Overview

URL basin.riddleaftermath.host/?affId=1006
IP143.204.51.134
ASN
Location United States
Report completed2018-12-28 16:50:20 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-12-28 2 basin.riddleaftermath.host/?affId=1006 Malware
2018-12-28 2 camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/ Malware
2018-12-28 2 camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/fonts/ht/HelveNueThin_g (...) Malware
2018-12-28 2 camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/fonts/hm/Helvetica67-Co (...) Malware
2018-12-28 2 camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/fonts/hm/Helvetica67-Co (...) Malware
2018-12-28 2 camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/fonts/ht/HelveNueThin_g (...) Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 143.204.51.134

Date UQ / IDS / BL URL IP
2019-02-19 01:29:12 +0100
0 - 0 - 0 d1lxhc4jvstzrp.cloudfront.net 143.204.51.134
2019-02-17 07:24:53 +0100
0 - 2 - 0 kindleforpc.amazon.com/40514/KindleForPC-inst (...) 143.204.51.134
2019-02-02 06:55:12 +0100
0 - 0 - 1 tax.tongueseashore.host/sGsXcmYZdaRaFXjWBac2W (...) 143.204.51.134
2019-01-20 13:24:26 +0100
0 - 2 - 0 d1yhfmaeqoavae.cloudfront.net/SilentInstaller (...) 143.204.51.134
2019-01-06 01:47:49 +0100
0 - 0 - 1 attraction.teamgeese.pw/e437fb574042b9eb62583 (...) 143.204.51.134
2019-01-06 01:47:06 +0100
0 - 4 - 1 attraction.teamgeese.pw/712738a2a06656626968c (...) 143.204.51.134
2018-12-16 14:39:14 +0100
0 - 3 - 0 d27ofrk4ubiq4a.cloudfront.net/prepreinstaller (...) 143.204.51.134
2018-12-15 18:30:38 +0100
0 - 3 - 0 d27ofrk4ubiq4a.cloudfront.net/prepreinstaller (...) 143.204.51.134
2018-12-15 06:50:21 +0100
0 - 0 - 1 day.observationvein.fun/m9ZH3GmocdB3HJeNacJum (...) 143.204.51.134
2018-12-14 09:21:10 +0100
0 - 2 - 0 d3kj6o4rxau601.cloudfront.net/xiaoqing/free_y (...) 143.204.51.134

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-02-22 00:13:44 +0100
0 - 2 - 2 fp.unived.ac.id/wp-content/uploads/organizati (...) 103.111.53.68
2019-02-22 00:11:09 +0100
0 - 1 - 0 wishkjx3.pw/c1 34.195.144.186
2019-02-22 00:09:21 +0100
0 - 1 - 0 orthodontiste-naegelen.com/ 185.177.44.115
2019-02-22 00:08:08 +0100
0 - 0 - 2 forecast-weather.eu/company/online/thrust/fil (...) 107.189.5.37
2019-02-22 00:07:33 +0100
0 - 2 - 0 centremarceau.fr/ 54.36.126.111
2019-02-22 00:06:45 +0100
0 - 0 - 0 ilove.pass.us/sarah-portfolio/i-13G2l127533014 34.232.127.114
2019-02-22 00:06:11 +0100
0 - 1 - 0 hp1344.icu/ 151.106.51.67
2019-02-22 00:05:45 +0100
0 - 1 - 0 9.hall-silver.ga/ 193.176.85.28
2019-02-22 00:04:56 +0100
0 - 1 - 0 allowlp.top/c1 47.91.170.222
2019-02-22 00:04:32 +0100
0 - 0 - 4 donkeykings.com/ 49.51.152.105

No other reports on domain: riddleaftermath.host



JavaScript

Executed Scripts (3)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (19)


Request Response
                                        
                                            GET /?affId=1006 HTTP/1.1 
Host: basin.riddleaftermath.host
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         143.204.51.156
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:46 GMT
X-Powered-By: PHP/5.5.38
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a3.cloudfront.net (CloudFront)
X-Amz-Cf-Id: e3-p3yoXa9AnDUC2VQ9nzjNP-VZHwNxw2IyUDErOKuLyPZPti7yVhQ==


--- Additional Info ---
Magic:  HTML document text
Size:   6858
Md5:    604ffc91f0a1d02a4172562af640a333
Sha1:   b64e9ad80ef1a8d93ae9e62824001cf6808a2e3f
Sha256: 2d845f51645cc03bacaada83b3012040f09634f64d9ec48a748fadea12c94415

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: basin.riddleaftermath.host
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         143.204.51.156
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 169
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:47 GMT
X-Cache: Error from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a3.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 6_U2ZutzU6IJaenreoEs_YV1ej0Hhs1PcMCix_IRH4XoYgZqPOKLAg==


--- Additional Info ---
Magic:  HTML document text
Size:   169
Md5:    07381e0839deff7c3cb3b0d8d467ed56
Sha1:   fd6407fd0a38a08dcf1c2fbbfd03fddcaea45545
Sha256: 68ee4ae637d5881c4398323e9c841d94962e4efb53a67e884a6c0561725e5196
                                        
                                            GET /7e6e0edc06bb33309bfdb6f32abe2d24ecc336ea6ec2a46b1746b1f6f5d2379b/ HTTP/1.1 
Host: condition.knifething.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         143.204.51.71
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:47 GMT
X-Powered-By: PHP/5.5.38
Location: http://camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Id: fiK8_RC7PwbU5jtxWsOQ8hx2BjCzZYQoIWaylTD_QoCwY3ACzELmlg==


--- Additional Info ---
                                        
                                            GET /cbiFXvVGmaxXlNa1jYpBn2ZbblGs/ HTTP/1.1 
Host: camp.oatmealtheory.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         143.204.51.16
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:47 GMT
X-Powered-By: PHP/5.5.38
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 6P2xvtltQFrxxU6ERF0XXUv_TpDAwssDxJpuOAXWeBukTunTdOfb6g==


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   52525
Md5:    d1834a5c17f3414f6803ff0178bbbff5
Sha1:   f4a9030e2a0d4e86dd80382b03dfb2319524014e
Sha256: ac9734f345e75c52b5e70b2d01cabb76d7dbe980ea0742fd7dcd656edcf35c24

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 28 Dec 2018 15:49:48 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    ede2148d01e4f7914af868ec38178133
Sha1:   f6f465e8a9816332d2e33136e96e8aebd84a3357
Sha256: eaedd56c1768b96a030e9e3423c6c539ea129374efd7cd285f81bb2fb1d2b1f9
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 28 Dec 2018 15:49:48 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /css?family=Open+Sans:400,300,700|Roboto+Condensed:300,400 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/

                                         
                                         216.58.207.234
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Fri, 28 Dec 2018 15:49:48 GMT
Date: Fri, 28 Dec 2018 15:49:48 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   353
Md5:    19a7965e74f1c41d985be83fee4b9410
Sha1:   8aebabf91cdd016b35917e660bb4b43f89d56217
Sha256: ae3c9493bde0e0054fed5b805c801de044acf5d2fc15fb98bfbac48d4a748ddf
                                        
                                            GET /ajax/libs/jquery/1.12.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/

                                         
                                         216.58.207.234
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 34044
Date: Thu, 20 Dec 2018 18:34:47 GMT
Expires: Fri, 20 Dec 2019 18:34:47 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 681301
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   34044
Md5:    b3cd7cd77fcf396fb3583f694b97afd2
Sha1:   504abae8d7d6336f7d927f0c9b1a3e5603bcbb0a
Sha256: 2ab50e989b465de58a2f3299126bbf76949081a5c7398dd78f2d34445fa193e3
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 28 Dec 2018 15:49:48 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    27aa9aa26a6c3455227d61136cea214f
Sha1:   f8c5f02bbaf5b6698579dd7cbc5b2f7588a12924
Sha256: 88fecab4404901147bef34a7a08d5655fb3eebee52776a5b28f4635b607e10df
                                        
                                            GET /cbiFXvVGmaxXlNa1jYpBn2ZbblGs/fonts/ht/HelveNueThin_gdi.woff HTTP/1.1 
Host: camp.oatmealtheory.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/

                                         
                                         143.204.51.16
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 169
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:48 GMT
X-Cache: Error from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ZC2axwZ-Z5Hki0JUadmEtA0Z89EVwhlKGcExwYXRCnfzouufMBQOzQ==


--- Additional Info ---
Magic:  HTML document text
Size:   169
Md5:    07381e0839deff7c3cb3b0d8d467ed56
Sha1:   fd6407fd0a38a08dcf1c2fbbfd03fddcaea45545
Sha256: 68ee4ae637d5881c4398323e9c841d94962e4efb53a67e884a6c0561725e5196

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /cbiFXvVGmaxXlNa1jYpBn2ZbblGs/fonts/hm/Helvetica67-CondensedMedium_gdi.woff HTTP/1.1 
Host: camp.oatmealtheory.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/

                                         
                                         143.204.51.16
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 169
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:48 GMT
X-Cache: Error from cloudfront
Via: 1.1 f7b07679ea4f3642f4316819f86992ab.cloudfront.net (CloudFront)
X-Amz-Cf-Id: _N1nDOfBU3ANVjq8plft6RofxAGYtv4cmIA-l3B-0GQh_XkvMRg9BA==


--- Additional Info ---
Magic:  HTML document text
Size:   169
Md5:    07381e0839deff7c3cb3b0d8d467ed56
Sha1:   fd6407fd0a38a08dcf1c2fbbfd03fddcaea45545
Sha256: 68ee4ae637d5881c4398323e9c841d94962e4efb53a67e884a6c0561725e5196

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /s/robotocondensed/v16/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7Cw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700|Roboto+Condensed:300,400
Origin: http://camp.oatmealtheory.xyz

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19716
Date: Thu, 20 Dec 2018 18:40:55 GMT
Expires: Fri, 20 Dec 2019 18:40:55 GMT
Last-Modified: Wed, 11 Oct 2017 18:25:04 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 680933
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   19716
Md5:    6da41a0de9bcf1627a01686cb1cd0d31
Sha1:   23d89b2609f314167ce3f29232b9881a8986c106
Sha256: 7f13afb794a79e345e954c28ee5fa5def27c084819335540e0d87eafc271d2d3
                                        
                                            GET /s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhv.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700|Roboto+Condensed:300,400
Origin: http://camp.oatmealtheory.xyz

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18476
Date: Thu, 20 Dec 2018 18:40:33 GMT
Expires: Fri, 20 Dec 2019 18:40:33 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 680955
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   18476
Md5:    623e3205570002af47fc2b88f9335d19
Sha1:   b5f79d1934da79c8a4ba381092dad82ffb0582cb
Sha256: 5e03e0c7668266486cab9529702019d75c219fcec2b1e82a7c11797ba9b78506
                                        
                                            GET /s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0d.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700|Roboto+Condensed:300,400
Origin: http://camp.oatmealtheory.xyz

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 17704
Date: Wed, 19 Dec 2018 21:02:37 GMT
Expires: Thu, 19 Dec 2019 21:02:37 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:44 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 758831
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   17704
Md5:    bf2d0783515b7d75c35bde69e01b3135
Sha1:   0e92462e402c15295366d912a7b8be303d0257d8
Sha256: 054349dda27b80bb105fbc59b5973ef9889ed976aca1fbe39f77688dcff8c552
                                        
                                            GET /cbiFXvVGmaxXlNa1jYpBn2ZbblGs/fonts/hm/Helvetica67-CondensedMedium_gdi.ttf HTTP/1.1 
Host: camp.oatmealtheory.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/

                                         
                                         143.204.51.16
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 169
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:48 GMT
X-Cache: Error from cloudfront
Via: 1.1 f7b07679ea4f3642f4316819f86992ab.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Lzw2Leu77r6DqaaRUDVVdy0I3qXF4nHNgd-2d7rzwLe7LbYiIiGBiA==


--- Additional Info ---
Magic:  HTML document text
Size:   169
Md5:    07381e0839deff7c3cb3b0d8d467ed56
Sha1:   fd6407fd0a38a08dcf1c2fbbfd03fddcaea45545
Sha256: 68ee4ae637d5881c4398323e9c841d94962e4efb53a67e884a6c0561725e5196

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /cbiFXvVGmaxXlNa1jYpBn2ZbblGs/fonts/ht/HelveNueThin_gdi.ttf HTTP/1.1 
Host: camp.oatmealtheory.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://camp.oatmealtheory.xyz/cbiFXvVGmaxXlNa1jYpBn2ZbblGs/

                                         
                                         143.204.51.16
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 169
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:48 GMT
X-Cache: Error from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: pidadVlodJAWE5QrOUxS_t-Q62lNdOvAkZJdeLLfN6U-raLZdMAw4w==


--- Additional Info ---
Magic:  HTML document text
Size:   169
Md5:    07381e0839deff7c3cb3b0d8d467ed56
Sha1:   fd6407fd0a38a08dcf1c2fbbfd03fddcaea45545
Sha256: 68ee4ae637d5881c4398323e9c841d94962e4efb53a67e884a6c0561725e5196

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: camp.oatmealtheory.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         143.204.51.16
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 169
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:48 GMT
X-Cache: Error from cloudfront
Via: 1.1 f7b07679ea4f3642f4316819f86992ab.cloudfront.net (CloudFront)
X-Amz-Cf-Id: nj3d4xoU_USS_bVmvQg-pn3aZ_N26g0hDlZ2VIfiHYOFtOfSPkVMAg==


--- Additional Info ---
Magic:  HTML document text
Size:   169
Md5:    07381e0839deff7c3cb3b0d8d467ed56
Sha1:   fd6407fd0a38a08dcf1c2fbbfd03fddcaea45545
Sha256: 68ee4ae637d5881c4398323e9c841d94962e4efb53a67e884a6c0561725e5196
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: basin.riddleaftermath.host
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         143.204.51.156
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 169
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:50 GMT
X-Cache: Error from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a3.cloudfront.net (CloudFront)
X-Amz-Cf-Id: I5S4SGtbMa-9sSX-EiQRfvRSt7FGpijv1w832LeETMiXjD9vXp8wcw==


--- Additional Info ---
Magic:  HTML document text
Size:   169
Md5:    07381e0839deff7c3cb3b0d8d467ed56
Sha1:   fd6407fd0a38a08dcf1c2fbbfd03fddcaea45545
Sha256: 68ee4ae637d5881c4398323e9c841d94962e4efb53a67e884a6c0561725e5196
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: camp.oatmealtheory.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         143.204.51.16
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 169
Connection: keep-alive
Server: nginx/1.10.1
Date: Fri, 28 Dec 2018 15:49:50 GMT
X-Cache: Error from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: xUTFc0cLisZx9WSbD5_VDVMaVHDSOHxRbPRipc0zHF7W4EVPaubGzA==


--- Additional Info ---
Magic:  HTML document text
Size:   169
Md5:    07381e0839deff7c3cb3b0d8d467ed56
Sha1:   fd6407fd0a38a08dcf1c2fbbfd03fddcaea45545
Sha256: 68ee4ae637d5881c4398323e9c841d94962e4efb53a67e884a6c0561725e5196