r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7264
Expires: Wed, 30 Nov 2022 23:50:20 GMT
Date: Wed, 30 Nov 2022 21:49:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5899
Expires: Wed, 30 Nov 2022 23:27:35 GMT
Date: Wed, 30 Nov 2022 21:49:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3453
Cache-Control: max-age=135576
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:16 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:28:52 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.muddymoose.com/
209.17.116.160301 Moved Permanently 175 B IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 27d3037d4815f88b7bb724cb258524e1
092678ca1f61e13d97f37f7be9438e7b32b722e9
0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty/1.19.9.1
Date: Wed, 30 Nov 2022 21:49:16 GMT
Content-Type: text/html
Content-Length: 175
Connection: keep-alive
Location: https://www.muddymoose.com/
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Z1TXZxYlGTttHa9Ae22jEzpIj5YUl67WY8b9Xm21OgN+saEDhoAEx3cU1/+GO9ExX/dicSD+gsRYFhlexR/GfQ==
x-amz-request-id: 6HHABGRM5V50FCAK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 21:45:23 GMT
age: 233
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 21:19:44 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1772
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 21:49:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 21:08:56 GMT
cache-control: public,max-age=3600
age: 2420
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.netsolssl.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5bb54532af80964c4a12c1f5f924ccd7
47c74a1473e7c2a86802f4c7fce8fd54a83a5486
b078aded5d04f283748eaf963bfba797783a1e4ea3300d21424c5082562c06b2
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 03:47:53 GMT
Expires: Tue, 06 Dec 2022 03:47:52 GMT
Etag: "47c74a1473e7c2a86802f4c7fce8fd54a83a5486"
Cache-Control: max-age=452915,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7726cac2ed82b4e8-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3440
Cache-Control: max-age=130495
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:16 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:04:11 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.69.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.69.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5eJwemnsLF0h/4klP07WIQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BHK7tvwdrKDXAwu5roDVZvwFW5U=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 21:49:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 21:49:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 21:49:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 21:49:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 86187
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
age: 84746
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 85704
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 85973
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 85232
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:55:46 GMT
age: 60812
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.muddymoose.com/
209.17.116.160301 Moved Permanently 0 B IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:19 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://muddymoose.com/
x-powered-by: PHP/7.0.33
x-pingback: https://muddymoose.com/xmlrpc.php
x-redirect-by: WordPress
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
X-Firefox-Spdy: h2
muddymoose.com/wp-content/plugins/bb-plugin/css/yui3.css?ver=2.4.2.4
209.17.116.160200 OK 458 B URL HTTP/2 muddymoose.com/wp-content/plugins/bb-plugin/css/yui3.css?ver=2.4.2.4
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type ASCII text, with very long lines (320)
Hash 03239bd8d53fe79e8bd42196c0bff2b2
e4342c2e287451b0282d5104d8aa5eeebfa34f37
75eaf8646506bf8fd202570dfc8bdc48fa2b35c526135e66c7a2dd15c8aa1fc0
GET /wp-content/plugins/bb-plugin/css/yui3.css?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
content-length: 458
last-modified: Fri, 02 Jul 2021 01:47:40 GMT
etag: "1ca-5c61a24133fc8"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.2.4
209.17.116.160200 OK 731 B URL HTTP/2 muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.2.4
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type ASCII text, with very long lines (479)
Hash 97669983f6540f2badeef6ab07e5b637
b6f0084f6747da64cf24334b2c0027e57cbf7f23
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
content-length: 731
last-modified: Fri, 02 Jul 2021 01:47:48 GMT
etag: "2db-5c61a24982749"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ed999db91146cdfd9ac1d178ffd7b6ab
f4be7104633c84b1e170f20426671e0c9d649bbb
3ce4d863b27cdec31929e8fe8935c1f8fd15f6b1e8cb1a26d14d87360c0fe9e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CE4D863B27CDEC31929E8FE8935C1F8FD15F6B1E8CB1A26D14D87360C0FE9E5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6254
Expires: Wed, 30 Nov 2022 23:33:37 GMT
Date: Wed, 30 Nov 2022 21:49:23 GMT
Connection: keep-alive
www.acint.net/aci.js
193.3.184.137200 OK 7.5 kB IP 193.3.184.137:0
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://muddymoose.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Thu, 01 Dec 2022 09:49:23 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/2020/04/tripadvisor-logo-6939149F8F-seeklogo.com_.png
209.17.116.160200 OK 10 kB URL HTTP/2 muddymoose.com/wp-content/uploads/2020/04/tripadvisor-logo-6939149F8F-seeklogo.com_.png
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type PNG image data, 300 x 139, 8-bit/color RGBA, non-interlaced\012- data
Hash 67d280936024173b79dbc7fd1f7c36ea
c529a76af6fefef4767a41b6f04b4995874d88eb
027638bdd31466b2f8c5790ff7e15e1e183a346f0e499d3d422aae9b2fa531c1
GET /wp-content/uploads/2020/04/tripadvisor-logo-6939149F8F-seeklogo.com_.png HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/png
content-length: 10470
last-modified: Mon, 13 Apr 2020 19:41:59 GMT
etag: "28e6-5a33146c570d1"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/2020/04/download-1-300x156.jpg
209.17.116.160200 OK 6.6 kB URL HTTP/2 muddymoose.com/wp-content/uploads/2020/04/download-1-300x156.jpg
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x156, components 3\012- data
Hash 322ef593808e71f6a4dfb3c2dcac1f70
16c6b64f457cd950564a418224473d29ea97889c
a1bd536a0f18323eba9be564e8a3532dd58d3be12919d3356d9043d9beeb9588
GET /wp-content/uploads/2020/04/download-1-300x156.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 6552
last-modified: Mon, 13 Apr 2020 19:41:22 GMT
etag: "1998-5a3314494a615"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=7858a0b2-8708-4ec0-8946-921761be34c5&dp=10&tz=%2B00%3A00&nc=68241308&u=https%3A%2F%2Fmuddymoose.com%2F&r=&rs=1280x1024&t=Muddy%20Moose%20%E2%80%93%20Restaurant%20%26%20Pub&oE=1&oP=1&dT=2022-11-30T21%3A49%3A22.493&fu=29ec144b-380a-404a-a7e7-043a5c5a4df4
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=7858a0b2-8708-4ec0-8946-921761be34c5&dp=10&tz=%2B00%3A00&nc=68241308&u=https%3A%2F%2Fmuddymoose.com%2F&r=&rs=1280x1024&t=Muddy%20Moose%20%E2%80%93%20Restaurant%20%26%20Pub&oE=1&oP=1&dT=2022-11-30T21%3A49%3A22.493&fu=29ec144b-380a-404a-a7e7-043a5c5a4df4
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=7858a0b2-8708-4ec0-8946-921761be34c5&dp=10&tz=%2B00%3A00&nc=68241308&u=https%3A%2F%2Fmuddymoose.com%2F&r=&rs=1280x1024&t=Muddy%20Moose%20%E2%80%93%20Restaurant%20%26%20Pub&oE=1&oP=1&dT=2022-11-30T21%3A49%3A22.493&fu=29ec144b-380a-404a-a7e7-043a5c5a4df4 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://muddymoose.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
193.3.184.137302 Found 154 B IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://muddymoose.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 30-Nov-22 21:59:23 GMT
aid=fwAAAWOHz+OaugNNk6IjAqcfbKCM50J1BgWCmwy8kyjPHqZc; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/2020/04/muddy-moose-color-logo.png
209.17.116.160200 OK 43 kB URL HTTP/2 muddymoose.com/wp-content/uploads/2020/04/muddy-moose-color-logo.png
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type PNG image data, 144 x 151, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f1869482a208a03be4a58c9a3243bdf
174ea6ee08e2886dcf398590e429e0821fba5064
9d381969a6ee5e611761e3d3a07af435adb573e96d8f0b19c571ed980c4a1cb6
GET /wp-content/uploads/2020/04/muddy-moose-color-logo.png HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/png
content-length: 42688
last-modified: Mon, 13 Apr 2020 19:41:59 GMT
etag: "a6c0-5a33146c2bd79"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/2013/11/creditcards.jpg
209.17.116.160200 OK 19 kB URL HTTP/2 muddymoose.com/wp-content/uploads/2013/11/creditcards.jpg
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 250x46, components 3\012- data
Hash 357402e31dbce632e4f4edd0ac24b70f
5d41d4f23b1048c24b006b0da010806f7a473f8c
5bc3c559ecebedc8b596fc599257158f5bc5db0efae28144790a4836fb88bbf1
GET /wp-content/uploads/2013/11/creditcards.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 19275
last-modified: Mon, 13 Apr 2020 19:40:59 GMT
etag: "4b4b-5a331432fe9de"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/bb-plugin/cache/mmpic31-150x150-circle.jpg
209.17.116.160200 OK 8.9 kB URL HTTP/2 muddymoose.com/wp-content/uploads/bb-plugin/cache/mmpic31-150x150-circle.jpg
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 260f86ac063559fe0f6bfd992702efe4
1e90f9795d9977114b5aa8f0c4c2c0fe0342532a
0bb69cfcc6ab23dc3945be0eefe0152f13d3cd171e4fb6c4e0c0fb3537db279a
GET /wp-content/uploads/bb-plugin/cache/mmpic31-150x150-circle.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 8858
last-modified: Fri, 09 Sep 2022 15:30:09 GMT
etag: "229a-5e84038ac36a4"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/bb-plugin/cache/mmpic24-150x150-circle.jpg
209.17.116.160200 OK 9.0 kB URL HTTP/2 muddymoose.com/wp-content/uploads/bb-plugin/cache/mmpic24-150x150-circle.jpg
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 610cffbb26c487bd89ff9eebf0399f56
0995a344d36a1cebe00141dc48c5c8d36f38fd88
5245014d7c51ea6f5006e1ef102c894bc7bfd37f8c96b5a8e468b3a8782c2c9f
GET /wp-content/uploads/bb-plugin/cache/mmpic24-150x150-circle.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 9044
last-modified: Fri, 09 Sep 2022 15:30:09 GMT
etag: "2354-5e84038acea37"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/2013/11/breakfor.jpg
209.17.116.160200 OK 24 kB URL HTTP/2 muddymoose.com/wp-content/uploads/2013/11/breakfor.jpg
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 300x170, components 3\012- data
Hash f75850c549ccd787a60a8c44d34a7cc6
71a78689b2e8e32ee6c8fab5971d49f64cbaf851
d8c77a1efe6959cce79550e5b62bde408ec34118060898ce2ccbb1fc4082fdf6
GET /wp-content/uploads/2013/11/breakfor.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 23867
last-modified: Mon, 13 Apr 2020 19:40:59 GMT
etag: "5d3b-5a331432f6518"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.com/maps/embed/v1/place?q=2344+White+Mountain+Hwy%2C+North+Conway%2C+NH+03860&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8
142.250.74.164200 OK 912 B URL HTTP/2 www.google.com/maps/embed/v1/place?q=2344+White+Mountain+Hwy%2C+North+Conway%2C+NH+03860&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1538)
Hash e75eceb3e895f732f11f79a8f17a5fa9
ec20dde54c429c2c69598c83df5e34d4970b3a2f
fc6f8169ad7be27e3d4b4743b8c27442514b0b202b43d6638679c2a34dc4aa9f
GET /maps/embed/v1/place?q=2344+White+Mountain+Hwy%2C+North+Conway%2C+NH+03860&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://muddymoose.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Language, Origin, X-Origin, Referer
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-FPvChmHUvIhFPRmqcg2KEg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Wed, 30 Nov 2022 21:49:23 GMT
server: scaffolding on HTTPServer2
content-length: 912
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/bb-plugin/cache/1df7b665cf3bfc4f015aa5243d6df4707587aac9e4105d0c3d94b1c46ebda82e-150x150-circle.jpg
209.17.116.160200 OK 6.7 kB URL HTTP/2 muddymoose.com/wp-content/uploads/bb-plugin/cache/1df7b665cf3bfc4f015aa5243d6df4707587aac9e4105d0c3d94b1c46ebda82e-150x150-circle.jpg
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 29010afd0736bd678973c4b3e3acbb24
222db7dd65274ce0a9cda90d4c0612cb4b6226b0
f5742254801350d6e5278c98735b98337a347d3c59e500ecbe9c26c0a0a20143
GET /wp-content/uploads/bb-plugin/cache/1df7b665cf3bfc4f015aa5243d6df4707587aac9e4105d0c3d94b1c46ebda82e-150x150-circle.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 6725
last-modified: Fri, 09 Sep 2022 15:30:09 GMT
etag: "1a45-5e84038ac9075"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
muddymoose.com/wp-includes/js/imagesloaded.min.js?ver=5.4.12
209.17.116.160200 OK 3.4 kB URL HTTP/2 muddymoose.com/wp-includes/js/imagesloaded.min.js?ver=5.4.12
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash c9213aee21077360bf50e0b8b57aed49
8025fab7e61e4fdfa82d5dec2545e46de7fda185
930b6c17cc323f70e4faafabda58b99353e0fcaceb4e1d341b39b4b520b2e135
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=5.4.12 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Apr 2020 19:42:47 GMT
etag: W/"1fd4-5a331499c5aba"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
muddymoose.com/
209.17.116.160200 OK 7.5 kB IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1902)
Hash cfcede1ec638a54e271153fb626aedca
e1520ce1863f3272e77462e043eaa8013a148d7e
7dd93db344948922f46a1af48332a558017c2c8b089993308753bc19a186314d
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.0.33
x-pingback: https://muddymoose.com/xmlrpc.php
link: <https://muddymoose.com/wp-json/>; rel="https://api.w.org/", <https://muddymoose.com/>; rel=shortlink
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a378e3cc6029dde181c06e0e0568cfa5
0eedaf829e2aa8ed4515963f324fda6ce6c1a024
00c029ae05bbc62c592d0aa39980d2143aa880833cbda0cf89301c2d7b790897
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00C029AE05BBC62C592D0AA39980D2143AA880833CBDA0CF89301C2D7B790897"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9258
Expires: Thu, 01 Dec 2022 00:23:42 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive
muddymoose.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.12
209.17.116.160200 OK 86 kB URL HTTP/2 muddymoose.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.12
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash b9dadd3db9bdbf733c68372c14687ea1
0614e74e925b778c3c65e592d8d6ea2a654e3809
176ef0e9a6bd479e0ab38a387f282bbb32a4d72cd0e7348f589384bb6ae59b92
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.12 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 10:01:42 GMT
etag: W/"363c-5bffff34695bf"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=0100007FE3CF87634D03BA9A0221A293
37.18.103.16204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=0100007FE3CF87634D03BA9A0221A293
IP 37.18.103.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 21:49:24 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=391453b84602bd370541; Expires=Thu, 30 Nov 2023 21:49:23 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6af0e1fdb65f3cc3718b99bead1f9b5b
5258190d223960ce20e8456ee26ef2d3b0cd9f0a
e07851e40a79d50ea3b23979d38ee080900cf0d28098457353dc940e034137d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E07851E40A79D50EA3B23979D38EE080900CF0D28098457353DC940E034137D9"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8056
Expires: Thu, 01 Dec 2022 00:03:40 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive
muddymoose.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
209.17.116.160200 OK 4.8 kB URL HTTP/2 muddymoose.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash 9d8fb36ae902b5c32434411fdda70786
84955e24aa2ea7bb974855707f5eaef9447b7ae9
a2ecbc29c1c48e3c077bded5533af3033d6ad413f3270ac9491d821f57572e93
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Apr 2020 19:42:48 GMT
etag: W/"2748-5a33149a89f5a"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb70f2b49102d0dbba09a0645173612d
ba3b4186dccf12f16ac6bbeee4328708ba0e3a72
a3e17a5b5b580d0b1248f49ff41c1266c60d6eac80c9ed63c81bd35ecf8f78d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3E17A5B5B580D0B1248F49FF41C1266C60D6EAC80C9ED63C81BD35ECF8F78D8"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13272
Expires: Thu, 01 Dec 2022 01:30:36 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash be716dad2ada48944da6df3841eafeb8
3b95a6e57f7dab8ea8ffc76745d01acc38c151ce
c1d22e713d8a7a1228de17f230af48e6a1441f7a067783e6f4b9a03bb375f33e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1D22E713D8A7A1228DE17F230AF48E6A1441F7A067783E6F4B9A03BB375F33E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6878
Expires: Wed, 30 Nov 2022 23:44:02 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive
muddymoose.com/wp-content/plugins/bb-plugin/js/fl-slideshow.min.js?ver=2.4.2.4
209.17.116.160200 OK 31 kB URL HTTP/2 muddymoose.com/wp-content/plugins/bb-plugin/js/fl-slideshow.min.js?ver=2.4.2.4
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash 018d240fb03e5d72d9e1886c1640e96c
cc6f11dd47ac3a31d1196d7b6c079855891b23df
4b41ee2ab94c6556b43277473c2624266eeeaea92191b291aa635576bd8de2ee
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/js/fl-slideshow.min.js?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:49 GMT
etag: W/"190f7-5c61a249b72ee"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cac131d4ffb2a7c985e665c9893492f3
0d1547dacf457b818499bc789b454627173f088e
49e53f1eab25176d5890ef7034fbfe14a6bcceafbaf71a54f744c68109a1087b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49E53F1EAB25176D5890EF7034FBFE14A6BCCEAFBAF71A54F744C68109A1087B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12346
Expires: Thu, 01 Dec 2022 01:15:10 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Wed, 30 Nov 2022 21:49:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=SFDSOUEI
Set-Cookie: uid=SFDSOUEI; Expires=Thu, 01 Dec 2032 00:00:00 GMT; mf2=1; Expires=Sat, 31 Dec 2022 00:00:00 GMT;
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.214302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.214:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=1603420AE4CF87630800615D02E16B7D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDFmOHz+RdYQAIfWvhArg81VUPwOiapE7T05sEnka5PVPJ; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293
78.46.100.125302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293
IP 78.46.100.125:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=dab5eef1-70f8-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 21:49:24 GMT; SameSite=None; Secure
uid-legacy=dab5eef1-70f8-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 21:49:24 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293&cs=1
X-Firefox-Spdy: h2
sync.republer.com/match?dsp=sape
23.88.82.46204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP 23.88.82.46:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
muddymoose.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
209.17.116.160200 OK 40 kB URL HTTP/2 muddymoose.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash e807a9dde694386d580353540c726a6c
98705fc9dac5d33ef02b413e36fe582d7e56e719
d645608903dca184de572a65f694057c25fd7af8c32d87a52e43bd5587b161b4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Apr 2020 19:42:48 GMT
etag: W/"17a69-5a33149b0060a"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
ut.rktch.com/matchspm?pi=1000005&pui=0100007FE3CF87634D03BA9A0221A293
89.108.97.2302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=0100007FE3CF87634D03BA9A0221A293
IP 89.108.97.2:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=7b8e4e1abee8289793e6c2572d91de10b29d; Max-Age=2592000; Expires=Fri, 30 Dec 2022 21:49:24 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6b9efc56a5c83007514905bc0fbb010e
9133a19f469b8cc3d2fb36399c0955554b0fe1da
d0c5cd5deea1f0b5e77402c785309b5088f732f05ddb5a2ef90f66541c4f0aa5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 15:41:02 GMT
Expires: Tue, 06 Dec 2022 15:41:01 GMT
Etag: "9133a19f469b8cc3d2fb36399c0955554b0fe1da"
Cache-Control: max-age=495696,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7726caf21f7bb505-OSL
stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293
109.248.237.37302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293
IP 109.248.237.37:0
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9769e2a53532bb8b5c5c80cb1082693b
9a010d35c1889ce7f705a595e9a958b41d652780
fccc7f3f9e20887c0121de115349c0d795c053504c79c0f37c9f072b7e1d8240
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2645
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Last-Modified: Wed, 30 Nov 2022 21:05:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 6ae6fbfa7ddaa9a503215f41ebd4c685
3f0df12eae694413fdccf34b08ccbc0b13e6b5cf
a01b2e4931ae411967e0a539662709883cfd3780476c9a6b1c77731d0395c329
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 04 Dec 2022 17:47:58 GMT
ETag: "3f0df12eae694413fdccf34b08ccbc0b13e6b5cf"
Last-Modified: Wed, 30 Nov 2022 17:47:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2852
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf27934b521-OSL
www.acint.net/match?dp=129&euid=vs1p2wpl81
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=vs1p2wpl81
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=vs1p2wpl81 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=0100007FE3CF87634D03BA9A0221A293
194.55.244.179204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=0100007FE3CF87634D03BA9A0221A293
IP 194.55.244.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.23.2
date: Wed, 30 Nov 2022 21:49:24 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=0100007FE3CF87634D03BA9A0221A293
31.220.27.134302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=0100007FE3CF87634D03BA9A0221A293
IP 31.220.27.134:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=EksMVDd2SMcDV9vqP6XV
set-cookie: jcsuuid=EksMVDd2SMcDV9vqP6XV; expires=Thu, 30 Nov 2023 21:49:24 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.acint.net/match?dp=95&euid=SFDSOUEI
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=SFDSOUEI
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=SFDSOUEI HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
muddymoose.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12
209.17.116.160200 OK 9.5 kB URL HTTP/2 muddymoose.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type ASCII text, with very long lines (28088)
Hash dd45ab09383d8ece86bd2e2ce9a53c23
33f44eecac0826edea9fe9c305eb81e47600eae8
bc5fcb371f2b295548e793a642bb43bfae65137c396e3c96b9818cad523fced3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.12 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 29 Apr 2020 22:02:30 GMT
etag: W/"d159-5a4751abb368e"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a51bed3d90e4059a74ba9368573a2147
a3435cd6360fff30efb00edf9867583870965d5e
df8bc13f0a8eaa6496dafa686c74add64ea7356acfd00788920a86a9bc02e273
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8BC13F0A8EAA6496DAFA686C74ADD64EA7356ACFD00788920A86A9BC02E273"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12331
Expires: Thu, 01 Dec 2022 01:14:55 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive
muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.css?ver=a7904b60096de2d1d2fe78a40934634d
209.17.116.160200 OK 6.2 kB URL HTTP/2 muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.css?ver=a7904b60096de2d1d2fe78a40934634d
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type ASCII text, with very long lines (29342), with no line terminators
Hash f7f784d11d62987a9d8ffb91a04fdd7a
1a70a320b51e26035b9e0e2a9268e288c35a8012
1529019624a83352415383a8332076d737581e94c01419eb9e6670a7603525ef
GET /wp-content/uploads/bb-plugin/cache/7-layout.css?ver=a7904b60096de2d1d2fe78a40934634d HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 09 Sep 2022 15:30:09 GMT
etag: W/"729e-5e84038a44772"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293&cs=1
78.46.100.125200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293&cs=1
IP 78.46.100.125:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=dab5eef1-70f8-11ed-8677-901b0e934d81
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=dab5eef1-70f8-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 21:49:24 GMT; SameSite=None; Secure
uid-legacy=dab5eef1-70f8-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 21:49:24 GMT
X-Firefox-Spdy: h2
acint.net/match?dp=14&euid=1603420AE4CF87630800615D02E16B7D
193.3.184.137200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=1603420AE4CF87630800615D02E16B7D
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=1603420AE4CF87630800615D02E16B7D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
116.202.236.171301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 116.202.236.171:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 42151893e71634bac6d6635a388056f6
60b3b797b701afbab0f88efac90dda255cec6e96
7ac868a26812ca37596d28f7ca5049cbaa42859890a5d38ae76bccd66ff9a271
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=8f433a8f-d302-406f-59ae-0c4d312f5f64
serverid: TODO
X-Firefox-Spdy: h2
0100007fe3cf87634d03ba9a0221a293-sp.ops.beeline.ru/p?ssp=sp&id=0100007FE3CF87634D03BA9A0221A293
37.9.245.57301 Moved Permanently 0 B URL HTTP/2 0100007fe3cf87634d03ba9a0221a293-sp.ops.beeline.ru/p?ssp=sp&id=0100007FE3CF87634D03BA9A0221A293
IP 37.9.245.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: 0100007fe3cf87634d03ba9a0221a293-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=98249774-50a1-455e-901f-7d8d8a8db5f5
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=98249774-50a1-455e-901f-7d8d8a8db5f5; expires=Tue, 21 Nov 2023 21:49:24 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.32
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
142.250.74.74200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
IP 142.250.74.74:0
File type ASCII text, with very long lines (2469)
Hash ae982bda467166cfab5d71a97e24ef33
da59be6fc15e9ee90cf86529a56ae4f53ab33cfb
12a3d40d1606dad192f6633ab51d725042acb8d79cf821a76d21631fc65639c7
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56247
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=12
date: Wed, 30 Nov 2022 21:27:46 GMT
expires: Wed, 30 Nov 2022 21:57:46 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 1298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/check?sspuid=0100007FE3CF87634D03BA9A0221A293
31.172.81.172302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=0100007FE3CF87634D03BA9A0221A293
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
mediatoday.ru/core/match.gif?s=32&id=0100007FE3CF87634D03BA9A0221A293
139.45.228.100200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=0100007FE3CF87634D03BA9A0221A293
IP 139.45.228.100:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUzUNWocIPbd45D; expires=Sat, 27-Nov-2032 21:49:24 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARjkn5-cBmIgMDEwMDAwN0ZFM0NGODc2MzREMDNCQTlBMDIyMUEyOTOiARDav_cucPgR7asVACWQyCQ3
31.172.81.160200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARjkn5-cBmIgMDEwMDAwN0ZFM0NGODc2MzREMDNCQTlBMDIyMUEyOTOiARDav_cucPgR7asVACWQyCQ3
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARjkn5-cBmIgMDEwMDAwN0ZFM0NGODc2MzREMDNCQTlBMDIyMUEyOTOiARDav_cucPgR7asVACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 21:49:24 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
acint.net/match?dp=110&euid=093bcf05fa264c919979a0c737a2d3fb
193.3.184.137200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=093bcf05fa264c919979a0c737a2d3fb
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=093bcf05fa264c919979a0c737a2d3fb HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=0100007FE3CF87634D03BA9A0221A293
23.88.12.14200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=0100007FE3CF87634D03BA9A0221A293
IP 23.88.12.14:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=b1ef5401-1a7d-45d8-9bcd-0ea5a81feb65; domain=.bidderstack.com; path=/; expires=Thu, 30-Nov-2023 21:49:24 GMT;
Access-Control-Allow-Credentials: true
www.acint.net/match?dp=127&euid=EksMVDd2SMcDV9vqP6XV
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=EksMVDd2SMcDV9vqP6XV
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=EksMVDd2SMcDV9vqP6XV HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
176.9.8.252302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 176.9.8.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1669844964247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=5e71de10-948a-45f3-a9d9-491cf1b27881;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=5e71de10-948a-45f3-a9d9-491cf1b27881;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=5e71de10-948a-45f3-a9d9-491cf1b27881
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
muddymoose.com/wp-content/plugins/bb-plugin/css/fl-slideshow.min.css?ver=2.4.2.4
209.17.116.160200 OK 2.1 kB URL HTTP/2 muddymoose.com/wp-content/plugins/bb-plugin/css/fl-slideshow.min.css?ver=2.4.2.4
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type ASCII text, with very long lines (9623), with no line terminators
Hash b9e7e9b67eb7c3432ddfde220a9e96a3
d7f4e38f9868f4c424f5047c4a23e802db945dce
18e8f4f965c986de519672d7f72bff099960a8ac9c0044c9662ca63944a687da
GET /wp-content/plugins/bb-plugin/css/fl-slideshow.min.css?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:40 GMT
etag: W/"2597-5c61a241389e5"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f42124f2ea5983e6f12ef55ec5663bae
400804fa4f63a3400afb61f14687414a2c795ce1
ff2f35f7c00e329aa04725c12e30c10c36fb9e1f48386f91a8c15e2cd1a34643
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF2F35F7C00E329AA04725C12E30C10C36FB9E1F48386F91A8C15E2CD1A34643"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13127
Expires: Thu, 01 Dec 2022 01:28:11 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive
sync.bumlam.com/?src=sape
31.172.81.160302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 21:49:24 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=dabff72e-70f8-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.acint.net/match?dp=126&euid=8f433a8f-d302-406f-59ae-0c4d312f5f64
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=8f433a8f-d302-406f-59ae-0c4d312f5f64
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=8f433a8f-d302-406f-59ae-0c4d312f5f64 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=111&euid=98249774-50a1-455e-901f-7d8d8a8db5f5
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=98249774-50a1-455e-901f-7d8d8a8db5f5
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=98249774-50a1-455e-901f-7d8d8a8db5f5 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=0100007FE3CF87634D03BA9A0221A293
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007FE3CF87634D03BA9A0221A293
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=0100007FE3CF87634D03BA9A0221A293&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6fd105d27beebbe7df8ca8ae6eaabf91
8b1b23b1c6c117c8b8093b64c04d3f0e1ba114f5
7e8dcea46878a1b704a1e086b299fc17586264d8b4f8f6c60112ead8a5667e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E8DCEA46878A1B704A1E086B299FC17586264D8B4F8F6C60112EAD8A5667E24"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=673
Expires: Wed, 30 Nov 2022 22:00:37 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive
pix.bumlam.com/sync/sape/sync_ok?guid=dabff72e-70f8-11ed-ab15-002590c82437
31.172.81.172302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=dabff72e-70f8-11ed-ab15-002590c82437
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=dabff72e-70f8-11ed-ab15-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://dabff72e-70f8-11ed-ab15-002590c82437.n4.sync.bumlam.com/?src=sape
www.acint.net/match?dp=71&euid=5e71de10-948a-45f3-a9d9-491cf1b27881
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=5e71de10-948a-45f3-a9d9-491cf1b27881
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=5e71de10-948a-45f3-a9d9-491cf1b27881 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/2020/04/mmpic1-768x1024.jpg
209.17.116.160200 OK 192 kB URL HTTP/2 muddymoose.com/wp-content/uploads/2020/04/mmpic1-768x1024.jpg
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 768x1024, components 3\012- data
Size 192 kB (191754 bytes)
Hash c9702a5f187cbf9f0a0e9068a2fa7bca
ade4193ccbf4516bdef8e1fbd02a12b1b109e0cf
85b935c2ba0abf168ee94bf3a4707172a9b5600c2d581515dbbfe8c30e9012ea
GET /wp-content/uploads/2020/04/mmpic1-768x1024.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 191754
last-modified: Mon, 13 Apr 2020 19:41:23 GMT
etag: "2ed0a-5a331449ebc5d"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
muddymoose.com/favicon.ico
209.17.116.160200 OK 0 B URL HTTP/2 muddymoose.com/favicon.ico
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Cookie: fid=29ec144b-380a-404a-a7e7-043a5c5a4df4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/x-icon
content-length: 0
last-modified: Mon, 13 Apr 2020 19:37:48 GMT
etag: "0-5a33137c6307b"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=0100007FE3CF87634D03BA9A0221A293
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0100007FE3CF87634D03BA9A0221A293
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=95f3567d-2185-4a7c-86a7-51d42879ab93
Set-Cookie: uuid=95f3567d-2185-4a7c-86a7-51d42879ab93; expires=Tue, 21 Nov 2023 21:49:24 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
142.250.74.3200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (2669)
Hash c088038bb01fdc7f15f21e2216b6b8b4
fa724c5616022f6825ac476354c492b0bf544d21
b0ecfa74efada796d206177e1bc78c7ac75250608051c6576335c6231fc2de78
GET /maps-api-v3/embed/js/51/1/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 04:52:12 GMT
expires: Thu, 30 Nov 2023 04:52:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 21:36:22 GMT
content-type: text/javascript
age: 61032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adlmerge.com/merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293
95.211.66.35200 OK 86 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash cd01ca32a344e7529987fed41a31de69
4558538a8b95d32e8209cabc21462c0cbb8789e1
d243a8594bf956ada2c21d571ef312c61cbcbfc655b50efd1a55c11c2c4427a7
GET /merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=0100007FE3CF87634D03BA9A0221A293&chk=1
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007FE3CF87634D03BA9A0221A293&chk=1
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007FE3CF87634D03BA9A0221A293&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/NTY3ODgyZjY4MTU5OTViZA
set-cookie: pid=NTY3ODgyZjY4MTU5OTViZA; expires=Thu, 30 Nov 2023 21:49:24 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 04544caa268aa7cccf11691396fd33fa
0fbc1ec62717acbd8e9a24f20905029cb1670987
fd24756e6773ec189e73523dcf58fc8ce3460d614faeac26b9140cc2afd7e557
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD24756E6773EC189E73523DCF58FC8CE3460D614FAEAC26B9140CC2AFD7E557"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10646
Expires: Thu, 01 Dec 2022 00:46:50 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive
dabff72e-70f8-11ed-ab15-002590c82437.n4.sync.bumlam.com/?src=sape
82.146.53.26302 Moved Temporarily 0 B URL HTTP/1.1 dabff72e-70f8-11ed-ab15-002590c82437.n4.sync.bumlam.com/?src=sape
IP 82.146.53.26:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: dabff72e-70f8-11ed-ab15-002590c82437.n4.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: close
Location: https://pix.bumlam.com/sync/sape/done
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.65.187302 Found 1.4 kB URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.65.187:0
ASN #24940 Hetzner Online GmbH
Hash a068f2d8369d1a1f46b3626f6748bb16
7c6d69530107984181a0cdb31cdf58bcfdc8b664
de1945572eede0f5495faf774e105b5a9cfed25880867d138c38eaacb82915c8
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Wed, 30 Nov 2022 21:49:24 GMT
x-request-id: 55ea45a9-dd43-4ca4-b02e-2d8570f00021
set-cookie: bvuid=vs1p2wpl81; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=vs1p2wpl81; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=vs1p2wpl81
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash a068f2d8369d1a1f46b3626f6748bb16
7c6d69530107984181a0cdb31cdf58bcfdc8b664
de1945572eede0f5495faf774e105b5a9cfed25880867d138c38eaacb82915c8
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 04 Dec 2022 19:49:35 GMT
ETag: "7c6d69530107984181a0cdb31cdf58bcfdc8b664"
Last-Modified: Wed, 30 Nov 2022 19:49:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2754
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf58e9db521-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.49302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5076541672; expires=Fri, 29 Nov 2024 21:49:24 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5076541672
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-PPh2NNA7qaAiGikw
142.250.74.130200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-PPh2NNA7qaAiGikw
IP 142.250.74.130:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-PPh2NNA7qaAiGikw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Wed, 30 Nov 2022 21:49:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 411d3ad688493b55b6bf08d4712e670f
0a6ae69196a293468b5348227cdd36ccebd918d2
a37b2dcd55d74baa6c3ea45657f6d9bcc8b0b02875dd7b48e4b50cbf3b2d3e87
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 04 Dec 2022 17:52:37 GMT
ETag: "0a6ae69196a293468b5348227cdd36ccebd918d2"
Last-Modified: Wed, 30 Nov 2022 17:52:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2552
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf5aed1b521-OSL
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FE3CF87634D03BA9A0221A293
81.222.128.215200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FE3CF87634D03BA9A0221A293
IP 81.222.128.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash c85ae5715c5dd3305628d7e290853c60
4051633741212c3e83cf57866b2986efc881d4c8
8aff49d37cd717175d4450a095b71e93ec964a2a3693922e7c0244a2488d32ae
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 04 Dec 2022 18:37:48 GMT
ETag: "4051633741212c3e83cf57866b2986efc881d4c8"
Last-Modified: Wed, 30 Nov 2022 18:37:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1441
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf5ff45b521-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5f9ec7b9a4f6f9f6e80876bb96d202e3
6cb872a2c7967b7b485d210acc5cc2b837b5a9f8
43ea672dcbd5bfd7f32f70380732dc897b68c5e2d8ac57f3d37cb343c6e37ba5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43EA672DCBD5BFD7F32F70380732DC897B68C5E2D8AC57F3D37CB343C6E37BA5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8569
Expires: Thu, 01 Dec 2022 00:12:13 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive
muddymoose.com/wp-content/uploads/2020/04/mmpic45-1024x768.jpg
209.17.116.160200 OK 145 kB URL HTTP/2 muddymoose.com/wp-content/uploads/2020/04/mmpic45-1024x768.jpg
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x768, components 3\012- data
Size 145 kB (144556 bytes)
Hash 2b64655b50e648410fa6ecb758234b2d
9d4d7661c6be689062a9d65c45113ae9b03db955
3d8a775aa3334a4f9b159d2c11f09c61cb1c8b9f70e1f87389d0eeb018100949
GET /wp-content/uploads/2020/04/mmpic45-1024x768.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Cookie: fid=29ec144b-380a-404a-a7e7-043a5c5a4df4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/jpeg
content-length: 144556
last-modified: Mon, 13 Apr 2020 19:41:53 GMT
etag: "234ac-5a33146655361"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=454190,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7726caf5eec6b4f4-OSL
pix.bumlam.com/sync/sape/done
31.172.81.172200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 7dcecaac2cc647c3c9371ddf6c6ff760
7fb0fe4fc8c67c92d229d6df070f61914945e9b6
b08688f159bd765d5bcdf55ff073b9f598ca26d6514e58e0be3d99870cef49a1
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 04 Dec 2022 20:59:43 GMT
ETag: "7fb0fe4fc8c67c92d229d6df070f61914945e9b6"
Last-Modified: Wed, 30 Nov 2022 20:59:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 326
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf64f5ab4f4-OSL
tag.digitaltarget.ru/adcm.js
185.15.175.145200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.145:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Wed, 30 Nov 2022 21:34:07 GMT
Connection: keep-alive
ETag: "6387cc4f-beb"
Accept-Ranges: bytes
ad.mail.ru/cm.gif?p=48&id=0100007FE3CF87634D03BA9A0221A293
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=0100007FE3CF87634D03BA9A0221A293
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=3YhbTb3Fu62E002Byw1_W3YE:::0-0-0-8a228a4:CAASECgYjtS96u_o5ozz1QWloJ0aYDWcoXTWxmC77s9FxBAG6Hvql7AKjBt4bNhPgp8rFoE9u-ki8GWwWd4U6FNJuOXi3lTVtEEG3_tVI8VOIOHQ0QnW7jSksPubD1cZLFA_ga8VqMbqdGV5fbXX546cGu3GbA; path=/; expires=Fri, 01-Dec-23 21:49:24 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 01 Dec 2022 03:49:24 GMT
cache-control: max-age=21600
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293
77.88.21.90302 Found 492 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293
IP 77.88.21.90:0
Hash ed1aff791b0099a8ad461ddf339f79ed
d677e4afe79e0bca4924f5f2aafff91d2a574196
118d0cc44d94e15e821799f06e127f2689b6f739f0e21721dc3dc2a5d8b9605c
GET /mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293?redir-setuniq=1
date: Wed, 30 Nov 2022 21:49:24 GMT
set-cookie: yandexuid=8432908741669844964; domain=.yandex.ru; path=/; expires=Sat, 27-Nov-2032 21:49:24 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 21:49:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
tuuid=28302b66-4f87-524f-9238-3ff2f1bff017; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
ut=Y4fP5QACNmj4-jZz70HOc4f8nqQLNEFPEmB_Tw==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: close
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2e6727238eddf2dbc0c32a99b17a8f24
a7fe53809acbed028ceb25f3bbc1fc174eac3eff
d01e92f3492460eb71ec1133efc65c042ea3b90bfeebbc97b3cd9acb4398d2f1
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4732
Cache-Control: max-age=92185
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Etag: "63868281-1d7"
Expires: Thu, 01 Dec 2022 23:25:49 GMT
Last-Modified: Tue, 29 Nov 2022 22:06:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5076541672
195.209.108.49302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5076541672
IP 195.209.108.49:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5076541672 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Fri, 29 Nov 2024 21:49:24 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 36005cf389f7a8c8ac2a34dbb51bda0a
d4a3788867e7eaa8422fda443b1d2e882d443cbc
897e5d004db6dbbdaf9662d2c3829c881efda0f5fc41acdb401b436cda544b33
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 04 Dec 2022 19:42:36 GMT
ETag: "d4a3788867e7eaa8422fda443b1d2e882d443cbc"
Last-Modified: Wed, 30 Nov 2022 19:42:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 83
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf6a83ab521-OSL
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293&crf=1
188.42.196.115200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293&crf=1
IP 188.42.196.115:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
tuuid=1941311b-ad1c-524f-b87a-16e2dbfdd906; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
ut=Y4fP5AAJpMCuJSzcZuOPc0jt8kokxncvW5toFw==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
sape-sync.rutarget.ru/sync
45.9.26.83302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 45.9.26.83:0
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=ORvOhxXaSjG9
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=ORvOhxXaSjG9; Path=/; Domain=.rutarget.ru; Expires=Mon, 29 May 2023 21:49:24 GMT; SameSite=None; Secure
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash cb4ce3d8de13973a6e1d5c083bf8f4bb
8f39db8d7c9f487d84ea69b11b779ebabcd15c27
5bec501284238586786df4a3da7f64a2d7b01a6d0391437ac12f62c1df4d311e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 30 Nov 2022 20:21:36 GMT
Expires: Thu, 01 Dec 2022 20:21:36 GMT
ETag: "8f39db8d7c9f487d84ea69b11b779ebabcd15c27"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
193.3.184.137302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FE3CF87634D03BA9A0221A293
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sm.rtb.mts.ru/p?ssp=sape&id=0100007FE3CF87634D03BA9A0221A293
217.66.147.41301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=0100007FE3CF87634D03BA9A0221A293
IP 217.66.147.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FE3CF87634D03BA9A0221A293
Set-Cookie: dspid=d5b17cac-c23b-4e92-bb7e-10a32792fe0f; expires=Tue, 21 Nov 2023 21:49:24 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=454190,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7726caf5bbceb505-OSL
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
35.190.24.218302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1008601827
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
set-cookie: AFFICHE_W=yMCoOSqu0UbI36; expires=Thu, 28 Dec 2023 21:49:24 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=ORvOhxXaSjG9
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=ORvOhxXaSjG9
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=ORvOhxXaSjG9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FE3CF87634D03BA9A0221A293
81.222.128.215200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FE3CF87634D03BA9A0221A293
IP 81.222.128.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
tag.digitaltarget.ru/processor.js?i=901256768866222
185.15.175.145200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=901256768866222
IP 185.15.175.145:0
File type ASCII text, with very long lines (15897), with no line terminators
Hash c9571a7ce0a22f154c74bdc8e35523e0
101feba577e71fc076ea5bf3f4af08b5d3fe988d
51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0
GET /processor.js?i=901256768866222 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/javascript
Content-Length: 15897
Last-Modified: Wed, 30 Nov 2022 21:34:08 GMT
Connection: keep-alive
ETag: "6387cc50-3e19"
Accept-Ranges: bytes
px.adhigh.net/p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293
193.232.150.149302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293
IP 193.232.150.149:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
x-backend-id: f16-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=uPcBq8620Jzb.AikABlGEyoQWWA;Path=/;Domain=.adhigh.net;Expires=Thu, 30-Nov-2023 21:49:24 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293&bounced=1
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
tuuid=58953218-3a04-524f-9f70-d807fcf717e3; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
ut=Y4fP5AAIZHC0o9JNrD3fJTPQt2BLoXfAlXny6g==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FE3CF87634D03BA9A0221A293
217.66.147.41200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FE3CF87634D03BA9A0221A293
IP 217.66.147.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1008601827
35.190.24.218204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1008601827
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1008601827 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Wed, 30 Nov 2022 21:49:24 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 30 Nov 2022 21:49:25 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.4.2.4
209.17.116.160200 OK 8.6 kB URL HTTP/2 muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.4.2.4
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash 9737c53caca7d3732f4e43845bdcfb16
cb046455bf60c556b92bff863010336d6a9bb308
fa94d89e2af74be562608d903c977f43e5f5ccb93d4e25e522f62efdfdb62238
GET /wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:49 GMT
etag: W/"4eba-5c61a24995402"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.196.115200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.196.115:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
tuuid=910cbf9e-c60d-524f-ab93-9dadc8145248; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
ut=Y4fP5QAA8jDnlSrZZIt4B0bVbicr1plwDnxpXg==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash cb4ce3d8de13973a6e1d5c083bf8f4bb
8f39db8d7c9f487d84ea69b11b779ebabcd15c27
5bec501284238586786df4a3da7f64a2d7b01a6d0391437ac12f62c1df4d311e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 30 Nov 2022 21:49:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 30 Nov 2022 20:21:36 GMT
Expires: Thu, 01 Dec 2022 20:21:36 GMT
ETag: "8f39db8d7c9f487d84ea69b11b779ebabcd15c27"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
muddymoose.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.4.12
209.17.116.160200 OK 696 B URL HTTP/2 muddymoose.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.4.12
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type ASCII text, with very long lines (1954), with no line terminators
Hash 504fa048b4187f1a65c6d50b24d080c2
41c2844bc9f3b2e5ea9886c280d5ee4016bac9f8
d550e2c95f1bf6fdf75504d0c357d81e47385d6381bc0f9988aa860d09f0bcf3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.4.12 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 13 Apr 2020 19:42:18 GMT
etag: W/"7a2-5a33147eac2c4"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293&bounced=1
193.232.150.149200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293&bounced=1
IP 193.232.150.149:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 21:49:25 GMT
content-type: image/gif
content-length: 49
x-backend-id: f16-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b791e396b363c462c259e47f24d08e02
13f187bcacde8ed75da820ced57d0ebe5e8f3351
daac86ec5af86c6307b74075b1b158bf881957605a7234ce1c2306e8071e8547
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAAC86EC5AF86C6307B74075B1B158BF881957605A7234CE1C2306E8071E8547"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6460
Expires: Wed, 30 Nov 2022 23:37:05 GMT
Date: Wed, 30 Nov 2022 21:49:25 GMT
Connection: keep-alive
x01.aidata.io/0.gif?pid=9401454&id=0100007FE3CF87634D03BA9A0221A293&bounce=1
89.108.120.76204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007FE3CF87634D03BA9A0221A293&bounce=1
IP 89.108.120.76:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007FE3CF87634D03BA9A0221A293&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 21:49:25 GMT
expires: Wed, 30 Nov 2022 21:49:24 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
set-cookie: __upin=mOWhnlFOnnAg6vGNGCxSgg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669844965;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 86394
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/1/1093/i/i?i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.147307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 30 Nov 2022 21:49:25 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965162&i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=5g1OEVScb44z97R7ztRk; Max-Age=93312000; Expires=Fri, 14 Nov 2025 21:49:25 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.147307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 30 Nov 2022 21:49:25 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965200&i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=yYD.671co2RnXRF7jXc5; Max-Age=93312000; Expires=Fri, 14 Nov 2025 21:49:25 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965162&i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.147200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965162&i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1669844965162&i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:25 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965200&i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.147200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965200&i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1669844965200&i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:25 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 15
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type gzip compressed data, max compression\012- data
Hash 3d41aac6d02feb1fde7283494b19108a
fe3ffb2ab31753daea33fb55bf4b4ace0a6061e7
53c33db0ad6ee509db0ac63ac17d1a529fa2e24686e9212cab7566ade6c98505
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 8131
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 8129
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
muddymoose.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.4
209.17.116.160200 OK 0 B URL HTTP/2 muddymoose.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.4
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:42 GMT
etag: W/"e7d0-5c61a243108cf"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
muddymoose.com/wp-content/themes/bb-theme/css/base.min.css?ver=1.7.6.2
209.17.116.160200 OK 0 B URL HTTP/2 muddymoose.com/wp-content/themes/bb-theme/css/base.min.css?ver=1.7.6.2
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bb-theme/css/base.min.css?ver=1.7.6.2 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 28 May 2020 18:03:28 GMT
etag: W/"bd2a-5a6b9254e642b"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
193.3.184.137200 OK 0 B URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 193.3.184.137:0
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1669844963; expires=Thu, 01-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1669844963; expires=Wed, 14-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1669844963; expires=Wed, 14-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1669844963; expires=Wed, 14-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1669844963; expires=Thu, 15-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293?redir-setuniq=1
77.88.21.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293?redir-setuniq=1
IP 77.88.21.90:0
GET /mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Wed, 30 Nov 2022 21:49:24 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 21:49:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
muddymoose.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.6.2
209.17.116.160200 OK 0 B URL HTTP/2 muddymoose.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.6.2
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.6.2 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 28 May 2020 18:03:29 GMT
etag: W/"55d9-5a6b92554f3bf"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
muddymoose.com/wp-content/themes/muddymoose-child/muddymoose-styles.css?ver=1646687323
209.17.116.160200 OK 0 B URL HTTP/2 muddymoose.com/wp-content/themes/muddymoose-child/muddymoose-styles.css?ver=1646687323
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
GET /wp-content/themes/muddymoose-child/muddymoose-styles.css?ver=1646687323 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Mar 2022 21:08:43 GMT
etag: W/"3ff-5d9a744fbb100"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/bb-theme/skin-60de742810617.css?ver=1.7.6.2
209.17.116.160200 OK 0 B URL HTTP/2 muddymoose.com/wp-content/uploads/bb-theme/skin-60de742810617.css?ver=1.7.6.2
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
GET /wp-content/uploads/bb-theme/skin-60de742810617.css?ver=1.7.6.2 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 02:04:24 GMT
etag: W/"e521-5c61a5fec6647"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
muddymoose.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.4.2.4
209.17.116.160200 OK 0 B URL HTTP/2 muddymoose.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.4.2.4
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:40 GMT
etag: W/"167e-5c61a24137a48"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NTY3ODgyZjY4MTU5OTViZA
77.88.21.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NTY3ODgyZjY4MTU5OTViZA
IP 77.88.21.90:0
GET /mapuid/gonetdspis/NTY3ODgyZjY4MTU5OTViZA HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/NTY3ODgyZjY4MTU5OTViZA?redir-setuniq=1
date: Wed, 30 Nov 2022 21:49:24 GMT
set-cookie: yandexuid=8765806421669844964; domain=.yandex.ru; path=/; expires=Sat, 27-Nov-2032 21:49:24 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 21:49:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
muddymoose.com/wp-includes/js/wp-embed.min.js?ver=5.4.12
209.17.116.160200 OK 0 B URL HTTP/2 muddymoose.com/wp-includes/js/wp-embed.min.js?ver=5.4.12
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.4.12 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 10:01:42 GMT
etag: W/"592-5bffff3467670"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
muddymoose.com/wp-content/plugins/bb-plugin/js/yui3.min.js?ver=2.4.2.4
209.17.116.160200 OK 0 B URL HTTP/2 muddymoose.com/wp-content/plugins/bb-plugin/js/yui3.min.js?ver=2.4.2.4
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/js/yui3.min.js?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:49 GMT
etag: W/"3670e-5c61a249af60e"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.js?ver=7d4a639a733668dbe3cdbf8b67b8fc6a
209.17.116.160200 OK 0 B URL HTTP/2 muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.js?ver=7d4a639a733668dbe3cdbf8b67b8fc6a
IP 209.17.116.160:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/cache/7-layout.js?ver=7d4a639a733668dbe3cdbf8b67b8fc6a HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 09 Sep 2022 15:30:09 GMT
etag: W/"569e-5e84038a5f538"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2