| mediaservingoc.com/click.php?key=glg0el5milh3xjhb2jhu&subid=M7365211198544937058&partner_id=20961&pid=20961-b174e121-3512a107&campaign_id=9626e6&browser=Firefox&device=Mozilla+Firefox&app_name=unknown&geo=NO&carrier=NO+WiFi&pcid=9626e6_20961-b174e121-3512a107&pg=20961-NO | 95.217.42.163 | 302 Found | 0 B |
URL User Request GET HTTP/1.1mediaservingoc.com/click.php?key=glg0el5milh3xjhb2jhu&subid=M7365211198544937058&partner_id=20961&pid=20961-b174e121-3512a107&campaign_id=9626e6&browser=Firefox&device=Mozilla+Firefox&app_name=unknown&geo=NO&carrier=NO+WiFi&pcid=9626e6_20961-b174e121-3512a107&pg=20961-NO IP95.217.42.163:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectmediaservingoc.com Fingerprint5F:3A:2A:6B:6A:18:7A:54:45:E7:19:86:E9:B2:FD:20:A2:53:EC:C9 ValiditySun, 21 Apr 2024 19:41:20 GMT - Sat, 20 Jul 2024 19:41:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=glg0el5milh3xjhb2jhu&subid=M7365211198544937058&partner_id=20961&pid=20961-b174e121-3512a107&campaign_id=9626e6&browser=Firefox&device=Mozilla+Firefox&app_name=unknown&geo=NO&carrier=NO+WiFi&pcid=9626e6_20961-b174e121-3512a107&pg=20961-NO HTTP/1.1
Host: mediaservingoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.26.0
Date: Sat, 04 May 2024 18:21:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=3va3y9; expires=Sun, 05-May-2024 18:21:05 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c; expires=Sun, 05-May-2024 18:21:05 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c
Strict-Transport-Security: max-age=31536000
|
|
| go.kelpboat.com/favicon.ico | 67.212.184.146 | | 1.2 kB |
URL go.kelpboat.com/favicon.ico IP67.212.184.146:0
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash91abe01116ab422c598e9c8af72cf4da 0f2815fe8e067d48537ad168225ab4674271fa27 b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
GET /favicon.ico HTTP/1.1
Host: go.kelpboat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
date: Sat, 04 May 2024 18:21:05 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 11 Aug 2023 10:37:02 GMT
etag: "64d60f4e-47e"
expires: Sun, 05 May 2024 18:21:05 GMT
cache-control: max-age=86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=604800; persist=1
accept-ranges: bytes
|
|
| accuvisitor.com/3p/script.js | 51.91.68.47 | 200 OK | 2.0 kB |
URL GET HTTP/3accuvisitor.com/3p/script.js IP51.91.68.47:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerLet's Encrypt Subjectaccuvisitor.com Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49 ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT
File typeassembler source, ASCII text Hash8e8ad12b42350341e870a648dbfa1363 6a5ce0d03d3d8b244a4671a824131b19cbade987 252b35641180eb6f5ef167a3abf6dcef81b012f3d902cc0f46bb009fcd6451b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /3p/script.js HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx/1.25.3
date: Sat, 04 May 2024 18:21:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 2029
last-modified: Tue, 06 Feb 2024 10:52:54 GMT
etag: "65c20f86-7ed"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
|
|
| accuvisitor.com/3p/style.css | 51.91.68.47 | 200 OK | 3.8 kB |
URL GET HTTP/3accuvisitor.com/3p/style.css IP51.91.68.47:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerLet's Encrypt Subjectaccuvisitor.com Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49 ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT
Hash4fab41811a8c6b717a86f86ab4de0105 06a085af05ca6879b83eac1498eead0ceddaadac 8cc56e01ec04772b51e8d8a3f8e0cb740a44a501c992a37b10515001cef94d4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /3p/style.css HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx/1.25.3
date: Sat, 04 May 2024 18:21:05 GMT
content-type: text/css
content-length: 3774
last-modified: Fri, 02 Feb 2024 21:21:55 GMT
etag: "65bd5cf3-ebe"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
|
|
| yidiandian.xyz/ | 188.114.97.1 | | 3.3 kB |
IP188.114.97.1:0
File typeHTML document, ASCII text, with no line terminators Hash389b99c6d1c73165ff0cfda3f73c5128 cc9c698c6af96bfe7a7e93ec14cf658849195a86 e8932dc7165e3394a117c17f2a5b57a9f17a2cdfda5af8f544d4f03e49c582a9
GET / HTTP/1.1
Host: yidiandian.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://namefrantic.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:21:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZqzorICjQLUKfQKrzBZ%2BhnFLe5lP%2FRJ5kVy0a7vJo4GcP2WRFA0IbUoQzhflUm701vTRUPLfJ9x9VkC41LOf8mguLERSTn2eHzeuJ0f61SvhugfeoKof1AR3aARYt0DFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea8226587d5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accuvisitor.com/3p/images/check.png | 51.91.68.47 | 200 OK | 2.6 kB |
URL GET HTTP/3accuvisitor.com/3p/images/check.png IP51.91.68.47:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerLet's Encrypt Subjectaccuvisitor.com Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49 ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT
File typePNG image data, 256 x 256, 8-bit colormap, non-interlaced Hashc0879fd8363b5549b2ed0cec9b042b3b abeba0b0e5727a368e6bc963aecad9da8ec6f341 7879caae870090c87c28a02d608dd25d1988b6887c30f5ea99a3777964d905f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /3p/images/check.png HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx/1.25.3
date: Sat, 04 May 2024 18:21:05 GMT
content-type: image/png
content-length: 2649
last-modified: Sun, 04 Feb 2024 19:21:22 GMT
etag: "65bfe3b2-a59"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
|
|
| accuvisitor.com/3p/images/arrow.png | 51.91.68.47 | 200 OK | 2.9 kB |
URL GET HTTP/3accuvisitor.com/3p/images/arrow.png IP51.91.68.47:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerLet's Encrypt Subjectaccuvisitor.com Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49 ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT
File typePNG image data, 256 x 256, 8-bit colormap, non-interlaced Hashd190208ba37115f53c9a9057a130fcf3 5019f7d77731be18d40c89b746a247af4eb91853 25da48f054c6205c8c98783dcf2ca52813c0448180f5313fd17c95604d2ab901
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /3p/images/arrow.png HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx/1.25.3
date: Sat, 04 May 2024 18:21:05 GMT
content-type: image/png
content-length: 2938
last-modified: Sun, 04 Feb 2024 19:21:22 GMT
etag: "65bfe3b2-b7a"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
|
|
| code.jquery.com/jquery-3.7.1.min.js | 151.101.2.137 | 200 OK | 30 kB |
URL GET HTTP/2code.jquery.com/jquery-3.7.1.min.js IP151.101.2.137:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /jquery-3.7.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-155ed"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 May 2024 18:21:05 GMT
age: 704661
x-served-by: cache-lga21978-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 5, 129376
x-timer: S1714846866.793150,VS0,VE0
vary: Accept-Encoding
content-length: 30336
X-Firefox-Spdy: h2
|
|
| wurfl.io/wurfl.js | 13.50.181.252 | 200 OK | 1.5 kB |
IP13.50.181.252:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerAmazon Subjectwurfl.io Fingerprint84:98:DD:3B:AF:04:6D:BB:FE:28:6C:10:1A:EF:71:B5:3C:48:38:97 ValidityWed, 23 Aug 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3512) Hash4e56ee18d87f62dc6297b5d332d1b081 63b4003113f47f2602ac99e828ebf7d615dac68f 2bf5cac174101bde02ebd7664e6dac3f41c3206a3aee299ca2153f4e96d5fd9e
GET /wurfl.js HTTP/1.1
Host: wurfl.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
Cache-Control: no-cache
Content-Encoding: br
Content-Type: application/javascript
Cross-Origin-Embedder-Policy: cross-origin
Cross-Origin-Opener-Policy: cross-origin
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 04 May 2024 18:21:05 GMT
Vary: accept-encoding, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version
Content-Length: 1488
Connection: keep-alive
|
|
| accuvisitor.com/3p/images/bg.png | 51.91.68.47 | 200 OK | 56 kB |
URL GET HTTP/3accuvisitor.com/3p/images/bg.png IP51.91.68.47:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerLet's Encrypt Subjectaccuvisitor.com Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49 ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT
File typePNG image data, 3500 x 3500, 4-bit colormap, non-interlaced Hash1d3c98099c0b3e2cda9c3ca2cd6a1a89 2bf1561dcfef7eba77215690758f45a8148718df 45dc96c114f10246160edc4407b8a4b517b1b27a43e56aedea256906c1c567c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /3p/images/bg.png HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx/1.25.3
date: Sat, 04 May 2024 18:21:05 GMT
content-type: image/png
content-length: 55530
last-modified: Sun, 04 Feb 2024 19:21:22 GMT
etag: "65bfe3b2-d8ea"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://accuvisitor.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:03:54 GMT
expires: Fri, 02 May 2025 02:03:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 231432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://accuvisitor.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 31949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://accuvisitor.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 231966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 | 67.212.184.146 | | 5.5 kB |
URL go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 IP67.212.184.146:0
File typegzip compressed data, from Unix Hasha779ae2dd492941fa1c19f42c9102321 fe5872ce92f64ffc0ff5295bc6844ec0f41a7718 7180924cd5fb3928f981fe6f6043c2473b01cbc26b0c87845982112c67be171c
GET /?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 HTTP/1.1
Host: go.kelpboat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yidiandian.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:21:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=604800; persist=1
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| get.geojs.io/v1/ip/country.js | 104.26.0.100 | 200 OK | 82 B |
URL GET HTTP/2get.geojs.io/v1/ip/country.js IP104.26.0.100:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerLet's Encrypt Subjectgeojs.io FingerprintB4:9E:CC:F3:6D:DD:E3:68:A0:4A:B0:10:ED:5E:C2:60:0E:41:FE:36 ValidityMon, 11 Mar 2024 03:28:55 GMT - Sun, 09 Jun 2024 03:28:54 GMT
File typeASCII text, with no line terminators Hash750e773c34cbfd6371bdfdf7b9463161 fdb8e6df2f251b201f4b564c4a321b30217f0e96 0be35419f6d82d9d78f2dcf0439d27832787a265a60759ddc7bb785b37ac3e9f
GET /v1/ip/country.js HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:21:05 GMT
content-type: application/javascript; charset=utf-8
x-request-id: 3079422c081fd7a37978033c38487245-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxaqPXc3fidEpWttl%2BHKHd3IFJT58xHAhZ28BmG6gkuQ9LsBD47qjbFHsl%2B2abRPEBreDOi1Av0gEO5GryQjVITc4Tnjb88W7PYny29luKRG08JL6%2BnwMtuQ6dgCwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87ea822ed96b56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accuvisitor.com/3p/images/logo.png | 51.91.68.47 | 200 OK | 3.2 kB |
URL GET HTTP/3accuvisitor.com/3p/images/logo.png IP51.91.68.47:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerLet's Encrypt Subjectaccuvisitor.com Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49 ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT
File typePNG image data, 256 x 256, 8-bit colormap, non-interlaced Hash15a34b8fc618b2d90712f47874c211cc d1d998d74f30c2b5344de2f9f3f3ef4ac2fe03bb 3be024377b052ad72a32aa5de6eabbddf6fd4168d4579cc865c872d8e57fca36
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /3p/images/logo.png HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx/1.25.3
date: Sat, 04 May 2024 18:21:05 GMT
content-type: image/png
content-length: 3210
last-modified: Sun, 04 Feb 2024 19:21:22 GMT
etag: "65bfe3b2-c8a"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
|
|
| accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c | 51.91.68.47 | 200 OK | 3.4 kB |
URL User Request GET HTTP/2accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c IP51.91.68.47:443
CertificateIssuerLet's Encrypt Subjectaccuvisitor.com Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49 ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (3592), with no line terminators Hash35305c9a0dd3a637d2505fa498da7a41 e48b3cfc99debeeaa8d72616231a4310d988fd92 a06566751d38764564668a3cd42ea806ffad8899667964c10a3ba05f65f6aeca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Sat, 04 May 2024 18:21:05 GMT
content-type: text/html; charset=UTF-8
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap | 142.250.74.106 | 200 OK | 14 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap IP142.250.74.106:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash9c12b57a25710853b762d48b28545b5c 57a79d40792f42232b317bd9529c98efa29fc315 35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 18:21:05 GMT
date: Sat, 04 May 2024 18:21:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accuvisitor.com/favicon.ico | 51.91.68.47 | 404 Not Found | 153 B |
URL GET HTTP/3accuvisitor.com/favicon.ico IP51.91.68.47:443
Requested byhttps://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c CertificateIssuerLet's Encrypt Subjectaccuvisitor.com Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49 ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT
File typeHTML document, ASCII text, with no line terminators Hash6b0b81c864261cf3a7340fccfaf803ff f20f1f9b60e76821f868af83941dce31641ea54c f0f033de8e5147740811165be4c48fb96fb4bd1c249840ccc22735875fe0f753
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=3va3y9&uclickhash=3va3y9-3va3y9-ir0-0-523y-ik3y-ikbl-c6852c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
server: nginx/1.25.3
date: Sat, 04 May 2024 18:21:05 GMT
content-type: text/html; charset=utf-8
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
content-encoding: gzip
|
|