Overview

URL www.readyoursystemforcontentsgreat.win/?pcl=qxfxwgrwjrypkmbcekhz9pesrdyy4ti479t9kz65ryk.
IP54.89.93.105
ASNAS14618 Amazon.com, Inc.
Location United States
Report completed2018-07-02 00:54:36 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-07-02 2 www.readyoursystemforcontentsgreat.win/?pcl=qxfxwgrwjrypkmbcekhz9pesrdyy4ti (...) Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 54.89.93.105

Date UQ / IDS / BL URL IP
2018-08-18 20:22:14 +0200
0 - 0 - 1 www.extensionrandomsystemupgrade4contestpropo (...) 54.89.93.105
2018-07-05 20:19:06 +0200
0 - 0 - 1 www.previewyounewlisteditems4free4listening.trade/ 54.89.93.105
2018-07-03 06:32:25 +0200
0 - 0 - 1 www.addbrandnewsystemfornewrequest.review/bl. (...) 54.89.93.105
2018-07-03 04:58:44 +0200
0 - 0 - 1 www.addbrandnewsystemfornewrequest.review/bl. (...) 54.89.93.105
2018-07-02 10:47:22 +0200
0 - 0 - 0 www.thegoodonesystemforcontentgreat.win 54.89.93.105
2018-07-02 00:55:49 +0200
0 - 0 - 1 www.readyoursystemforcontentsgreat.win/?pcl=q (...) 54.89.93.105
2018-07-02 00:06:17 +0200
0 - 0 - 1 www.autoclickonnewcontentblogoffersplaypause. (...) 54.89.93.105
2018-06-30 22:03:03 +0200
0 - 0 - 1 www.addmorevolume2yourpromotioncontest.win/ 54.89.93.105
2018-06-29 20:36:02 +0200
0 - 0 - 0 hxxp://www.forgetthepathtradebidoptimized4fre (...) 54.89.93.105
2018-06-29 04:44:42 +0200
0 - 1 - 2 www.promotiontradebidoptimized4freecolorup.re (...) 54.89.93.105

Last 10 reports on ASN: AS14618 Amazon.com, Inc.

Date UQ / IDS / BL URL IP
2019-01-19 18:47:01 +0100
0 - 0 - 1 hotelcerrado.com/.dropbox/dpbx/phone.html 23.20.239.12
2019-01-19 18:31:16 +0100
0 - 0 - 0 https://www.tuenti.ec/ 50.17.5.240
2019-01-19 18:29:22 +0100
0 - 0 - 2 customaquariumscr.com/WormsScr/WormsScr.exe 52.0.217.44
2019-01-19 17:42:58 +0100
0 - 0 - 0 https://site.findly.com/wp-signup.php?new=dy3 (...) 107.23.160.170
2019-01-19 15:36:39 +0100
0 - 0 - 2 abercrombie.net.co/css/web/html/logs/shit.exe 52.0.217.44
2019-01-19 15:31:31 +0100
0 - 3 - 1 reach.cp-back.biz/dl/installcapital-voicesear (...) 54.88.21.193
2019-01-19 13:44:33 +0100
0 - 0 - 2 ecran-de-veille.org/setup-seoul-ev-scr.exe 52.0.217.44
2019-01-19 13:44:32 +0100
0 - 0 - 2 ecran-de-veille.org/setup-tokyo-ev-scr.exe 52.0.217.44
2019-01-19 13:44:20 +0100
0 - 0 - 2 ecran-de-veille.org/setup-hong-kong-ev-scr.exe 52.0.217.44
2019-01-19 13:42:23 +0100
0 - 0 - 6 systemupd.com/lok/wan/ufo/vgi.exe 52.0.217.44

No other reports on domain: readyoursystemforcontentsgreat.win



JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (36)


Request Response
                                        
                                            GET /?pcl=qxfxwgrwjrypkmbcekhz9pesrdyy4ti479t9kz65ryk. HTTP/1.1 
Host: www.readyoursystemforcontentsgreat.win
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         54.89.93.105
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx/1.8.0
Date: Sun, 01 Jul 2018 22:54:04 GMT
Content-Length: 160
Connection: close
Location: http://www.theadgateway.com/jump/next.php?r=2045607&sub1={source_id}


--- Additional Info ---
Magic:  HTML document text
Size:   160
Md5:    e0d8c58a3c91234c31813b1691baa6c6
Sha1:   d1b7f991404e93e5a282433347955db33f153fd9
Sha256: c0296d7ef857ca2505fb0a1b76ecc741154327ff5f2302a7e9aea551c7c6e7c1

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /jump/next.php?r=2045607&sub1={source_id} HTTP/1.1 
Host: www.theadgateway.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         35.190.65.235
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Sun, 01 Jul 2018 22:54:04 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Referrer-Policy: no-referrer
Link: <//www.theadgateway.com>; rel=dns-prefetch,<//www.theadgateway.com>; rel=preconnect
Content-Encoding: gzip
Via: 1.1 google


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1852
Md5:    b548e0e241f4d16abde301b8cd87bc69
Sha1:   9daf8c99c2f41966cebead278aaf98fd1eae3ee2
Sha256: a2c56c293c3b3e1dc9e7b2db3a8adc2031d5544cda9114466b7b347fa1e2914e
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.theadgateway.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         35.190.65.235
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: openresty
Date: Sun, 01 Jul 2018 22:54:04 GMT
Content-Length: 0
Last-Modified: Wed, 27 Dec 2017 10:12:41 GMT
Etag: "5a437219-0"
Accept-Ranges: bytes
Via: 1.1 google


--- Additional Info ---
                                        
                                            GET /jump/next.php?stamat=m%7C%2CkN2O243PqB1dAN0dEdHP3xP.3fa%2CSG8eUBU_zviEgw5iO7KLSnROAP6nU4NTsrkcojfcd7ZkT-jFUrkSLlJagFaA0q7HFASkMnq4lV3a9yjzSZanqn00bYfVUalhhe4s7cN6KAo%2C&cbrandom=0.26309603011550065&cbtitle=&cbiframe=0&cbWidth=1176&cbHeight=754&cbdescription=&cbkeywords=&cbref= HTTP/1.1 
Host: www.theadgateway.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theadgateway.com/jump/next.php?r=2045607&sub1={source_id}

                                         
                                         35.190.65.235
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Sun, 01 Jul 2018 22:54:04 GMT
Transfer-Encoding: chunked
Location: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566
Referrer-Policy: no-referrer
Vary: Accept-Encoding
Via: 1.1 google


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Wed, 27 Jun 2018 07:49:56 GMT
Etag: 536BB06CAF1E0B483DBB76289010C04E107DF1E1
X-OCSP-Responder-ID: rmdccaocsp33
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=204410
Expires: Wed, 04 Jul 2018 07:40:54 GMT
Date: Sun, 01 Jul 2018 22:54:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c17d82ac65be03bb3e0f4a74933cdc4b
Sha1:   536bb06caf1e0b483dbb76289010c04e107df1e1
Sha256: 5651b211a19ccb7f79c0e01a06c19bff71a4ab8b37324fca615700b56caa95fd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 26 Jun 2018 01:16:20 GMT
Etag: 6FD938B0732F30647BD1CBF172CB91E217388955
X-OCSP-Responder-ID: rmdccaocsp8
Content-Length: 728
Cache-Control: public, no-transform, must-revalidate, max-age=94300
Expires: Tue, 03 Jul 2018 01:05:44 GMT
Date: Sun, 01 Jul 2018 22:54:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   728
Md5:    511e939bf4b8f52140e7873caadccbb6
Sha1:   6fd938b0732f30647bd1cbf172cb91e217388955
Sha256: d3bca680330c2328f26c24f4b449cff70b6820816572b585e1ed206dc8030228
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.11
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 26 Jun 2018 01:16:20 GMT
Etag: 7DC3F990792BA39EC52F61CF3501B846EAE66BF5
X-OCSP-Responder-ID: rmdccaocsp24
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=94369
Expires: Tue, 03 Jul 2018 01:06:53 GMT
Date: Sun, 01 Jul 2018 22:54:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    7dac5f8c435b606117add4e1e2bdbede
Sha1:   7dc3f990792ba39ec52f61cf3501b846eae66bf5
Sha256: aa714e8e890a12d169aca06f03f0bffa88a240a164360a0e2a70448b37488a46
                                        
                                            GET /casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566 HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.theadgateway.com/jump/next.php?r=2045607&sub1={source_id}

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2982
Md5:    62af36df7264b1bbbbb4ceb07ca98cbf
Sha1:   3eb60aa8e2b7ac508651bd0ae68ff8b64244d193
Sha256: a7d0435099b2081f010fd9e03fae2eb4d51652aba1f5d2fcc2e7179f709b0497
                                        
                                            GET /ajax/libs/jquery/2.1.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.217.22.170
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 29478
Date: Wed, 09 May 2018 15:48:48 GMT
Expires: Thu, 09 May 2019 15:48:48 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 4604717


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29478
Md5:    36acb72537386afec691bd8e7030792e
Sha1:   ee358f9c5156ccc21d298f0307cf9c9b04c4825b
Sha256: 432b937ad9494cfb9e59124ae1883c4b9b2e6bd95645b84c994d23e04b83d321
                                        
                                            GET /casumo/no/css/bootstrap.min.css HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 29 May 2018 12:33:22 GMT
Expires: Tue, 31 Jul 2018 22:54:03 GMT
Cache-Control: max-age=2592000
Pragma: public
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21000
Md5:    cf6b2c1b4fc6cf9d07e76758094d3fc3
Sha1:   c0758c72dd3fb63a0a1fa7e83ab258441a9a7cfb
Sha256: 29c5cf03506c2a9bb78af1656e0089fb470d01d9b85a208d50fee355c9c50a54
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 01 Jul 2018 22:54:05 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    2324c099bb07e9af4e588c97bcc0f109
Sha1:   7922c67a8175f0542431418f62d09a9b3cdecb27
Sha256: 740f23477b1428d3582d76df1fe60283171855257e5b5864e64be91b7dcad743
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 01 Jul 2018 22:54:05 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /casumo/no/js/jquery.min.js HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 29 May 2018 12:35:49 GMT
Expires: Tue, 31 Jul 2018 22:54:03 GMT
Cache-Control: max-age=2592000
Pragma: public
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   33583
Md5:    f6792a9ae3bc93e8b621f083efbbcc96
Sha1:   d6d3aa81dfb3899ec637d688fa5236c83987f470
Sha256: 3833d88d88c0664a5d3db184c35038aebc13f06e2798f949e72fba70cbc7a8e0
                                        
                                            GET /casumo/no/css/style.css HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 29 May 2018 12:33:23 GMT
Expires: Tue, 31 Jul 2018 22:54:03 GMT
Cache-Control: max-age=2592000
Pragma: public
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3887
Md5:    ff45d6087fe93c01884f11cda80bb9e8
Sha1:   f00d04d0b976875c943d687666fa81d80c51d227
Sha256: 3c19de765505a00a64f2cb0f4e4b3cec95fb0dbbf3b188a53d766cc2552a1891
                                        
                                            GET /casumo/no/js/bootstrap.min.js HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 29 May 2018 12:35:48 GMT
Expires: Tue, 31 Jul 2018 22:54:03 GMT
Cache-Control: max-age=2592000
Pragma: public
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   9865
Md5:    e49f64e2fdd7e0fb9512dfd3c81504cf
Sha1:   529f467a7b91fb2634dff3ceec599e4beaa98240
Sha256: e03a18c24f97c49dd37e61b763fe586128e9de6b720da726605ec1e1b5177a04
                                        
                                            GET /casumo/no/css/font-awesome.min.css HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 29 May 2018 12:33:22 GMT
Expires: Tue, 31 Jul 2018 22:54:03 GMT
Cache-Control: max-age=2592000
Pragma: public
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6125
Md5:    2a2d2edad25f5c55246bc4b25ca9d1ff
Sha1:   72adf206f1f487c1525ef403709b910a92ed08ff
Sha256: 6578b762b7a1c264cd468ea4c298b1bd05434fa5181efe33ffd09c7cc7168064
                                        
                                            GET /casumo/no/images/starburst_1.png HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Content-Length: 66634
Connection: keep-alive
Last-Modified: Tue, 29 May 2018 12:35:33 GMT
Expires: Thu, 30 Aug 2018 22:54:03 GMT
Cache-Control: max-age=5184000
Pragma: public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 270 x 200, 8-bit/color RGBA, non-interlaced
Size:   66634
Md5:    0d877260f19f5cd6f928983827b226c8
Sha1:   c17e05191f84821d06c6e38ed8039d5943821eb2
Sha256: 7389a02108ea56fb2c5f80c1a5055af71fda8bf4497f7b0728a8375d2d79346d
                                        
                                            GET /css?family=Open+Sans:300,400,600,700,800 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sun, 01 Jul 2018 22:54:05 GMT
Date: Sun, 01 Jul 2018 22:54:05 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   290
Md5:    472e8de87b47ad3672eb1a27fce4eda1
Sha1:   56c053b8e12d4425c659433b23c4122f37915494
Sha256: 5f537e65f40f8536ed91db78a7a1f25628b485cd7b975c1c927875f3e1e1dea2
                                        
                                            GET /casumo/no/images/twinspin_1.png HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Content-Length: 75548
Connection: keep-alive
Last-Modified: Tue, 29 May 2018 12:35:35 GMT
Expires: Thu, 30 Aug 2018 22:54:03 GMT
Cache-Control: max-age=5184000
Pragma: public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 345 x 200, 8-bit/color RGBA, non-interlaced
Size:   75548
Md5:    87bcc9930ec8ba130d072ecdfd1e8a6d
Sha1:   ad4408592fa73ec626f231f5aae29db6913d5f91
Sha256: c4ef2a343bb109e00d4775b6f867ff0e4bea32551d4dd0bf9c88deb7ac129f8f
                                        
                                            GET /casumo/no/images/spela_btn.gif HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Content-Length: 37220
Connection: keep-alive
Last-Modified: Tue, 29 May 2018 12:35:32 GMT
Expires: Thu, 30 Aug 2018 22:54:03 GMT
Cache-Control: max-age=5184000
Pragma: public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 338 x 128
Size:   37220
Md5:    111f7a1774096611ee0bb6f218a09da5
Sha1:   e4216f578bf4d34b265157c1c12d7688c377ac02
Sha256: 488922000b0f6d0979812c2dc91268f9aed5f68c4b66456e9b2b2330c745d67f
                                        
                                            GET /casumo/no/java/FWDEVPlayer.js HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 29 May 2018 12:35:39 GMT
Expires: Tue, 31 Jul 2018 22:54:03 GMT
Cache-Control: max-age=2592000
Pragma: public
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   74044
Md5:    a6c901a9b8457917a5032dfa9b33abef
Sha1:   f8861e07a547dd85642d394b86792982da88a4d6
Sha256: 992a1d13fefb71abd78e47e377b0a29b7e54a9e2a32c2e778ff99951ca8673c5
                                        
                                            GET /casumo/no/images/stop.png HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Content-Length: 16341
Connection: keep-alive
Last-Modified: Tue, 29 May 2018 12:35:34 GMT
Expires: Thu, 30 Aug 2018 22:54:03 GMT
Cache-Control: max-age=5184000
Pragma: public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 300 x 300, 8-bit colormap, non-interlaced
Size:   16341
Md5:    4df9cd8758d241c5e5cbc0ed4f5763a1
Sha1:   ea43763fef75d1402aeb30e43d685649f3f1a31c
Sha256: 0186583aa0e4f70f4e5477fcd47f62b172267372c841ed8ad665203c299ac8fd
                                        
                                            GET /css?family=Lato:400,900 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sun, 01 Jul 2018 22:54:05 GMT
Date: Sun, 01 Jul 2018 22:54:05 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   220
Md5:    5e1feee5439d961ad27dae92406857cc
Sha1:   f112203b9407368b9bca65073066fcb5546242ed
Sha256: 2092d1dc495800d7d1e985fae42b25d9a7fe359eb61ae280f4ca008ece59b4b0
                                        
                                            GET /css?family=Libre+Franklin:400,500,600,700,800,900 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sun, 01 Jul 2018 22:54:05 GMT
Date: Sun, 01 Jul 2018 22:54:05 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   321
Md5:    ad54fb326abb9ef6b9653f517f093cb4
Sha1:   1ce748db2fb62c96bfda7e7b4f02c60f78eeda73
Sha256: 9d9d8b7655ce9d25ebfd2dc6ed742837cc801da9727035151ec434c31569b2df
                                        
                                            GET /casumo/no/images/gonzos_1.png HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:03 GMT
Content-Length: 55725
Connection: keep-alive
Last-Modified: Tue, 29 May 2018 12:35:29 GMT
Expires: Thu, 30 Aug 2018 22:54:03 GMT
Cache-Control: max-age=5184000
Pragma: public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 216 x 200, 8-bit/color RGBA, non-interlaced
Size:   55725
Md5:    a836444915a7e42f0bc5a30dd6cd6363
Sha1:   3b95c1a3ebc2ce3145ed177c36e020a30d197c71
Sha256: 9c98df6cd54f37226dc3b702adbf426c052a44e49b6278fa9e68ff70ceda202d
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 01 Jul 2018 22:54:06 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    47ead11db98f4a0a429e158be7ef4513
Sha1:   30766a920386bb11e63c93dc88145af7ac4e82f1
Sha256: 74368c822f0446c1a3ff6f98dd34b53dc9a91cb092b00260789a261a07808bac
                                        
                                            GET /s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0d.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Origin: https://www.pcmclks.com

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 17704
Date: Tue, 12 Jun 2018 17:33:16 GMT
Expires: Wed, 12 Jun 2019 17:33:16 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:44 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1660850
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  data
Size:   17704
Md5:    bf2d0783515b7d75c35bde69e01b3135
Sha1:   0e92462e402c15295366d912a7b8be303d0257d8
Sha256: 054349dda27b80bb105fbc59b5973ef9889ed976aca1fbe39f77688dcff8c552
                                        
                                            POST / HTTP/1.1 
Host: gn.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1419
Content-Transfer-Encoding: binary
Cache-Control: max-age=423021, public, no-transform, must-revalidate
Last-Modified: Fri, 29 Jun 2018 20:24:28 GMT
Expires: Fri, 6 Jul 2018 20:24:28 GMT
Date: Sun, 01 Jul 2018 22:54:07 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1419
Md5:    56e61ed6215dc76ea3259cb99cefe856
Sha1:   29e07350beeb374599605e243b41f16231497f0e
Sha256: 1a300903e25f4f471e511b0fcc2f6a77b7367fb9045806c90951f47aec717943
                                        
                                            GET /s/opensans/v15/mem5YaGs126MiZpBA-UN8rsOUuhv.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Origin: https://www.pcmclks.com

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18644
Date: Fri, 22 Jun 2018 13:52:11 GMT
Expires: Sat, 22 Jun 2019 13:52:11 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 810116
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  data
Size:   18644
Md5:    c6aa0c4a601fb6ac66f8253fa594dff5
Sha1:   35a06882e0df78a568fa526d384e3a55d368c81c
Sha256: 03f832f4dc715772a6686ce7cbe953b2dd4d88236ccd4fc93a8b62b279d43ac5
                                        
                                            GET /casumo/no/images/casumo_bg_small.jpg HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/css/style.css

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:05 GMT
Content-Length: 199140
Connection: keep-alive
Last-Modified: Tue, 29 May 2018 12:35:28 GMT
Expires: Thu, 30 Aug 2018 22:54:05 GMT
Cache-Control: max-age=5184000
Pragma: public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   199140
Md5:    ee7ad1ad905097ac0196e4cd630f3c35
Sha1:   07532ccaf78a8f4f6e64b72f506a1cb9d1c03a2c
Sha256: 00d886f6aef592ca4cfb7c9c8daa38b73c0913e825be5fa8c27a4a0f8ab9ca2d
                                        
                                            GET /redirect.aspx?pid=2662&bid=1545&AFFID=NO-pc28-2045607-2476246003-0-lnd HTTP/1.1 
Host: ads.casumoaffiliates.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         146.177.40.248
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Cache-Control: private,no-cache, no-store
Pragma: no-cache
Location: https://www.casumo.com/affiliate/?destination=registration&btag=654623_5318A95273244859B2A3DC44E441C8BC&AFFID=NO-pc28-2045607-2476246003-0-lnd&pid=2662&bid=1545
Server: Microsoft-IIS/10.0
P3P: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
X-AspNet-Version: 4.0.30319
Set-Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a2662%2c%22BID%22%3a1545%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1530485648042)%5c%2f%22%2c%22CookieTag%22%3a%22154526623219210477C2018712354%22%7d%5d; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22141116395%7c1%22%7d%5d; expires=Tue, 01-Jul-3017 22:54:08 GMT; path=/
Request-Context: appId=cid-v1:42ca6b97-b564-4b23-b218-51b9f4f71628
X-Powered-By: ASP.NET
Date: Sun, 01 Jul 2018 22:54:07 GMT
Connection: close
Content-Length: 0


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: no-cache
Date: Sun, 01 Jul 2018 22:54:08 GMT
Etag: "5b3585d2-1d7"
Expires: Sun, 01 Jul 2018 01:05:22 GMT
Last-Modified: Fri, 29 Jun 2018 01:05:22 GMT
Server: ECS (ams/49A4)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    818996af57a260a0a899e4b33041d473
Sha1:   81cfc0481e35ab24f5df4e6edf8c6c1047d433bf
Sha256: 198a89f89e4e98edc590dc4c42be52ca27ba329862423b01eb908c18f035e5c9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: no-cache
Date: Sun, 01 Jul 2018 22:54:08 GMT
Etag: "5b358bb3-1d7"
Expires: Sun, 01 Jul 2018 01:30:27 GMT
Last-Modified: Fri, 29 Jun 2018 01:30:27 GMT
Server: ECS (arn/4692)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e16ff1f04889b9b55bd15b559f6caccd
Sha1:   4746c6a86f215af42f8b41b3f369ccbcfcb4b190
Sha256: 53da1de97bde383eca60b55813b89f94fc6a3a54c25f03fb3cadee436eaf166e
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.pcmclks.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         31.204.152.179
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 01 Jul 2018 22:54:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Feb 2017 12:46:31 GMT
Expires: Thu, 30 Aug 2018 22:54:07 GMT
Cache-Control: max-age=5184000
Pragma: public
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   82968
Md5:    bc57fffee42bb2f3d3a09c144d0e9bf2
Sha1:   25bb39976246921e5c8680ec65623e467340a15a
Sha256: 2cb3bd764a3f7e52f63e512179a7a331b389b1476e0af23768cc71b4d695c670
                                        
                                            GET /affiliate/?destination=registration&btag=654623_5318A95273244859B2A3DC44E441C8BC&AFFID=NO-pc28-2045607-2476246003-0-lnd&pid=2662&bid=1545 HTTP/1.1 
Host: www.casumo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566
Cookie: __cfduid=d680eeb60b2eaa87590bbe6664319d8d51530485648

                                         
                                         104.16.26.10
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 01 Jul 2018 22:54:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 433c73e99b76429d-OSL
Etag: W/"5b362ccb-c54f3"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Last-Modified: Fri, 29 Jun 2018 12:57:47 GMT
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   465170
Md5:    98af19e0eb3430b1650f3ff85669263e
Sha1:   baa27449deaf53e03dc850037f6600888e9e38f3
Sha256: 86924c77305ba90c696fc5c6d65cab0f4fb0ebe8e49f68d9526399043cbcb507
                                        
                                            GET /affiliate/?destination=registration&btag=654623_5318A95273244859B2A3DC44E441C8BC&AFFID=NO-pc28-2045607-2476246003-0-lnd&pid=2662&bid=1545 HTTP/1.1 
Host: www.casumo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.pcmclks.com/casumo/no/index.php?site=pc28-2045607-2476246003-0-lnd&acsc=108980566

                                         
                                         104.16.26.10
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 01 Jul 2018 22:54:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d680eeb60b2eaa87590bbe6664319d8d51530485648; expires=Mon, 01-Jul-19 22:54:08 GMT; path=/; domain=.casumo.com; HttpOnly
CF-RAY: 433c73e57d2142b5-OSL
Etag: W/"5b362ccb-c54f3"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Last-Modified: Fri, 29 Jun 2018 12:57:47 GMT
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---