mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
88.99.87.195301 Moved Permanently 333 B URL HTTP/1.1 mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8801f31f120d41aef48f296d72608b8d
1ef0bec2428a6ad4b9f9eef99efe5793ecfbfd92
2cd57c4a68f9b2d79610a068d0aa1a550016372458a2033ac540c331e38f59da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 15 Sep 2022 16:56:06 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 16:10:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: d7UpGWYyDNLJkBe6WMxjdLQ7s3g0nVsebzZVjyzFaJl7zlmYwayEqg==
Age: 2738
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2744
Expires: Thu, 15 Sep 2022 17:41:50 GMT
Date: Thu, 15 Sep 2022 16:56:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5X9N15a5Ne-ACvbZMDS0ZjGsAGN2LUyOooslYkbV0tKfKuUn3v6sAQ==
age: 44451
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 16:56:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 35291e11a35e9ba733b92c8cd585cb95
0dc3568864272fc0a8cc086479446bf4ac40ae0c
e9e92daefbeb12fa6a547c9a0fd9f15a9a7b16a18b56cb4b4292f218269e8356
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 16:56:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 06:12:04 GMT
Expires: Wed, 21 Sep 2022 06:12:03 GMT
Etag: "0dc3568864272fc0a8cc086479446bf4ac40ae0c"
Cache-Control: max-age=479156,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b2e4d089e4b506-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 16:03:22 GMT
Expires: Thu, 15 Sep 2022 16:03:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wPmjfSpb1ezfPXa_rgTKj4QR1quotIKYuIgbsFfCbIwvf4w6-oBIQg==
Age: 3164
mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
88.99.87.195404 Not Found 7.9 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3697), with CRLF, LF line terminators
Hash 638c663d9bf7b9f1e3c2366b75b4d4da
ea944fbbb8cf7eb756c6e86db5414cac91adc45c
8ca933637926a40e05322eb67302a33495a9f08dabfd55e11ef3051cd4e3d876
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 15 Sep 2022 16:56:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; path=/
multi-device-switcher=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; expires=Sat, 17-Sep-2022 16:56:06 GMT; Max-Age=172800; path=/
language=de; expires=Fri, 15-Sep-2023 16:56:06 GMT; Max-Age=31536000; path=/
Vary: User-Agent
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2945
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Last-Modified: Thu, 15 Sep 2022 16:07:02 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
mystery-home-shop.com/wp-content/plugins/contact-form-7/includes/css/styles.css
88.99.87.195200 OK 634 B URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
Hash 61e8277a5af14469cf9aecd720125e6e
7ebab102eee5c904bcf9155f23cd80dec090f83e
c86896669cf4a3f0fcee46df672f70f0cdd9fcb00b5b8dbc4f08254a7c5e798b
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Aug 2017 19:14:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"599f25ad-646"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/menu-image/menu-image.css
88.99.87.195200 OK 338 B URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/menu-image/menu-image.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 0487cb3f18e485e791a27d6c8126966a
408397186329371ad41a56c351aab50e0b85b428
e80bc7be07fcbe598949e8fcb6be8fd49a2301848f32e7d8e77293697e8da6a8
GET /wp-content/plugins/menu-image/menu-image.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Wed, 02 Aug 2017 12:40:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5981c834-553"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/wordpress-simple-paypal-shopping-cart/wp_shopping_cart_style.css
88.99.87.195200 OK 1.0 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/wordpress-simple-paypal-shopping-cart/wp_shopping_cart_style.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 272debd253fde60ccb8bd843dd717ba4
f87c5e9126f4d38219e9b0ede9344770867c22f7
82aef78703e4e44a8aee98fb4c6f5e97a5ebe5022e32b9ac8134623b55355975
GET /wp-content/plugins/wordpress-simple-paypal-shopping-cart/wp_shopping_cart_style.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Thu, 25 Apr 2019 19:04:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5cc204cc-d08"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/wp-multilang/assets/styles/main.min.css
88.99.87.195200 OK 283 B URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/wp-multilang/assets/styles/main.min.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (896), with no line terminators
Hash fc931b0337425116bb9f09bd92a4051a
df4d7b05284b015390a6e7dbf2eb2cf820b39b0a
19f5cb357e8718035e0fa550245bde525f512d453fa7948ff175d5053846cd00
GET /wp-content/plugins/wp-multilang/assets/styles/main.min.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Sun, 14 Apr 2019 11:08:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5cb314c9-380"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/css/google-maps-builder.min.css
88.99.87.195200 OK 1.7 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/css/google-maps-builder.min.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (7098), with no line terminators
Hash 1e151a6f1c753977ac3bddefe8618b66
4a2b5683aaaff73cc4b75a2defa5bd28dea5fab3
7196987d694c7c521226189254d9db11804e20f2fe8c70eabf1ce8f671f98dc8
GET /wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/css/google-maps-builder.min.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Wed, 02 Aug 2017 12:37:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5981c7a2-1bba"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/game-portal/dist/css/main.css
88.99.87.195200 OK 50 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/game-portal/dist/css/main.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1116)
Hash ffb35622b91eac15b9020b49b651f686
d32d7d4923357e2a485f2d7845e116fa40beb786
c2ff03c94167d660ef08183fbe7c9a8bc2cfa6d984015fdbc2025fd9a1326662
GET /wp-content/plugins/game-portal/dist/css/main.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Sat, 24 Aug 2019 17:59:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5d617b09-45f4f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/google-captcha/css/gglcptch.css
88.99.87.195200 OK 399 B URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/google-captcha/css/gglcptch.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
Hash 694645c7d03b6bfb5ffabfd4f31df363
cc6b0943abf6de9e53037df2596fd16c2dc7e526
b64c5d1a9b9e860ac9147b42d7f82f2b8a10015267186c15a00d6b43664dbbdc
GET /wp-content/plugins/google-captcha/css/gglcptch.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Aug 2017 19:15:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"599f25b6-46d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/css/map-icons.css
88.99.87.195200 OK 2.8 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/css/map-icons.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3883)
Hash 68c5243b750e64af1eb7e859a2cfcf44
2084dcfc381abacb1658395af6e352c75b7be1c5
257474410da90e417b3bb5ba0ade311e23e83608b339d03008892488e90a10a5
GET /wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/css/map-icons.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Wed, 02 Aug 2017 12:37:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5981c7a2-3680"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/themes/idventure/dist/css/jquery.fullPage.min.css
88.99.87.195200 OK 946 B URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/css/jquery.fullPage.min.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2985), with no line terminators
Hash c12a24d64ef4a13bd9e852a90b82fee1
6b5efcf708bacdd68b8a53d5f0ad0298c64c7192
d3cfa14822a372e90f251f2f86a4056a25f888170f18dc29d700379b725c2586
GET /wp-content/themes/idventure/dist/css/jquery.fullPage.min.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Jul 2017 09:34:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"595b6112-ba9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/themes/idventure/dist/css/animate.min.css
88.99.87.195200 OK 4.3 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/css/animate.min.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
Hash 5aec9a38fa72dbee931f47ba1be1e99e
5c9a880ee57203bc584b6b3a79468d496743477c
c717c145f3939f1df9c6d71bff9fc765770b65cb323eaab2215f73adc15b120a
GET /wp-content/themes/idventure/dist/css/animate.min.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Jul 2017 09:34:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"595b6111-12619"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-admin/load-styles.php?c=1&dir=ltr&load=buttons%2Cdashboard
88.99.87.195200 OK 6.0 kB URL HTTP/1.1 mystery-home-shop.com/wp-admin/load-styles.php?c=1&dir=ltr&load=buttons%2Cdashboard
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
Hash 216aac3d1eafef16468d25ca9bbb553c
154be77d7ad49766d50a9c6c7f4fd35f65515ee5
03e583ab47022f8eba00fae4bc85455bfc14b0e207950b4e0702d5eda6cb047e
GET /wp-admin/load-styles.php?c=1&dir=ltr&load=buttons%2Cdashboard HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 5994
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 4.8.20
Expires: Fri, 15 Sep 2023 16:56:07 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Content-Encoding: deflate
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
mystery-home-shop.com/wp-includes/js/thickbox/thickbox.css
88.99.87.195200 OK 932 B URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/thickbox/thickbox.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
Hash c8743d959cc096fd85fb3b8e07282871
404b50c998e27e07b305f5cf4be673c5d3c5fecf
0e21580de4fd5b4885969a5fd807c53102a8ce99b0e8490e42c42749a23fd684
GET /wp-includes/js/thickbox/thickbox.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Tue, 06 Dec 2016 07:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"58466ba7-a5f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/themes/idventure/dist/css/style.css
88.99.87.195200 OK 23 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/css/style.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash b3604bd6049b2f8228439c61b3ebae8d
cff78f7ff08b738e33646e1a24329492ef48ee4a
c72c4e0ba34ecbb3d967ef921c21027dd9f5d89b3d448fc1af030ea942f59091
GET /wp-content/themes/idventure/dist/css/style.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Tue, 04 Jul 2017 09:34:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"595b6111-1d732"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/super-socializer/css/front.css
88.99.87.195200 OK 9.6 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/super-socializer/css/front.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (40066), with no line terminators
Hash a9f1f01b62f9ae3e6c9bf13ce692d84b
2e6cc1e4abe0c3aec6eff2b5e840a849b9f0fea5
0efc88e8096e16eb34dd726d0f8516879590d9bba99a668dbd5535f9ee78e40e
GET /wp-content/plugins/super-socializer/css/front.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Wed, 02 Aug 2017 12:38:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5981c7d2-9c82"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-includes/css/dashicons.min.css
88.99.87.195200 OK 29 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/css/dashicons.min.css
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (46364), with no line terminators
Hash 3467c26840be320d33334020e6388ac5
347b53ada8604c92bd60f650618b772cb02c3acd
b90b20c90f895709564c1dcd22fc11a9520ed3f874286d38546003c15ac304bf
GET /wp-includes/css/dashicons.min.css HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: text/css
Last-Modified: Tue, 06 Dec 2016 07:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"58466ba7-b51c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-includes/js/jquery/jquery-migrate.min.js
88.99.87.195200 OK 4.0 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/jquery/jquery-migrate.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Tue, 06 Dec 2016 07:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"58466ba7-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/google-analytics-dashboard-for-wp/front/js/tracking-analytics-events.js
88.99.87.195200 OK 849 B URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/google-analytics-dashboard-for-wp/front/js/tracking-analytics-events.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4441), with no line terminators
Hash 12f770934518ff65f28647bf064ade9c
1678fad3bbba752c03efda87b9543681f462db01
7ac4883a5cf462a79ddd1500477cb6c85e94c2332599e5e9c16d94e7a1715043
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-dashboard-for-wp/front/js/tracking-analytics-events.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Mon, 03 Jul 2017 06:09:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5959df95-1159"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-includes/js/jquery/jquery.js
88.99.87.195200 OK 34 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/jquery/jquery.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31997)
Hash 258ac3c10e5d635e9f8fd967eb6b0bb5
fa9e545ac540893acbd346087c03eabdd45bdf67
eb0a68c6aac064f758926da5dd81e6aa9395b9568860ebcad109ee8e30a13daf
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Sep 2019 12:36:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5d71013d-17a6a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/update-alt-attribute/js/altimage.js
88.99.87.195200 OK 379 B URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/update-alt-attribute/js/altimage.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash d26a688cfab201fdbc98519c73991141
e017d1b4b19bfa1b3d43a4fbc2c832bb9fb8415d
1193be4245ccdc138b0dfcb3caa9f05cc2f33fa9405a73900411efc382c4cd30
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/update-alt-attribute/js/altimage.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Tue, 06 Dec 2016 07:40:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"58466b89-45a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
88.99.87.195200 OK 313 B URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash cee9180576a6431ffd1b3c86fbe7dcc0
a7d5b7d1c48cf255a8ddc53e7475ad24f323cb27
fbf8bcdcfe2ac93ab9948b0d52c2f7bb0a3b0dc7bc6ba6476b820b2f097b4bed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Tue, 12 Sep 2017 08:38:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"59b79d21-30e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
88.99.87.195200 OK 3.9 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
Hash 51e7aaaec02e3a0f5a2820c4b0473b08
f48b4f6a7ef78d2f4db089c61fbe950fa97a9fbd
b74fbc0f4bba00957c98613cd61e4c4a0d28ae1a6819906a8ebacd8b4f20ccd6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Aug 2017 19:14:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"599f25ad-3654"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-includes/js/jquery/ui/core.min.js
88.99.87.195200 OK 1.8 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/jquery/ui/core.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3704)
Hash 8681c8c59fe450daeacc2f499e351dfe
1bedefb4c8fa62628816eaeea85677d637a6e4e0
d2160a6f66510d16512fd1fd387aee7d3763f0b4799273125faa777128dc5430
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 12:18:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"60782f06-f59"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-includes/js/jquery/ui/widget.min.js
88.99.87.195200 OK 2.5 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/jquery/ui/widget.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6608)
Hash 03bb0bdfbb56c3d9a15e4bb07249e122
699602efb3e738fc948b6cd0b7997fb1f0e0b04c
caae641e94775166f710131d065043ecd36f46aed0aef537ef73c5b83cdd7447
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/widget.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 12:18:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"60782f06-1ab0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-includes/js/jquery/ui/mouse.min.js
88.99.87.195200 OK 991 B URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/jquery/ui/mouse.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2927)
Hash 0a9656f23585bbaa3376e904fa025a7f
37b57e7fa8a0ab85bc257573847acc1b4fa94dcc
4c9c329df2e0b3306dd4838ce24ae58eb441bcf4c6067899a97323c8d688c59d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/mouse.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 12:18:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"60782f06-c46"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-includes/js/jquery/ui/draggable.min.js
88.99.87.195200 OK 4.9 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/jquery/ui/draggable.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (18586)
Hash a0ef95ea40371fa0bab9032f3ab9d800
863583a098c4fb24754002a3eeb75699af877ddf
d467e3de4ebe8d5f27102223ecaf3839888625db5f04533ace7c1c841417fb06
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/draggable.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 12:18:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"60782f06-4979"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
push.services.mozilla.com/
35.80.131.74101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.131.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QpTWFRYSeQR4AyZ2h8DMOw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zNOYjrAD417cegdCJ8k2bKadx/o=
mystery-home-shop.com/wp-includes/js/jquery/ui/sortable.min.js
88.99.87.195200 OK 6.4 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/jquery/ui/sortable.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (24613)
Hash 3a108e10f39b0a5747960a0acc38ce46
ad3accfd8027fe1d385d692a093ffedbf74ca329
ad0dd2de6be1719843c087dace21faa45519528d2debd52a01ceb70a37f528ce
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/sortable.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 12:18:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"60782f06-6102"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-includes/js/jquery/ui/datepicker.min.js
88.99.87.195200 OK 11 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/jquery/ui/datepicker.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (35951)
Hash 517e6ae834eed42db334c8c89bc1fb9f
88c37423642852779db9e02e1eb7590324212403
ffcb9d6c9a196127b46a4f801f4a587e8a643950328e8766dd1ce7014496500c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/datepicker.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 12:18:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"60782f06-8d50"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-includes/js/underscore.min.js
88.99.87.195200 OK 5.8 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/underscore.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (16194)
Hash 12f3f314da1e8d0a8e4dcb70f3ee11f7
1e42e12a6bba1d4dbf51817204f278da3a2a1e29
13353fc8d39c8f2f64b4226b2d18c72538b622ce0471fe4f613347dbb670d307
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Tue, 06 Dec 2016 07:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"58466ba7-401a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/owl-carousel/owl-carousel.min.js
88.99.87.195200 OK 10 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/owl-carousel/owl-carousel.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32068), with CRLF line terminators
Hash 881fbeed30805bca9b8e45e534481e8b
150af3b77c576d40849cdeb62ec6610bba9017b8
d03273e46b031742e7e6ecd1784cb0c7ab7ecda5ba65694e9049d6029e23ac94
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/game-portal/dist/js/vendor/owl-carousel/owl-carousel.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Aug 2019 18:00:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5d617b2d-9dd2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/blueimp-gallery/blueimp-gallery.min.js
88.99.87.195200 OK 8.6 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/blueimp-gallery/blueimp-gallery.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32010), with CRLF line terminators
Hash fe5bc3de320492944a6863260bb16f75
66c78167f50b0278fe3ee95db12d8feb6c0bf34b
4e560917c7c259afd6ad9abd2e307db5546487ff1a6ba935967962a43b98e7a3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/game-portal/dist/js/vendor/blueimp-gallery/blueimp-gallery.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Aug 2019 18:00:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5d617b26-804c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/bootstrap/bootstrap.min.js
88.99.87.195200 OK 9.8 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/bootstrap/bootstrap.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32033), with CRLF line terminators
Hash 1d11f3ad76497c0e117f3aebbffb21a7
b42d790a95ea42016ca8d310c8d572ba7214a3c2
6f5e50adeec55152304efb1824f3ea6cae6ea921117d5ab6d404c0890d992ad0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/game-portal/dist/js/vendor/bootstrap/bootstrap.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Aug 2019 18:00:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5d617b27-90bb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/jquery-print/jQuery.print.min.js
88.99.87.195200 OK 1.2 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/jquery-print/jQuery.print.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2723), with no line terminators
Hash 9a6ac83d1f354a76c6ba7a09ee96510f
0d2ae0383cb197f1a5d77566f1b30736ae3aaa23
1ffaf0504d24f70965996ec0dd9b1c49d6252bf9a066a84aa68643b8aa79298c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/game-portal/dist/js/vendor/jquery-print/jQuery.print.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Aug 2019 18:00:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5d617b2a-aa3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/download/download.min.js
88.99.87.195200 OK 1.3 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/download/download.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2445), with CRLF line terminators
Hash 5a396fcaeea60fc64ef6a3c552ee409c
cc9d60e94e5d4f73477430c3532598d4a3096ec0
fd5a9ded4866c71d2e53b3273f87bfbb553d435be3b99931fe57c3c6772f033e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/game-portal/dist/js/vendor/download/download.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Aug 2019 18:00:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5d617b28-9f5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/orgchart/jquery.orgchart.js
88.99.87.195200 OK 12 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/orgchart/jquery.orgchart.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
Hash 258a6b9f6e0adcace95f029405261e8d
4cb5b7bb6e8e31368eda8541ad8e53c1a1cb1dcb
3b27613567fb5affb457589a945077f9c88b3f10bfb824c788a149fbf649891b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/game-portal/dist/js/vendor/orgchart/jquery.orgchart.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Aug 2019 18:00:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5d617b2c-ed52"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/stupidtable/stupidtable.min.js
88.99.87.195200 OK 1.3 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/vendor/stupidtable/stupidtable.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (548)
Hash 2b81f9170826773e1f57d6c683e782a4
93ce5a401a0fc8918f78dac7b136171c91e11948
8a17db15e24e7499015d448fcb3eb2ba7e041f15ac858623773a5d5ea25e1544
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/game-portal/dist/js/vendor/stupidtable/stupidtable.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Aug 2019 18:00:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5d617b2f-d63"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/scripts.js
88.99.87.195200 OK 37 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/game-portal/dist/js/scripts.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with CRLF, CR, LF line terminators
Hash b46f1f148f15525a271e90e6849b9d60
2514ef561dd52d084487eba3967a7979a7bfe172
5c2e4e13ac8414abf0cb253fead6976bfbb4dc633182da40cc2efe904098f4be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/game-portal/dist/js/scripts.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Sat, 24 Aug 2019 18:00:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5d617b22-282c2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/themes/idventure/dist/js/jquery.pjax.min.js
88.99.87.195200 OK 3.6 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/js/jquery.pjax.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (8612), with CRLF line terminators
Hash ee61d221f2646950ae8be37be7d3b81a
daaff2667cf44aaae624466370b8ce76546f29cc
84db3a1171bb962b7fda7c969c9a65ce19fe3cdea06376a0cc45ac5a044e7311
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/idventure/dist/js/jquery.pjax.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 29 Jun 2017 10:10:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5954d1fc-2220"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/themes/idventure/dist/js/jquery.fullPage.min.js
88.99.87.195200 OK 8.0 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/js/jquery.fullPage.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (555), with CRLF line terminators
Hash da99d7d8c5755cffb3148828f1f9099d
ea7efc98acf933f9430e9a6bc8ede7dec03bfd18
4aec4f62db91eb0fd1be310d96c62b13ba550a98ecd1eb0e32c202b7c81a11b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/idventure/dist/js/jquery.fullPage.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 29 Jun 2017 10:10:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5954d1fb-61d4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/themes/idventure/dist/js/jquery.browser.min.js
88.99.87.195200 OK 1.0 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/js/jquery.browser.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2139), with CRLF line terminators
Hash 5e7e6bccf3bb692e4f2eedc0c45d2919
89d7d4ee6f0e2f1fdf6187c567c4cfb71d7e2185
e1349bd3c2877e403fe60bbe7c4f1896dfb71fef16efc0efcbfa65af29c68dc2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/idventure/dist/js/jquery.browser.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 29 Jun 2017 10:10:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5954d1fb-9ce"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/themes/idventure/dist/js/readmore.min.js
88.99.87.195200 OK 1.8 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/js/readmore.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash 8197d9d220231bc2a9761448d688fb96
43cccdb94b63369fe59128e087e044c600e39664
ff7969529b1f846260ca77b63f32365944a3275bee7381e2290834c09c1b34c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/idventure/dist/js/readmore.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 29 Jun 2017 10:10:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5954d1fe-14ff"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/themes/idventure/dist/js/scripts.js
88.99.87.195200 OK 5.7 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/js/scripts.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (19899), with no line terminators
Hash 8feac2610b1eda0feed5be941f712023
237766dca0b919524c38d643ca4c48e2f659ee96
22cef23d567f5d98d6bca0c01ac9905357c660894bcd7ac5be23937f741e46dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/idventure/dist/js/scripts.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 29 Jun 2017 11:30:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5954e4d1-4dbb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-includes/js/thickbox/thickbox.js
88.99.87.195200 OK 4.0 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/thickbox/thickbox.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (597)
Hash 50eb34a68215b9e29a766076c6ff8e07
1c2da7a85b258859481076fe88e6bc807bd00083
ca928d42668b8e53b81b8eb7a93679af3cca6d778aafc4030d106abc6216cdd9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/thickbox/thickbox.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Tue, 06 Dec 2016 07:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"58466ba7-336b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/super-socializer/js/front/combined.js
88.99.87.195200 OK 17 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/super-socializer/js/front/combined.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (10374), with CRLF line terminators
Hash 106817e6bb0a88184c1ae765742dd99f
3a8b01b8744803e04486e043e8b4c8aa264e5bce
674737ca8eba01c71a348a25990ec773510291481d1644723885028d248759d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-socializer/js/front/combined.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Wed, 02 Aug 2017 12:38:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5981c7d2-101b3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/plugins//gmb-infobubble.min.js
88.99.87.195200 OK 5.2 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/plugins//gmb-infobubble.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (24526), with no line terminators
Hash 3cf0e7eae1099d5e7f9b49f37d0443bc
bf8eabaaba71d74f43f26ef81739c2d8341ad9ef
dfdb1a596a97ddd135de04600ac842e4ae5ac1df8309064cd40b4871a65f570d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/plugins//gmb-infobubble.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Wed, 02 Aug 2017 12:37:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5981c7a2-5fce"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mystery-home-shop.com/wp-includes/js/wp-embed.min.js
88.99.87.195200 OK 735 B URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/wp-embed.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1386), with no line terminators
Hash d2b60c1231015fbb2cfb0680a4fdfc87
2964b5bc32aad38d53ba3063503711c5cb6006ed
a83053c9a437c08c7d62ae9b07cf680d43a3ad129de64633eee91a860fab7844
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 12:18:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"60782f06-56a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/frontend/google-maps-builder.min.js
88.99.87.195200 OK 3.2 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/frontend/google-maps-builder.min.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (10176), with no line terminators
Hash 8f472bf266d51e21b63b8b01507361a9
9ad7fa0b6a4d58510f8d515abd5abd6d5d9970e7
8d54bbd379ece86b4f21fca65040828af5e9964da15e7fb14ce8cc02c8a8338f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/frontend/google-maps-builder.min.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Wed, 02 Aug 2017 12:37:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5981c7a2-27c0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
mystery-home-shop.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/js/map-icons.js
88.99.87.195200 OK 2.1 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/js/map-icons.js
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (976)
Hash c0aed79d9c261bbeb9a3a6089eee73b9
27d15c33148b66343ab8bb5555b4581d225645ef
6d5b098d30fa9520966fc1fe741f1784c552d03c21610c0b8dc6eec46900d4be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/js/map-icons.js HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: application/javascript
Last-Modified: Wed, 02 Aug 2017 12:37:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5981c7a2-1241"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyAI8-biqC0dmO9tlrE-8qMXxaqoj2rpJgc
142.250.74.74200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyAI8-biqC0dmO9tlrE-8qMXxaqoj2rpJgc
IP 142.250.74.74:0
File type ASCII text, with very long lines (2459)
Hash 01b69c0c0ef10b562fb98b4d65333cf6
2ec6c37252f5034c807c8444c4ea1d7b9b0d6fbc
79397ea463f2c0ee4606e8258838a9462ac04a1dc6851edaef4cf7cdb3cb7bd1
GET /maps/api/js?v=3.exp&libraries=places&key=AIzaSyAI8-biqC0dmO9tlrE-8qMXxaqoj2rpJgc HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Thu, 15 Sep 2022 16:56:07 GMT
expires: Thu, 15 Sep 2022 17:26:07 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56245
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mystery-home-shop.com/wp-content/uploads/2017/08/playstore.png
88.99.87.195200 OK 5.3 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/uploads/2017/08/playstore.png
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 181 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash e592c422d860151d893b3cd0d747cd22
2919f2d082682671fa30dc54a5e80a73481a0fb3
6986d38451f02fe224766baa2c5abf2bae2cf2da7dea02cd82f0ccae2d33e106
GET /wp-content/uploads/2017/08/playstore.png HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: image/png
Content-Length: 5294
Last-Modified: Wed, 02 Aug 2017 12:42:03 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5981c89b-14ae"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
mystery-home-shop.com/wp-content/uploads/2016/12/cropped-logo.png
88.99.87.195200 OK 7.7 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/uploads/2016/12/cropped-logo.png
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 146 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash d0692486ac0cb361f4e8594baa095338
09fe242aba694f28273b23698e8ca2c740664ec3
c6fb0e94e1ad6a9ca55d33131265e7c038a5438a3bb6c23ca6e59739d94f54ab
GET /wp-content/uploads/2016/12/cropped-logo.png HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: image/png
Content-Length: 7668
Last-Modified: Fri, 09 Dec 2016 11:52:27 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "584a9afb-1df4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
mystery-home-shop.com/wp-content/themes/idventure/dist/images/article_bg_pattern.jpg
88.99.87.195200 OK 17 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/images/article_bg_pattern.jpg
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 417x409, components 3\012- data
Hash 1038a208b891278647e4fa5593654ade
474ac14bc64b7e71bcbbb9ac9a823164023c299a
ef4dcd4f05def0587d367c7d5082031ab72f7cfce39bc2a13ee630e9e40ebb11
GET /wp-content/themes/idventure/dist/images/article_bg_pattern.jpg HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/themes/idventure/dist/css/style.css
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: image/jpeg
Content-Length: 16812
Last-Modified: Fri, 16 Jun 2017 08:54:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "59439cc6-41ac"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
mystery-home-shop.com/wp-content/themes/idventure/dist/images/menu_icons.png
88.99.87.195200 OK 27 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/images/menu_icons.png
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 483 x 326, 8-bit colormap, non-interlaced\012- data
Hash f005163082c2d914592b9f1460708890
4f47d750b991ec477be7e4290ed6242925e8ba4d
16e805eddd4ff89aab5749e7c4f7acc5a610f9869b4b522bd18d24511922ff27
GET /wp-content/themes/idventure/dist/images/menu_icons.png HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/themes/idventure/dist/css/style.css
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: image/png
Content-Length: 26655
Last-Modified: Fri, 16 Jun 2017 08:55:02 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "59439ce6-681f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/cuprum/v20/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6VjvYJw.woff2
142.250.74.163200 OK 8.1 kB URL HTTP/2 fonts.gstatic.com/s/cuprum/v20/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6VjvYJw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8116, version 1.0\012- data
Hash 909b40322aa2cd7a2aea613953eae0b1
84e061807b392a887239d91f34a26dd77fc30487
f18d57747180068b241552c0f59bcc16dee612baca3fdc9b9e6ba3cfb94c7b33
GET /s/cuprum/v20/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6VjvYJw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mystery-home-shop.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 15:43:51 GMT
expires: Sat, 09 Sep 2023 15:43:51 GMT
cache-control: public, max-age=31536000
age: 522736
last-modified: Mon, 11 Jul 2022 20:37:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mystery-home-shop.com/wp-content/themes/idventure/dist/images/background-map.jpg
88.99.87.195200 OK 276 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/themes/idventure/dist/images/background-map.jpg
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1259, components 3\012- data
Size 276 kB (275840 bytes)
Hash f5e0aa94825488f4bcb1588887112868
eb90da649b9e74ede835af525386ba31fccced40
290ae8772034dae110f37a30ab2afd7fdc1765aa8481d8910816ea6e08750e1b
GET /wp-content/themes/idventure/dist/images/background-map.jpg HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/themes/idventure/dist/css/style.css
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: image/jpeg
Content-Length: 275840
Last-Modified: Fri, 16 Jun 2017 08:54:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "59439cc6-43580"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mystery-home-shop.com/wp-content/uploads/2017/02/cropped-logo-mistery-1.png
88.99.87.195200 OK 2.3 kB URL HTTP/1.1 mystery-home-shop.com/wp-content/uploads/2017/02/cropped-logo-mistery-1.png
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash c4b995427d952bb0991929128acea2f3
bd43921b0bbd43eece4a8b35ca6e5a828ff190e4
6c411226a2d45cdc8c0d8741f376c9c2685bccf560507e71f8bc7529b82a7be2
GET /wp-content/uploads/2017/02/cropped-logo-mistery-1.png HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: image/png
Content-Length: 2289
Last-Modified: Mon, 13 Feb 2017 12:50:49 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "58a1aba9-8f1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
mystery-home-shop.com/wp-includes/js/thickbox/loadingAnimation.gif
88.99.87.195200 OK 15 kB URL HTTP/1.1 mystery-home-shop.com/wp-includes/js/thickbox/loadingAnimation.gif
IP 88.99.87.195:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 416 x 26\012- data
Hash ce2268030dd2151b63cdf4ffc2f626ba
15280f21eb43f5fa7838dcf011f67d79e301b15f
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
GET /wp-includes/js/thickbox/loadingAnimation.gif HTTP/1.1
Host: mystery-home-shop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/wp-content/uploads/2022/07/patched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
Cookie: PHPSESSID=8418iecafhjm25msmcpeub2lh3; wp_game_portal_session_6a5855062bdfdae5a0601295986331ab=114eafbd8f2f8b1ea69ce36de30700dd%7C%7C1663433766%7C%7C1663430166%7C%7C6d0535399f2ea5dcafa1562d31fdcae9; language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 16:56:07 GMT
Content-Type: image/gif
Content-Length: 15238
Last-Modified: Tue, 06 Dec 2016 07:41:27 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "58466ba7-3b86"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,latin-ext,cyrillic
142.250.74.10200 OK 952 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,latin-ext,cyrillic
IP 142.250.74.10:0
Hash f958750f2009de0e2a73b0045bc22156
2bbc79092ad07aaf98ad7c6c8c08896e48830757
b7c21263e9e63e63483f466b2ed50e91500f0f20e5d2b3578640c972bec6850d
GET /css?family=PT+Sans:400,700&subset=latin,latin-ext,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 16:56:07 GMT
date: Thu, 15 Sep 2022 16:56:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 130
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Last-Modified: Thu, 15 Sep 2022 16:53:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b35e728044acc1d13d0b34cf326dcf81
84bc9914e240b61083958e6c910eb0398352c758
772df41938e3662e623dac94f0d996809e4e6183778b07d85520dc80cbbe385e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 15 Sep 2022 16:41:12 GMT
expires: Thu, 15 Sep 2022 18:41:12 GMT
cache-control: public, max-age=7200
age: 895
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/ru_RU/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/ru_RU/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 586b1b4e1f5bcef878670e8b642c6ba3
11e796e510eae723cd9747a7f7212e2e6a1bb64f
5369312297a9075e569ad3756786f0f87cbf24ceae82cceb20edf47ebb495e8f
GET /ru_RU/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: babe348b2330d6710ba0f005020197e0
etag: "3d2ccf92f4c0f334197945c414a5c86e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 15 Sep 2022 17:06:51 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: WGsbTh9bzvh4Zw6LZCxrow==
x-fb-debug: /Ncwf0BDxjdl6dtwDXWekx4eYX3x1ToOXqEEO1t0rfyTHoEFRKa++EAoI3gF8Zgyae4QXrx3WJjTLbjwPabQ2Q==
content-length: 1686
x-fb-trip-id: 1904183273
date: Thu, 15 Sep 2022 16:56:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/js/client:platform.js?onload=theChampGoogleOnLoad
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/client:platform.js?onload=theChampGoogleOnLoad
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash 761a92363564e1fe082cfaeb9e441f55
02f3cc5942fe958c4a5052a0e2806e7bb5f41f26
5bee798e3f2977f28d01343d354c95ad4ab52e225f0e68dc1d760a51e029c3b1
GET /js/client:platform.js?onload=theChampGoogleOnLoad HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20375
date: Thu, 15 Sep 2022 16:56:07 GMT
expires: Thu, 15 Sep 2022 16:56:07 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "cbfa4a69a24b1474"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j96&a=504461254&t=pageview&_s=1&dl=https%3A%2F%2Fmystery-home-shop.com%2Fwp-content%2Fuploads%2F2022%2F07%2Fpatched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Mystery%20Home%20Shop&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IGBAgEAB~&jid=1525865991&gjid=607073083&cid=1531499699.1663260953&tid=UA-92544874-1&_gid=1725293040.1663260953&z=2096618227
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&a=504461254&t=pageview&_s=1&dl=https%3A%2F%2Fmystery-home-shop.com%2Fwp-content%2Fuploads%2F2022%2F07%2Fpatched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Mystery%20Home%20Shop&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IGBAgEAB~&jid=1525865991&gjid=607073083&cid=1531499699.1663260953&tid=UA-92544874-1&_gid=1725293040.1663260953&z=2096618227
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j96&a=504461254&t=pageview&_s=1&dl=https%3A%2F%2Fmystery-home-shop.com%2Fwp-content%2Fuploads%2F2022%2F07%2Fpatched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Mystery%20Home%20Shop&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IGBAgEAB~&jid=1525865991&gjid=607073083&cid=1531499699.1663260953&tid=UA-92544874-1&_gid=1725293040.1663260953&z=2096618227 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Thu, 15 Sep 2022 07:14:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 34926
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 130
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Last-Modified: Thu, 15 Sep 2022 16:53:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 56b4a90e8be043082aa30d490fe93e47
6c94d4b9610ec757d7e7851ac2e478edff1309f8
c59724a0ece262f497d3f09f4e90ae49a11a3a150134183cc10ef2c47f5fe9b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6971ad04397ebe0a117d03ae5c1de8c5
5179eab2d14b4c8c52c00fd6bf2953fb98ad5b8f
97a64e5b9bf5e3e347b23e4bbf41aa0fe6ffd379d50b379770f5c7347e6bb248
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 107 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Size 107 kB (107108 bytes)
Hash 714614ee541d28091141a264371b7124
f6dcce98cfb0e7f8e1e405ccaea9eb61e0e94bac
170de65b4b02c61abec74f7b09afa97752aa9f4dfbf52d5007c8e2c55194c2f8
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 107108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 00:13:07 GMT
expires: Thu, 14 Sep 2023 00:13:07 GMT
cache-control: public, max-age=31536000
age: 146580
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/ru_RU/sdk.js?hash=cf716e6289a32fe8310e8da3449a3f99
31.13.72.12200 OK 89 kB URL HTTP/2 connect.facebook.net/ru_RU/sdk.js?hash=cf716e6289a32fe8310e8da3449a3f99
IP 31.13.72.12:0
File type ASCII text, with very long lines (18570)
Hash 52586ef8a4938cb55b3b965ea55ef40a
2258fad87e471d3b2bdc4f36f1715a1c4137a253
898c4dd78eee273bc775db6fdc98829fef93abc4f57edc51e4f0419f70d95cef
GET /ru_RU/sdk.js?hash=cf716e6289a32fe8310e8da3449a3f99 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mystery-home-shop.com
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 44277e1e630f0692556c90acaefd8b2f
etag: "b4fb68dd6c5b9ac00c1fb315190b209c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 15 Sep 2023 14:10:34 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Ulhu+KSTjLVbO5ZepV70Cg==
x-fb-debug: cBgkxGfUixcMtI27yZSM/RePeFtw7QmpufUDttSnz/NzjT5n4026o2uzq0acl1JtY38xdDTdwgSOOACG/oQJuA==
content-length: 88704
x-fb-trip-id: 1904183273
date: Thu, 15 Sep 2022 16:56:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
assets.pinterest.com/js/pinit_main.js
23.38.200.197200 OK 19 kB URL HTTP/2 assets.pinterest.com/js/pinit_main.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (32016)
Hash 3725764cf05d1a0938de73d398772331
abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
GET /js/pinit_main.js HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 18679
cache-control: max-age=198
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 848674a3bc6b0d4d6cba22b140c574bc
ec95f08f3a5b022c3753f78e30f71d03e2895d78
069aaae82ec20e5bbcc694f9603bded464798891e5e2abc27baadeace22f6a05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-92544874-1&cid=1531499699.1663260953&jid=1525865991&gjid=607073083&_gid=1725293040.1663260953&_u=IGBAgEABAAAAAE~&z=1336494565
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-92544874-1&cid=1531499699.1663260953&jid=1525865991&gjid=607073083&_gid=1725293040.1663260953&_u=IGBAgEABAAAAAE~&z=1336494565
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-92544874-1&cid=1531499699.1663260953&jid=1525865991&gjid=607073083&_gid=1725293040.1663260953&_u=IGBAgEABAAAAAE~&z=1336494565 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://mystery-home-shop.com
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://mystery-home-shop.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Sep 2022 16:56:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:56:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/x/oauth/status?client_id=208866439562336&input_token&origin=1&redirect_uri=https%3A%2F%2Fmystery-home-shop.com%2Fwp-content%2Fuploads%2F2022%2F07%2Fpatched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf&sdk=joey&wants_cookie_data=true
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=208866439562336&input_token&origin=1&redirect_uri=https%3A%2F%2Fmystery-home-shop.com%2Fwp-content%2Fuploads%2F2022%2F07%2Fpatched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf&sdk=joey&wants_cookie_data=true
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=208866439562336&input_token&origin=1&redirect_uri=https%3A%2F%2Fmystery-home-shop.com%2Fwp-content%2Fuploads%2F2022%2F07%2Fpatched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf&sdk=joey&wants_cookie_data=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mystery-home-shop.com/
Origin: https://mystery-home-shop.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://mystery-home-shop.com
fb-s: unknown
x-fb-rlafr: 0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
x-fb-debug: 6grzpssrCtDW8uCOU/A9Yxw5pOsxbpLb/PlxwMMxG8Pz5pvd5WDQq9k/Xj+ew4SipvuUam1MvEcjl+veE9VsUA==
content-length: 0
date: Thu, 15 Sep 2022 16:56:08 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14625
Expires: Thu, 15 Sep 2022 20:59:53 GMT
Date: Thu, 15 Sep 2022 16:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14625
Expires: Thu, 15 Sep 2022 20:59:53 GMT
Date: Thu, 15 Sep 2022 16:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14625
Expires: Thu, 15 Sep 2022 20:59:53 GMT
Date: Thu, 15 Sep 2022 16:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14625
Expires: Thu, 15 Sep 2022 20:59:53 GMT
Date: Thu, 15 Sep 2022 16:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14625
Expires: Thu, 15 Sep 2022 20:59:53 GMT
Date: Thu, 15 Sep 2022 16:56:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 74071
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 3237c2fa-bc17-4b8d-8afd-bacfaa90ca71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FypF7KIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145010-7052273b184685c83569c712;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzi_WnjJW5XjIfj8kyVL4LcQEjcuw1_zwrDiJegEZ2r8GOZcQahPEw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 68963
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 65969
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f50c34bc30a732593e8fe465055a44ff
af100925cba1be716fd2200715d6136bd7f0c5bc
703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MYJf90B8rX8_nPUl4stpbZcQeQDaZ2Hgyu6GmsfdqUh-0Nx5OJJThw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:54 GMT
age: 74054
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 66617
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 69063
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
log.pinterest.com/?type=pidget&guid=Qz6oYkFdzid1&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0§ion_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Fmystery-home-shop.com%2Fwp-content%2Fuploads%2F2022%2F07%2Fpatched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
151.101.84.84200 OK 0 B URL HTTP/2 log.pinterest.com/?type=pidget&guid=Qz6oYkFdzid1&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0§ion_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Fmystery-home-shop.com%2Fwp-content%2Fuploads%2F2022%2F07%2Fpatched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf
IP 151.101.84.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=pidget&guid=Qz6oYkFdzid1&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0§ion_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Fmystery-home-shop.com%2Fwp-content%2Fuploads%2F2022%2F07%2Fpatched_malwarebytes_antimalware_premium_2211043_precracked_link.pdf HTTP/1.1
Host: log.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 2
server: envoy
x-pinterest-rid: 7293587675724105
accept-ranges: bytes
date: Thu, 15 Sep 2022 16:56:09 GMT
via: 1.1 varnish
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663260969.119165,VS0,VE102
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a05eafb022d09a0c88432fe018f2c325
b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94
91b3994632d954d1c93ee53a46d2d8850ebe387af40962aad787d341b742e9f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: 23ab295a-91a0-4a91-ba26-8302088a50c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNxvmEPIIAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bc996-10ccfaf45b93ef066901573d;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 23:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j_TffmLpWMBRCuHyrY6e6DuD3g8nOMX296pqnkra4KHsAwSkXj-3_w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:00:43 GMT
age: 68132
etag: "b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 16:56:07 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 8707721
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b2e4d42972b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Cuprum:400&subset=latin,latin-ext,cyrillic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Cuprum:400&subset=latin,latin-ext,cyrillic
IP 142.250.74.10:0
GET /css?family=Cuprum:400&subset=latin,latin-ext,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 16:56:07 GMT
date: Thu, 15 Sep 2022 16:56:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Indie+Flower
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Indie+Flower
IP 142.250.74.10:0
GET /css?family=Indie+Flower HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 16:56:07 GMT
date: Thu, 15 Sep 2022 16:56:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apps.facebook.com/favicon.ico
31.13.72.8200 OK 0 B URL HTTP/2 apps.facebook.com/favicon.ico
IP 31.13.72.8:0
GET /favicon.ico HTTP/1.1
Host: apps.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mystery-home-shop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: image/png
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
x-fb-debug: xlT1GnCyv+V5m+FTs9lpCEPOkEvif13mwUkd/7teKRg0Zl43amS3vwByI8llwPF0z+utFq/m5SPuIHCNlvDVIA==
date: Thu, 15 Sep 2022 16:56:07 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2