
        "container": "searchbox",
        "linkTarget": "_blank",
        "lines": 3,
        "colorBackground": "transparent",
        "colorAttribution": "#000000",
        "fontFamilyAttribution": "arial",
        "fontSizeTitle": "16px",
        "fontSizeDescription": "12px",
        "fontSizeDomainLink": "12px",
        "fontSizeAttribution": "14px",
        "fontSizeLocation": 13,
        "adIconPageLocation": "ad-left",
        "adIconLocation": "ad-left",
        "resultsPageBaseUrl": "http://paingonewild.com?src=1&reqp=1",
        "type": "searchbox",
        "hl": "en-US",
        "columns": 1,
        "horizontalAlignment": "left",
        "resultsPageQueryParam": "query",
        "hideSearchInputBorder": true,
        "hideSearchButtonBorder": true,
        "colorSearchButton": "transparent",
        "colorSearchButtonText": "transparent",
        "widthSearchInput": 290,
        "widthSearchButton": 147,
        "fontSizeSearchButton": 22,
        "searchBoxMethod": "get",
        "attributionBold": true,
        "uiOptimize": false,
        "colorCtaBackground": "#9c9c9c",
        "colorCtaBackgroundActive": "#b7b7b7",
        "colorCtaArrow": "#e0e0e0"
    },
    "master-1": {
        "clicktrackUrl": "https://cpclicktracking.com/caf.aspx/?domain=paingonewild.com&e=Wzp9AGRjZFMxCFMwCGNznG0zMG0zow0zL3x9ZFMwqaR9YGZlBGt4ZQD1Zmp3AmVlAwVkZwNzMJp9ZwNkAmN1ZGxkBQH3ZGNzqTp9ZFM4CFMzM3N9ZPMhrw0lWzMjCGHznT5aCGRzqTL9AvMjpQ1uLvMkMG1hMv1kMKMkYJWvYGR4BQH3ZGDkBQL1AQN4BGD=-1",
        "linkTarget": "_blank",
        "verticalSpacing": 2,
        "lines": 2,
        "colorTitleLink": "#0000FF",
        "colorDomainLink": "#006600",
        "colorAttribution": "#000000",
        "fontFamilyAttribution": "arial",
        "fontSizeTitle": "16px",
        "fontSizeDescription": "12px",
        "fontSizeDomainLink": "12px",
        "fontSizeAttribution": "14px",
        "fontSizeLocation": 13,
        "titleBold": 1,
        "adIconPageLocation": "ad-left",
        "adIconLocation": "ad-left",
        "resultsPageBaseUrl": "http://paingonewild.com?src=1&reqp=1",
        "type": "ads",
        "hl": "en-US",
        "columns": 1,
        "horizontalAlignment": "left",
        "resultsPageQueryParam": "query",
        "searchBoxMethod": "get",
        "attributionBold": true,
        "uiOptimize": false,
        "colorCtaBackground": "#9c9c9c",
        "colorCtaBackgroundActive": "#b7b7b7",
        "colorCtaArrow": "#e0e0e0"
    }
})

Executed Writes (0)



HTTP Transactions (35)


Request Response
GET /NbZXZ/aiommo.com/Payment_slip.pdf.exe HTTP/1.1

Host: paingonewild.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 50.63.202.41
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 20 May 2017 01:57:09 GMT
Content-Length: 338
Age: 0
Connection: keep-alive
GET /park/L252LKEvLKWdqaykYaOvrt== HTTP/1.1

Host: mcc.godaddy.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/NbZXZ/aiommo.com/Payment_slip.pdf.exe
 184.168.131.213
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Set-Cookie: market=en-US; domain=godaddy.com; expires=Sun, 20-May-2018 01:57:10 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 20 May 2017 01:57:09 GMT
Connection: close
Content-Length: 201
GET /favicon.ico HTTP/1.1

Host: paingonewild.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 50.63.202.41
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 20 May 2017 01:57:10 GMT
Content-Length: 103
Age: 0
Connection: keep-alive
GET /?reqp=1&reqr= HTTP/1.1

Host: paingonewild.com
GET /?reqp=1&reqr= HTTP/1.1

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mcc.godaddy.com/park/L252LKEvLKWdqaykYaOvrt==
 50.63.202.41
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 20 May 2017 01:52:55 GMT
Content-Length: 8168
Age: 255
Connection: keep-alive
GET /script/jquery-1.3.1.min.js HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 195.159.219.8
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Thu, 05 Jan 2012 22:46:08 GMT
Accept-Ranges: bytes
Etag: "1f269ad0fbcbcc1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 24336
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:11 GMT
Connection: keep-alive
GET /images/new_logo_gd3.jpg HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 195.159.219.8
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Thu, 24 Oct 2013 20:42:28 GMT
Accept-Ranges: bytes
Etag: "012848df9d0ce1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 5787
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:11 GMT
Connection: keep-alive
GET /images/soc_1.jpg HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 195.159.219.8
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 06 Nov 2012 22:10:16 GMT
Accept-Ranges: bytes
Etag: "01415806bbccd1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 3278
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:11 GMT
Connection: keep-alive
GET /images/or2.png HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 195.159.219.8
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 26 Sep 2012 21:03:06 GMT
Accept-Ranges: bytes
Etag: "02114532a9ccd1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 987
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:11 GMT
Connection: keep-alive
GET /adsense/domains/caf.js HTTP/1.1

Host: www.google.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 108.177.14.106
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Sat, 20 May 2017 01:57:11 GMT
Expires: Sat, 20 May 2017 01:57:11 GMT
Cache-Control: private, max-age=3600
Etag: "4448816946785631783"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 1; mode=block
GET /images/bul_blacksquare.png HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 195.159.219.8
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 25 Jul 2008 21:49:00 GMT
Accept-Ranges: bytes
Etag: "02ec3fa0eec81:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 126
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:11 GMT
Connection: keep-alive
GET /domainads/tracking/caf.gif?ts=1495245431806&rid=1176807 HTTP/1.1

Host: www.gstatic.com
GET /domainads/tracking/caf.gif?ts=1495245431806&rid=1176807 HTTP/1.1

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 172.217.22.163
HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 43
Date: Sat, 20 May 2017 01:57:11 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Last-Modified: Thu, 21 Apr 2016 03:17:22 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
GET /images/GDPPC_CAF_Search3.png HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 195.159.219.8
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 26 Sep 2013 15:28:45 GMT
Accept-Ranges: bytes
Etag: "1b67ff16cdbace1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 2296
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:11 GMT
Connection: keep-alive
GET /images/v4Slice.png HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 195.159.219.8
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 08 Feb 2013 21:42:04 GMT
Accept-Ranges: bytes
Etag: "0de6622456ce1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 26030
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:11 GMT
Connection: keep-alive
GET /images/99_prk_pg_background.jpg HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 195.159.219.8
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 28 Jan 2015 02:31:10 GMT
Accept-Ranges: bytes
Etag: "0eb47aa23ad01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 10017
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:11 GMT
Connection: keep-alive
GET /async_survey?site=kv4ic6olrzkr6 HTTP/1.1

Host: survey.g.doubleclick.net

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 172.217.22.177
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, max-age=300
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
P3p: policyref="http://survey.g.doubleclick.net/static/p3p_full_policy.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Date: Sat, 20 May 2017 01:57:11 GMT
Transfer-Encoding: chunked
Expires: Sat, 20 May 2017 01:57:11 GMT
Set-Cookie: PAIDCONTENT=r1qq0ftxw3lq33m91mhh; Path=/; Domain=survey.g.doubleclick.net; Expires=Mon, 19 Jun 2017 01:57:11 GMT
GET /apps/domainpark/domainpark.cgi?r=m&fexp=2631602%2C21404&domain_name=paingonewild.com&client=dp-godaddy1_xml&channel=gd-split2&hl=en-US&type=0&drid=as-drid-oo-1885714186540894&uiopt=false&oe=UTF-8&ie=UTF-8&format=p10%7Cs&ad=a10&adrep=3&num=0&output=caf&v=3&preload=true&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1495245431822&u_w=1176&u_h=885&biw=1176&bih=775&psw=1176&psh=0&frm=0&uio=uv3cs1sa14fa2st16sd12sv12sl1sr1-af2-&jsv=44488&rurl=http%3A%2F%2Fpaingonewild.com%2F%3Freqp%3D1%26reqr%3D&ref=http%3A%2F%2Fmcc.godaddy.com%2Fpark%2FL252LKEvLKWdqaykYaOvrt%3D%3D HTTP/1.1

Host: dp.g.doubleclick.net
GET /apps/domainpark/domainpark.cgi?r=m&fexp=2631602%2C21404&domain_name=paingonewild.com&client=dp-godaddy1_xml&channel=gd-split2&hl=en-US&type=0&drid=as-drid-oo-1885714186540894&uiopt=false&oe=UTF-8&ie=UTF-8&format=p10%7Cs&ad=a10&adrep=3&num=0&output=caf&v=3&preload=true&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1495245431822&u_w=1176&u_h=885&biw=1176&bih=775&psw=1176&psh=0&frm=0&uio=uv3cs1sa14fa2st16sd12sv12sl1sr1-af2-&jsv=44488&rurl=http%3A%2F%2Fpaingonewild.com%2F%3Freqp%3D1%26reqr%3D&ref=http%3A%2F%2Fmcc.godaddy.com%2Fpark%2FL252LKEvLKWdqaykYaOvrt%3D%3D HTTP/1.1

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 216.58.209.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
P3p: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 20 May 2017 01:57:11 GMT
Server: domainserver
Cache-Control: private
Content-Length: 626
X-XSS-Protection: 1; mode=block
GET /static/caf/slave.html HTTP/1.1

Host: dp.g.doubleclick.net

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 216.58.209.130
HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 712
Date: Sat, 20 May 2017 01:16:23 GMT
Expires: Sat, 20 May 2017 02:16:23 GMT
Last-Modified: Thu, 21 Apr 2016 03:17:22 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 2448
Cache-Control: public, max-age=3600
GET /ux/fonts/1.0/woff/w8.woff HTTP/1.1

Host: img1.wsimg.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
Origin: http://paingonewild.com
 2.23.155.157
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
Last-Modified: Fri, 12 Sep 2014 18:21:22 GMT
Accept-Ranges: bytes
Etag: "03dd05ab6cecf1:0"
Content-Length: 112392
Cache-Control: max-age=31536000
Expires: Sun, 20 May 2018 01:57:11 GMT
Date: Sat, 20 May 2017 01:57:11 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
GET /insights/consumersurveys/static/401371046411949947/prompt_embed_static.js HTTP/1.1

Host: survey.g.doubleclick.net

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
Cookie: PAIDCONTENT=r1qq0ftxw3lq33m91mhh
 172.217.22.177
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 19 May 2017 20:40:04 GMT
Expires: Sun, 18 Jun 2017 20:40:04 GMT
Etag: "TXcEkw"
X-Cloud-Trace-Context: ff4a87eff3cac2272f0da5c3e9913f12
Content-Encoding: gzip
Server: Google Frontend
Content-Length: 108645
Cache-Control: public, max-age=2592000
Age: 19028
GET /gk/prompt?t=a&site=kv4ic6olrzkr6&random=1495245432038&ref=http%3A%2F%2Fmcc.godaddy.com%2Fpark%2FL252LKEvLKWdqaykYaOvrt%3D%3D HTTP/1.1

Host: survey.g.doubleclick.net
GET /gk/prompt?t=a&site=kv4ic6olrzkr6&random=1495245432038&ref=http%3A%2F%2Fmcc.godaddy.com%2Fpark%2FL252LKEvLKWdqaykYaOvrt%3D%3D HTTP/1.1

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
Cookie: PAIDCONTENT=r1qq0ftxw3lq33m91mhh
 172.217.22.177
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Why: Publisher down sampling.
X-XSS-Protection: 1; mode=block
Date: Sat, 20 May 2017 01:57:12 GMT
Content-Length: 23
GET /ux/fonts/1.0/woff/w4.woff HTTP/1.1

Host: img1.wsimg.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
Origin: http://paingonewild.com
 2.23.155.157
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
Last-Modified: Fri, 12 Sep 2014 18:21:22 GMT
Accept-Ranges: bytes
Etag: "03dd05ab6cecf1:0"
Content-Length: 118156
Cache-Control: max-age=31536000
Expires: Sun, 20 May 2018 01:57:11 GMT
Date: Sat, 20 May 2017 01:57:11 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
GET /?hg=0&nr=0 HTTP/1.1

Host: paingonewild.com
GET /?hg=0&nr=0 HTTP/1.1

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?reqp=1&reqr=
 50.63.202.41
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 20 May 2017 01:57:12 GMT
Content-Length: 347
Age: 0
Connection: keep-alive
GET /park/L252LKEvLKWdqaykYaOvrt==/fe/L252LKEvLKWdqaykYaOvrt==?hg=0 HTTP/1.1

Host: mcc.godaddy.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://paingonewild.com/?hg=0&nr=0
Cookie: market=en-US
 184.168.131.213
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Set-Cookie: currency=NOK; domain=godaddy.com; expires=Sun, 20-May-2018 01:57:13 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 20 May 2017 01:57:12 GMT
Connection: close
Content-Length: 3231
GET /css/modalstyles20130117.css HTTP/1.1

Host: ak3.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mcc.godaddy.com/park/L252LKEvLKWdqaykYaOvrt==/fe/L252LKEvLKWdqaykYaOvrt==?hg=0
 195.159.219.17
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 17 Jan 2013 17:31:19 GMT
Accept-Ranges: bytes
Etag: "e6fdea75d8f4cd1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 3446
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:13 GMT
Connection: keep-alive
GET /images/new_logo_GDTrans.png HTTP/1.1

Host: ak3.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mcc.godaddy.com/park/L252LKEvLKWdqaykYaOvrt==/fe/L252LKEvLKWdqaykYaOvrt==?hg=0
 195.159.219.17
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 20 Mar 2017 18:01:40 GMT
Accept-Ranges: bytes
Etag: "a6e3766a4a1d21:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 3805
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:13 GMT
Connection: keep-alive
GET /script/jquery-1.3.1.min.js HTTP/1.1

Host: ak3.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mcc.godaddy.com/park/L252LKEvLKWdqaykYaOvrt==/fe/L252LKEvLKWdqaykYaOvrt==?hg=0
 195.159.219.17
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Thu, 05 Jan 2012 22:46:08 GMT
Accept-Ranges: bytes
Etag: "1f269ad0fbcbcc1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 24336
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:13 GMT
Connection: keep-alive
GET /images/247Support.jpg HTTP/1.1

Host: ak3.imgaft.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mcc.godaddy.com/park/L252LKEvLKWdqaykYaOvrt==/fe/L252LKEvLKWdqaykYaOvrt==?hg=0
 195.159.219.17
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 26 Jul 2013 15:11:14 GMT
Accept-Ranges: bytes
Etag: "9620d45e128ace1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 21548
Cache-Control: max-age=3888000
Date: Sat, 20 May 2017 01:57:13 GMT
Connection: keep-alive
GET /favicon.ico HTTP/1.1

Host: paingonewild.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 50.63.202.41
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 20 May 2017 01:57:12 GMT
Content-Length: 103
Age: 1
Connection: keep-alive
GET /park/L252LKEvLKWdqaykYaOvrt==/fe/L252LKEvLKWdqaykYaOvrt==?hg=0 HTTP/1.1

Host: mcc.godaddy.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mcc.godaddy.com/park/L252LKEvLKWdqaykYaOvrt==/fe/L252LKEvLKWdqaykYaOvrt==?hg=0
Cookie: market=en-US; currency=NOK
 184.168.131.213
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 20 May 2017 01:57:13 GMT
Connection: close
Content-Length: 3235
GET /img.aspx?q=L3MkWGAkZmD1ZGHlZmD5Zwx2AwHkZGLkAvHlAzpyZ3R1AQNkWGV2MFHmpJAhqzS0LzSlnaM5pF5jLabyZwMhWGAkZPHlAzZyZ3RjWGV2MJLyZ3RjWGV2MvHmpFHlAzIaWGAkZwNkAmN1ZGxkBQH3ZGZyZwMwrFHmpGRyZwM0MlHmpGRyZwM4WGAkWGV2oabyZ3RlWGV2MaNyZ3R1WGV2nT5aWGAkZFHlAaOjWGAkLJVyZwMzM3NyZ3Rj-1 HTTP/1.1

Host: paingonewild.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mcc.godaddy.com/park/L252LKEvLKWdqaykYaOvrt==/fe/L252LKEvLKWdqaykYaOvrt==?hg=0
 50.63.202.41
HTTP/1.1 200 OK
Content-Type: image/gif
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 20 May 2017 01:57:13 GMT
Age: 1
Transfer-Encoding: chunked
Connection: keep-alive
GET /favicon.ico HTTP/1.1

Host: paingonewild.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 50.63.202.41
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 20 May 2017 01:57:13 GMT
Content-Length: 136
Age: 1
Connection: keep-alive
GET /aiommo.com/Payment_slip.pdf.exe HTTP/1.1

Host: paingonewild.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 50.63.202.41
HTTP/1.1 302 Found
HTTP/1.1 302 Found
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Location: /NbZXZ/aiommo.com/Payment_slip.pdf.exe
GET /?reqp=1&reqr= HTTP/1.1

Host: paingonewild.com
GET /?reqp=1&reqr= HTTP/1.1

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mcc.godaddy.com/park/L252LKEvLKWdqaykYaOvrt==
 50.63.202.41
HTTP/1.1 302 Found
HTTP/1.1 302 Found
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Location: /?reqp=1&reqr=
GET /favicon.ico HTTP/1.1

Host: paingonewild.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 

GET /favicon.ico HTTP/1.1

Host: paingonewild.com

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 50.63.202.41
HTTP/1.1 302 Found
HTTP/1.1 302 Found
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Location: /favicon.ico