CapTipper

Analysis Info

PCAP File Analysis Time CapTipper Version Traffic Time
/opt/Malware-Project/BigDataset/Scenarios/CTU-Malware-Capture-Botnet-144-1//2015-10-23_win5.pcap 10/23/15 13:02:10 0.2 b10 09/10/72 10:32:59

Flow View


Client Details

IP10.0.2.105
MAC08:00:27:ef:ee:34
USER-AGENTMozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)

Conversations

www.google.com    (173.194.116.243:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
0/text/html0.html302 FoundHTML258.0 B09/10/72 10:32:59

www.google.cz    (173.194.122.24:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
1/?gfe_rd=cr&ei=RtICVo7JFsuk8weDuLGgDAtext/html1.html302 FoundHTML274.0 B09/10/72 18:29:26
2/url?url=http://www.utorrent.com/&rct=j&frm=1&q=&esrc=s&sa=U&ved=0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o&usg=AFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zgtext/htmlurl200 OKTEXT511.0 B08/26/74 15:42:42

www.utorrent.com    (87.248.222.180:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
3/styles/components.css?1440188659text/csscomponents.css200 OKTEXT75.6 KB08/30/74 09:37:55
5/fonts/fontawesome/fontawesome-webfont.eot?application/octet-streamfontawesome-webfont.eot200 OKBINARY37.3 KB09/02/74 00:59:18
6/(2)text/html(2)200 OKHTML32.1 KB08/29/74 15:34:31
7/stylesheets/jquery.smartbanner.css?1416516159text/cssjquery.smartbanner.css200 OKTEXT3.9 KB09/10/74 23:15:54
8/scripts/vendor/modernizr.jsapplication/x-javascriptmodernizr.js200 OKTEXT12.5 KB09/10/74 23:09:01
9/scripts/jquery.smartbanner.jsapplication/x-javascriptjquery.smartbanner.js200 OKTEXT14.5 KB09/11/74 02:31:22
14/img/bkgd/header.jpgimage/jpegheader.jpg200 OKJPG24.8 KB10/15/74 09:02:52
18/img/icons/browser-download.pngimage/pngbrowser-download.png200 OKPNG1.0 KB10/14/74 08:40:36
19/img/logos/utorrent.pngimage/pngutorrent.png200 OKPNG2.5 KB10/17/74 03:49:40
20/scripts/headers.php?callback=jQuery11110801345304742395_1443023956355&_=1443023956356application/javascriptheaders.php200 OKTEXT264.0 B10/13/74 22:56:21
23/img/icons/menu-white.pngimage/pngmenu-white.png200 OKPNG142.0 B10/17/74 18:07:08
24/img/home/bundle-diplo.pngimage/pngbundle-diplo.png200 OKPNG51.2 KB10/13/74 23:25:12
25/img/home/bundle-thom-yorke.pngimage/pngbundle-thom-yorke.png200 OKPNG64.6 KB10/13/74 23:20:23
26/img/icons/checkmark-white.pngimage/pngcheckmark-white.png200 OKPNG211.0 B10/26/74 08:08:29
27/img/icons/feather.pngimage/pngfeather.png200 OKPNG2.1 KB10/25/74 21:00:08
28/img/icons/clock.pngimage/pngclock.png200 OKPNG3.4 KB10/25/74 21:07:08
29/img/home/bundle-g-eazy.pngimage/pngbundle-g-eazy.png200 OKPNG14.0 KB10/25/74 19:01:26
30/img/home/bundle-mood-indigo.pngimage/pngbundle-mood-indigo.png200 OKPNG83.4 KB10/25/74 19:55:39
32/img/icons/browser-search.pngimage/pngbrowser-search.png200 OKPNG1.5 KB10/25/74 22:01:51
33/img/bkgd/heroBkgd.jpgimage/jpegheroBkgd.jpg200 OKJPG73.2 KB10/25/74 20:05:05
34/img/icons/lightning.pngimage/pnglightning.png200 OKPNG1.7 KB11/18/74 01:51:42
37/img/icons/arrow-download.pngimage/pngarrow-download.png200 OKPNG192.0 B11/18/74 01:59:09
38/img/icons/bundle.pngimage/pngbundle.png200 OKPNG2.6 KB11/18/74 02:05:53
39/img/icons/browser-download-files.pngimage/pngbrowser-download-files.png200 OKPNG970.0 B11/18/74 02:56:49
40/img/icons/browser-play.pngimage/pngbrowser-play.png200 OKPNG1.8 KB11/18/74 03:04:14
51/scripts/app.jsapplication/x-javascriptapp.js200 OKTEXT1.7 KB11/26/74 18:08:41
52/scripts/jquery.colorbox-min.jsapplication/x-javascriptjquery.colorbox-min.js200 OKTEXT11.5 KB12/04/74 19:32:48
54/scripts/main.min.jsapplication/x-javascriptmain.min.js200 OKTEXT28.7 KB12/05/74 03:34:41
56/scripts/tracking.jsapplication/x-javascripttracking.js200 OKTEXT3.3 KB12/05/74 11:22:22
69/faviconUT.icoimage/x-iconfaviconUT.ico200 OKICO1.3 KB01/26/75 20:23:37
76/downloads/complete/os/win/track/stabletext/htmlstable200 OKHTML22.0 KB08/20/76 15:29:11
77/styles/components.css?1440188658text/csscomponents.css200 OKTEXT75.6 KB08/21/76 14:43:05
78/stylesheets/jquery.smartbanner.css?1416516157text/cssjquery.smartbanner.css200 OKTEXT3.9 KB09/02/76 03:42:53
81/scripts/headers.php?callback=jQuery11110705322533210397_1443024016311&_=1443024016312application/javascriptheaders.php200 OKTEXT264.0 B09/06/76 08:07:18
96/scripts/headers.php?callback=jQuery111104240860805529003_1443024044119&_=1443024044120application/javascriptheaders.php200 OKTEXT265.0 B07/25/77 09:47:26
126/download/langpacks/dl.php?build=41073&ref=client&client=utorrent&sys_l=en&sel_l=-1&tk=stable34(2)text/htmldl.php301 Moved PermanentlyHTML184.0 B10/07/84 22:19:01
133/scripts/dl.php?build=41073&ref=client&client=utorrent&sys_l=en&sel_l=-1&tk=stable34application/x-utorrent-languageutorrent.lng200 OKZIP1.3 MB10/12/84 19:04:29

fonts.googleapis.com    (64.233.166.95:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
4/css?family=Open+Sans:400,300,700,600text/csscss200 OKTEXT186.0 B08/30/74 18:06:56

ajax.googleapis.com    (74.125.71.95:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
10/ajax/libs/jquery/1.11.1/jquery.min.jstext/javascriptjquery.min.js200 OKTEXT32.4 KB10/04/74 09:08:52

cdn.optimizely.com    (93.184.220.20:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
11/js/50136351.jstext/javascript50136351.js200 OKTEXT112.7 KB10/04/74 06:26:35

cdn3.optimizely.com    (23.34.180.211:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
12/js/geo2.jsapplication/x-javascriptgeo2.js200 OKTEXT287.0 B10/11/74 10:54:03

50136351.log.optimizely.com    (50.19.224.43:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
13/event?a=50136351&d=8230037&y=false&src=js&s172226670=none&s172411375=ie&s172074712=false&s172441755=search&tsent=1443023956.375&n=http%3A%2F%2Fwww.utorrent.com%2F&u=oeu1443023956265r0.5192214111748676&time=1443023956.375&f=3406420594&g=image/gifevent200 OKGIF35.0 B10/14/74 22:10:15
17/event?a=50136351&d=8230037&y=false&src=js&s172226670=none&s172411375=ie&s172074712=false&s172441755=search&tsent=1443023956.295&n=http%3A%2F%2Fwww.utorrent.com%2F&u=oeu1443023956265r0.5192214111748676&time=1443023956.275&f=3406420594&g=image/gifevent200 OKGIF35.0 B10/15/74 07:13:52
72/event?a=50136351&d=8230037&y=false&src=js&s172226670=none&s172411375=ie&s172074712=false&s172441755=search&tsent=1443023980.64&n=engagement&u=oeu1443023956265r0.5192214111748676&time=1443023980.63&f=3406420594&g=50173152image/gifevent200 OKGIF35.0 B07/21/75 07:47:29
80/event?a=50136351&d=8230037&y=false&src=js&s172226670=none&s172411375=ie&s172074712=false&s172441755=search&tsent=1443024016.281&n=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&u=oeu1443023956265r0.5192214111748676&time=1443024016.281&f=3406420594&g=image/gifevent200 OKGIF35.0 B09/05/76 21:22:12
87/event?a=50136351&d=8230037&y=false&src=js&s172226670=none&s172411375=ie&s172074712=false&s172441755=search&tsent=1443024016.642&n=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&u=oeu1443023956265r0.5192214111748676&time=1443024016.642&f=3406420594&g=image/gifevent200 OKGIF35.0 B09/10/76 02:00:51
93/event?a=50136351&d=8230037&y=false&src=js&s172226670=none&s172411375=ie&s172074712=false&s172441755=search&tsent=1443024044.069&n=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&u=oeu1443023956265r0.5192214111748676&time=1443024044.069&f=3406420594&g=image/gifevent200 OKGIF35.0 B07/24/77 15:13:46
99/event?a=50136351&d=8230037&y=false&src=js&s172226670=none&s172411375=ie&s172074712=false&s172441755=search&tsent=1443024044.169&n=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&u=oeu1443023956265r0.5192214111748676&time=1443024044.169&f=3406420594&g=image/gifevent200 OKGIF35.0 B07/25/77 21:06:10

static.bitmedianetwork.com    (104.16.13.8:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
15/ados.jsapplication/javascriptados.js200 OKTEXT7.2 KB10/14/74 01:29:49

www.google-analytics.com    (216.58.211.14:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
16/analytics.jstext/javascriptanalytics.js200 OKTEXT10.7 KB10/13/74 23:49:01
35/collect?v=1&_v=j39&a=726888813&t=pageview&_s=1&dl=http%3A%2F%2Fwww.utorrent.com%2F&dr=http%3A%2F%2Fwww.google.cz%2Furl%3Furl%3Dhttp%3A%2F%2Fwww.utorrent.com%2F%26rct%3Dj%26frm%3D1%26q%3D%26esrc%3Ds%26sa%3DU%26ved%3D0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o%26usg%3DAFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zg&ul=en-us&de=utf-8&dt=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=658x464&je=0&fl=10.0%20r22&_u=AGAAgE~&jid=1580594012&cid=1523440909.1443023957&tid=UA-116155-1&z=1523448594image/gifcollect200 OKGIF35.0 B11/24/74 10:08:26
55/collect?v=1&_v=j39&a=726888813&t=event&ni=1&_s=2&dl=http%3A%2F%2Fwww.utorrent.com%2F&dr=http%3A%2F%2Fwww.google.cz%2Furl%3Furl%3Dhttp%3A%2F%2Fwww.utorrent.com%2F%26rct%3Dj%26frm%3D1%26q%3D%26esrc%3Ds%26sa%3DU%26ved%3D0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o%26usg%3DAFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zg&ul=en-us&de=utf-8&dt=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=658x464&je=0&fl=10.0%20r22&ec=Reading&ea=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&el=Article%20Loaded&ev=1&_u=CGAAgE~&jid=&cid=1523440909.1443023957&tid=UA-116155-1&z=1010817130image/gifcollect200 OKGIF35.0 B12/06/74 17:41:01
73/collect?v=1&_v=j39&a=726888813&t=event&ni=1&_s=3&dl=http%3A%2F%2Fwww.utorrent.com%2F&dr=http%3A%2F%2Fwww.google.cz%2Furl%3Furl%3Dhttp%3A%2F%2Fwww.utorrent.com%2F%26rct%3Dj%26frm%3D1%26q%3D%26esrc%3Ds%26sa%3DU%26ved%3D0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o%26usg%3DAFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zg&ul=en-us&de=utf-8&dt=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=658x464&je=0&fl=10.0%20r22&ec=Reading&ea=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&el=Start%20Reading&ev=1&_u=CGAAgE~&jid=&cid=1523440909.1443023957&tid=UA-116155-1&z=1190320299image/gifcollect200 OKGIF35.0 B07/22/75 17:32:43
74/collect?v=1&_v=j39&a=726888813&t=event&ni=1&_s=4&dl=http%3A%2F%2Fwww.utorrent.com%2F&dr=http%3A%2F%2Fwww.google.cz%2Furl%3Furl%3Dhttp%3A%2F%2Fwww.utorrent.com%2F%26rct%3Dj%26frm%3D1%26q%3D%26esrc%3Ds%26sa%3DU%26ved%3D0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o%26usg%3DAFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zg&ul=en-us&de=utf-8&dt=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=658x464&je=0&fl=10.0%20r22&ec=Reading&ea=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&el=Content%20Bottom&ev=1&_u=SGAAgE~&jid=&cid=1523440909.1443023957&tid=UA-116155-1&cm1=20&cd1=Scanner&z=614319518image/gifcollect200 OKGIF35.0 B07/22/75 21:54:59
75/collect?v=1&_v=j39&a=726888813&t=event&ni=1&_s=5&dl=http%3A%2F%2Fwww.utorrent.com%2F&dr=http%3A%2F%2Fwww.google.cz%2Furl%3Furl%3Dhttp%3A%2F%2Fwww.utorrent.com%2F%26rct%3Dj%26frm%3D1%26q%3D%26esrc%3Ds%26sa%3DU%26ved%3D0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o%26usg%3DAFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zg&ul=en-us&de=utf-8&dt=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=658x464&je=0&fl=10.0%20r22&ec=Reading&ea=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&el=Page%20Bottom&ev=1&_u=SGAAgE~&jid=&cid=1523440909.1443023957&tid=UA-116155-1&cm1=20&cd1=Scanner&cm2=0&z=1426284219image/gifcollect200 OKGIF35.0 B01/09/76 21:31:48
79/collect?v=1&_v=j39&a=727441231&t=pageview&_s=1&dl=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&ul=en-us&de=utf-8&dt=Download%20complete%20-%20%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=675x481&je=0&fl=10.0%20r22&_u=ACCAgE~&jid=&cid=1523440909.1443023957&tid=UA-116155-1&z=402124878image/gifcollect200 OKGIF35.0 B09/06/76 07:08:26
85/r/collect?v=1&_v=j39&a=727441231&t=event&ni=0&_s=1&dl=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&ul=en-us&de=utf-8&dt=Download%20complete%20-%20%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=658x464&je=0&fl=10.0%20r22&ec=download%20complete&ea=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&el=http%3A%2F%2Fwww.utorrent.com%2F&_u=SCCAAEAAI~&jid=1977814313&cid=1523440909.1443023957&tid=UA-116155-1&_r=1>m=GTM-M5F5X5&z=224425940image/gifcollect200 OKGIF35.0 B09/10/76 21:07:43
91/collect?v=1&_v=j39&a=727441231&t=event&ni=1&_s=2&dl=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&ul=en-us&de=utf-8&dt=Download%20complete%20-%20%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=675x481&je=0&fl=10.0%20r22&ec=Reading&ea=Download%20complete%20-%20%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&el=Article%20Loaded&ev=1&_u=SCCAgE~&jid=&cid=1523440909.1443023957&tid=UA-116155-1&z=499862515image/gifcollect200 OKGIF35.0 B09/17/76 02:33:52
92/collect?v=1&_v=j39&a=1588093984&t=pageview&_s=1&dl=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&ul=en-us&de=utf-8&dt=Download%20complete%20-%20%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=675x481&je=0&fl=10.0%20r22&_u=ACCAgE~&jid=&cid=1523440909.1443023957&tid=UA-116155-1&z=532455452image/gifcollect200 OKGIF35.0 B07/25/77 09:10:40
95/collect?v=1&_v=j39&a=1588093984&t=event&ni=0&_s=1&dl=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&ul=en-us&de=utf-8&dt=Download%20complete%20-%20%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=658x464&je=0&fl=10.0%20r22&ec=download%20complete&ea=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&el=&_u=SCCAAEAAI~&jid=&cid=1523440909.1443023957&tid=UA-116155-1>m=GTM-M5F5X5&z=1516111124image/gifcollect200 OKGIF35.0 B07/27/77 06:07:26
97/collect?v=1&_v=j39&a=1588093984&t=event&ni=1&_s=2&dl=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&ul=en-us&de=utf-8&dt=Download%20complete%20-%20%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&sd=32-bit&sr=679x656&vp=675x481&je=0&fl=10.0%20r22&ec=Reading&ea=Download%20complete%20-%20%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&el=Article%20Loaded&ev=1&_u=SCCAgE~&jid=&cid=1523440909.1443023957&tid=UA-116155-1&z=514481245image/gifcollect200 OKGIF35.0 B07/27/77 15:39:31

ssum.casalemedia.com    (195.113.232.73:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
21/usermatch?s=180334&cb=http%3A%2F%2Fengine.bitmedianetwork.com%2Fudb%2F5682%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3Dtext/htmlusermatch302 Moved TemporarilyHTML341.0 B10/14/74 12:13:49
22/usermatch?s=180334&cb=http%3A%2F%2Fengine.bitmedianetwork.com%2Fudb%2F5682%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1text/htmlusermatch200 OKHTML1.8 KB10/18/74 03:13:48

fonts.gstatic.com    (173.194.113.127:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
31/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3fY6323mHUZFJMgTvxaG2iE.eotfont/eotcJZKeOuBrn4kERxqtaUH3fY6323mHUZFJMgTvxaG2iE.eot200 OKBINARY17.5 KB10/14/74 08:53:55

www.googletagmanager.com    (216.58.211.8:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
36/gtm.js?id=GTM-M5F5X5application/javascriptgtm.js200 OKTEXT18.2 KB11/20/74 03:57:47

sync.mathtag.com    (185.29.134.233:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
41/sync/img?mt_exid=15&redir=http%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5Dimage/gifimg302 Moved Temporarily0.0 B11/28/74 00:00:58
4016/sync/img?mt_exid=15&redir=http%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&mm_bnc&mm_bctimage/gifimg302 Moved Temporarily0.0 B11/28/74 11:31:28

dsum.casalemedia.com    (195.113.232.82:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
42/crum?cm_dsp_id=3&external_user_id=77845602-d28c-4d00-bb2d-273005b74632image/gifcrum200 OKGIF43.0 B11/29/74 01:26:30
45/rum?cm_dsp_id=57&external_user_id=1048283186073115191image/gifrum200 OKGIF43.0 B11/30/74 22:38:30
48/crum?cm_dsp_id=46&external_user_id=3536195324006341094image/gifcrum200 OKGIF43.0 B12/01/74 18:58:41
50/crum?cm_dsp_id=39&external_user_id=cfdd9504-20f7-4e2a-9a35-0a2a7e568655&expiration=1445617552image/gifcrum200 OKGIF43.0 B12/02/74 07:14:33
57/crum?cm_dsp_id=20&external_user_id=1968d6c7-e6cc-4dec-8f8d-3adb0a2fb2f8image/gifcrum200 OKGIF43.0 B12/09/74 19:23:00
60/crum?external_user_id=ac17663dd49b113837f0c4607492e739&ak=283ca06c&cm_dsp_id=95&expiration=1443630349image/gifcrum200 OKGIF43.0 B12/11/74 15:27:56
67/rum?cm_dsp_id=4&external_user_id=2430055859827244307image/gifrum200 OKGIF43.0 B01/14/75 20:44:45
88/rum?cm_dsp_id=90&external_user_id=B9E96132C4D202563078C31502B3B81Bimage/gifrum200 OKGIF43.0 B09/11/76 07:55:40

b.scorecardresearch.com    (195.113.232.96:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
43/b?c1=2&c2=17330952&ns__t=1443023960451&ns_c=windows-1252&c8=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&c7=http%3A%2F%2Fwww.utorrent.com%2F&c9=http%3A%2F%2Fwww.google.cz%2Furl%3Furl%3Dhttp%3A%2F%2Fwww.utorrent.com%2F%26rct%3Dj%26frm%3D1%26q%3D%26esrc%3Ds%26sa%3DU%26ved%3D0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o%26usg%3DAFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zgb302 Moved Temporarily0.0 B11/30/74 00:11:15
66/b2?c1=2&c2=17330952&ns__t=1443023960451&ns_c=windows-1252&c8=%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&c7=http%3A%2F%2Fwww.utorrent.com%2F&c9=http%3A%2F%2Fwww.google.cz%2Furl%3Furl%3Dhttp%3A%2F%2Fwww.utorrent.com%2F%26rct%3Dj%26frm%3D1%26q%3D%26esrc%3Ds%26sa%3DU%26ved%3D0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o%26usg%3DAFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zgb2204 No Content0.0 B11/30/74 01:03:30
68/c2/17330952/cs.jsapplication/x-javascriptcs.js200 OKGZ20.0 B01/15/75 00:01:27
94/b?c1=2&c2=17330952&ns__t=1443024016702&ns_c=windows-1252&c8=Download%20complete%20-%20%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&c7=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&c9=http%3A%2F%2Fwww.utorrent.com%2Fb204 No Content0.0 B09/10/76 21:11:57
160/b?c1=2&c2=17330952&ns__t=1443024044260&ns_c=windows-1252&c8=Download%20complete%20-%20%CE%BCTorrent%C2%AE%20(uTorrent)%20-%20a%20(very)%20tiny%20BitTorrent%20client&c7=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable&c9=b204 No Content0.0 B07/27/77 06:11:45

engine.bitmedianetwork.com    (54.243.75.71:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
44/ados?t=1443023960201&request={"Placements":[{"A":5682,"S":55041,"D":"azk46597","ATA":[4,925],"Z":57120,"Properties":{"x-index-domain":"bitmedianetwork.com"}}],"Keywords":"undefined","Referrer":"http%3A%2F%2Fwww.google.cz%2Furl%3Furl%3Dhttp%3A%2F%2Fwww.utorrent.com%2F%26rct%3Dj%26frm%3D1%26q%3D%26esrc%3Ds%26sa%3DU%26ved%3D0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o%26usg%3DAFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zg","IsAsync":true}application/javascriptados200 OKTEXT1.0 KB11/28/74 16:02:23
53/udb/5682/sync/i.gif?partnerId=1&userId=VgLSiLlQJkUAAFkbVPIAAAAN%26310image/gifi.gif200 OKGIF43.0 B11/29/74 04:47:09

ib.adnxs.com    (37.252.163.222:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
46/getuid?http://dsum.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UIDtext/htmlgetuid302 Found0.0 B11/28/74 09:27:50
70/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UIDtext/htmlbounce302 Found0.0 B12/01/74 10:29:20

match.adsrvr.org    (54.247.102.54:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
47/track/cmf/casale?cm_dsp_id=39&cm_callback_url=http%3A%2F%2Fdsum.casalemedia.com%2Fcrum&cm_user_id=VgLSiLlQJkUAAFkbVPIAAAANtext/htmlcasale302 FoundTEXT323.0 B11/28/74 12:21:05
49/track/cmb/casale?cm_dsp_id=39&cm_callback_url=http%3A%2F%2Fdsum.casalemedia.com%2Fcrum&cm_user_id=VgLSiLlQJkUAAFkbVPIAAAANtext/htmlcasale302 FoundTEXT273.0 B12/01/74 16:10:47

dis.criteo.com    (178.250.2.76:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
58/dis/usersync.aspx?r=10&p=7&cp=casaleP&cu=1&url=http%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D20%26external_user_id%3D%40%40CRITEO_USERID%40%40text/htmlusersync.aspx302 FoundHTML220.0 B12/09/74 14:28:45

dmp.truoptik.com    (174.36.220.228:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
59/tr.gif?ak=283ca06c&cm_dsp_id=95&expiration=(dtu%2B604800)&cbp=external_user_id&cbc=expiration&cbk=http%3A%2F%2Fdsum.casalemedia.com%2Fcrumtext/htmltr.gif302 Moved TemporarilyHTML154.0 B12/10/74 12:35:17

edge.quantserve.com    (195.113.232.89:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
61/quant.jsapplication/x-javascriptquant.js200 OKTEXT3.0 KB12/11/74 15:43:47

magnetic.t.domdex.com    (54.246.111.235:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
62/sync/casaleimage/gifcasale200 OKGIF43.0 B12/10/74 04:29:28

pixel.quantserve.com    (95.172.94.36:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
63/pixel;r=349819760;a=p-f87ZgUEkM-SZY;fpan=1;fpa=P0-1091269716-1443023961502;ns=0;ce=1;cm=;je=1;sr=679x656x32;enc=n;dst=1;et=1443023961502;tzo=420;ref=http%3A%2F%2Fwww.google.cz%2Furl%3Furl%3Dhttp%3A%2F%2Fwww.utorrent.com%2F%26rct%3Dj%26frm%3D1%26q%3D%26esrc%3Ds%26sa%3DU%26ved%3D0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o%26usg%3DAFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zg;url=http%3A%2F%2Fwww.utorrent.com%2F;ogl=title.%C2%B5Torrent%20-%20a%20(very)%20tiny%20BitTorrent%20client%2Ctype.website%2Cimage.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2Fimages%2Finterface%2FutorrentLogoRetina%252Epng%2Curl.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2F%2Cdescription.The%20official%20%C2%B5Torrent%C2%AE%20(uTorrent)%20torrent%20client%20for%20Windows%252C%20Mac%252C%20Android%20and%20Limage/gifpixel;r=349819760;a=p-f87ZgUEkM-SZY;fpan=1;fpa=P0-1091269716-1443023961502;ns=0;ce=1;cm=;je=1;sr=679x656x32;enc=n;dst=1;et=1443023961502;tzo=420;ref=http%3A%2F%2Fwww.google.cz%2Furl%3Furl%3Dhttp%3A%2F%2Fwww.utorrent.com%2F%26rct%3Dj%26frm%3D1%26q%3D%26esrc%3Ds%26sa%3DU%26ved%3D0CCwQFjAEahUKEwihkfL6yI3IAhXCDSwKHa-SC3o%26usg%3DAFQjCNF-qUkRyEUfjBQWL5OnjP8AZZN4Zg;url=http%3A%2F%2Fwww.utorrent.com%2F;ogl=title.%C2%B5Torrent%20-%20a%20(very)%20tiny%20BitTorrent%20client%2Ctype.website%2Cimage.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2Fimages%2Finterface%2FutorrentLogoRetina%252Epng%2Curl.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2F%2Cdescription.The%20official%20%C2%B5Torrent%C2%AE%20(uTorrent)%20torrent%20client%20for%20Windows%252C%20Mac%252C%20Android%20and%20L200 OKGIF35.0 B12/12/74 00:54:27
89/pixel;r=1848117089;a=p-f87ZgUEkM-SZY;fpan=0;fpa=P0-1091269716-1443023961502;ns=0;ce=1;cm=;je=1;sr=679x656x32;enc=n;dst=1;et=1443024016712;tzo=420;ref=http%3A%2F%2Fwww.utorrent.com%2F;url=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable;ogl=title.Download%20complete%20-%20%2Ctype.website%2Cimage.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2Fimages%2Finterface%2FutorrentLogoRetina%252Epng%2Curl.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable%2Cdescription.Download%20the%20official%20%C2%B5Torrent%C2%AE%20(uTorrent)%20torrent%20client%20for%20Windows%252C%20Mac%252C%20Andrimage/gifpixel;r=1848117089;a=p-f87ZgUEkM-SZY;fpan=0;fpa=P0-1091269716-1443023961502;ns=0;ce=1;cm=;je=1;sr=679x656x32;enc=n;dst=1;et=1443024016712;tzo=420;ref=http%3A%2F%2Fwww.utorrent.com%2F;url=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable;ogl=title.Download%20complete%20-%20%2Ctype.website%2Cimage.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2Fimages%2Finterface%2FutorrentLogoRetina%252Epng%2Curl.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable%2Cdescription.Download%20the%20official%20%C2%B5Torrent%C2%AE%20(uTorrent)%20torrent%20client%20for%20Windows%252C%20Mac%252C%20Andr200 OKGIF35.0 B09/11/76 02:18:30
98/pixel;r=1821806163;a=p-f87ZgUEkM-SZY;fpan=0;fpa=P0-1091269716-1443023961502;ns=0;ce=1;cm=;je=1;sr=679x656x32;enc=n;dst=1;et=1443024044270;tzo=420;ref=;url=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable;ogl=title.Download%20complete%20-%20%2Ctype.website%2Cimage.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2Fimages%2Finterface%2FutorrentLogoRetina%252Epng%2Curl.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable%2Cdescription.Download%20the%20official%20%C2%B5Torrent%C2%AE%20(uTorrent)%20torrent%20client%20for%20Windows%252C%20Mac%252C%20Andrimage/gifpixel;r=1821806163;a=p-f87ZgUEkM-SZY;fpan=0;fpa=P0-1091269716-1443023961502;ns=0;ce=1;cm=;je=1;sr=679x656x32;enc=n;dst=1;et=1443024044270;tzo=420;ref=;url=http%3A%2F%2Fwww.utorrent.com%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable;ogl=title.Download%20complete%20-%20%2Ctype.website%2Cimage.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2Fimages%2Finterface%2FutorrentLogoRetina%252Epng%2Curl.http%3A%2F%2Fwww%252Eutorrent%252Ecom%2Fdownloads%2Fcomplete%2Fos%2Fwin%2Ftrack%2Fstable%2Cdescription.Download%20the%20official%20%C2%B5Torrent%C2%AE%20(uTorrent)%20torrent%20client%20for%20Windows%252C%20Mac%252C%20Andr200 OKGIF35.0 B07/27/77 10:59:33

ad.turn.com    (46.228.164.11:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
64/server/pixel.htm?fpid=21&sp=ytext/htmlpixel.htm200 OKHTML371.0 B12/10/74 04:26:23

cdn.turn.com    (195.113.232.81:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
65/server/ddc.htm?uid=2430055859827244307&rnd=8699066541126974739&fpid=21&nu=y&t=&sp=y&purl=&ctid=3&cyid=3text/htmlddc.htm200 OKHTML5.4 KB01/14/75 18:46:30

a.rfihub.com    (185.31.128.208:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
71/cm?cm_dsp_id=57&cm_callback_url=http%3A%2F%2Fdsum.casalemedia.com%2Fcrum&cm_user_id=VgLSiLlQJkUAAFkbVPIAAAANcm302 Found0.0 B11/28/74 05:13:18

cas.pxl.ace.advertising.com    (64.12.68.41:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
82/cfcm.ashx?providerId=1013&extMatch=1&rcode=1cfcm.ashx302 Found0.0 B09/08/76 23:30:24
113/cfcm.ashx?providerId=1013&extMatch=1&rcode=1&ctst=1cfcm.ashx302 Found0.0 B09/10/76 07:17:58

pr-bh.ybp.yahoo.com    (77.238.185.35:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
83/sync/casale/VgLSiLlQJkUAAFkbVPIAAAAN%26310image/gifVgLSiLlQJkUAAFkbVPIAAAAN%26310200 OKGIF43.0 B09/07/76 21:11:14

pixel.everesttech.net    (66.117.28.68:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
84/1/gr?url=http%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGCK__text/htmlgr302 FoundHTML439.0 B09/07/76 23:07:29

um.simpli.fi    (50.97.233.185:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
86/pm_match?http://dsum.casalemedia.com/rum?cm_dsp_id=90&external_user_id=$UIDtext/htmlpm_match302 Moved TemporarilyHTML154.0 B09/09/76 09:44:40

r.casalemedia.com    (23.34.186.99:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
90/rum?cm_dsp_id=62&external_user_id=bx550014430256040074image/gifrum200 OKGIF43.0 B09/12/76 04:01:56

download.ap.bittorrent.com    (67.215.238.66:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
100/track/stable/endpoint/utorrent/os/windowsapplication/x-msdownload"uTorrent.exe"200 OKEXE1.7 MB07/29/77 15:43:19

csc3-2010-aia.verisign.com    (23.50.101.163:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
101/CSC3-2010.certext/plainCSC3-2010.cer200 OKBINARY1.5 KB02/04/79 08:47:23

ocsp.verisign.com    (23.50.107.27:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
102/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEFIA5aolVvwahu2WydRLM8c%3Dapplication/ocsp-responseMFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEFIA5aolVvwahu2WydRLM8c%3D200 OKBINARY1.7 KB02/07/79 08:10:12
103/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTSqZMG5M8TA9rdzkbCnNwuMAd5VgQUz5mp6nsm9EvJjo%2FX8AUm7%2BPSp50CEFcywVdOavgo4bT5Ors07Qg%3Dapplication/ocsp-responseMFEwTzBNMEswSTAJBgUrDgMCGgUABBTSqZMG5M8TA9rdzkbCnNwuMAd5VgQUz5mp6nsm9EvJjo%2FX8AUm7%2BPSp50CEFcywVdOavgo4bT5Ors07Qg%3D200 OKBINARY1.7 KB02/07/79 21:36:18

i-50.b-000.xyz.bench.utorrent.com    (54.243.219.16:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
104/e?i=50text/htmle200 OKTEXT21.0 B03/26/79 08:38:18

download-lb.utorrent.com    (67.215.238.66:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
105/endpoint/hydra-ut/os/win/track/stable/browser/ie/os-region/US/os-lang/en/os-ver/6.1/enc-ver/109813873/application/octet-stream"hta.zip"200 OKZIP2.1 MB03/27/79 11:24:55