Report - www.muddymoose.com/

Report Overview

Submitted URL
www.muddymoose.com/
IP
209.17.116.160
ASN
#19871 NETWORK-SOLUTIONS-HOSTING
Submitted
2022-11-30 21:49:28
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ad.adriver.ru	19548	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	875 B	1.4 kB	195.209.108.49
sync.adkernel.com	4993	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	469 B	107 B	77.245.57.72
px.adhigh.net	10272	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	848 B	1.0 kB	193.232.150.149
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	579 B	1.7 kB	142.250.74.164
s.uuidksinc.net	3423	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	322 B	31.220.27.134
dmg.digitaltarget.ru	21471	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	3.2 kB	185.15.175.147
maps.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	70 kB	142.250.74.3
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	4.6 kB	192.124.249.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.1 kB	16 kB	23.33.119.27
www.muddymoose.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	798 B	907 B	209.17.116.160
sync.upravel.com	28097	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	510 B	840 B	176.9.8.252
ads.betweendigital.com	1571	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	2.4 kB	188.42.196.115
maps.googleapis.com	33876	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	472 B	57 kB	142.250.74.74
mediatoday.ru	136083	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	521 B	139.45.228.100
adlmerge.com	146521	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	215 B	95.211.66.35
x01.aidata.io	12188	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	588 B	89.108.120.76
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	70 kB	34.120.237.76
ssp-rtb.sape.ru	31166	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	773 B	193.3.184.214
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.9 kB	104.18.32.68
stat.adlabs.ru	200922	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	191 B	109.248.237.37
ut.rktch.com	41215	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	593 B	89.108.97.2
pix.bumlam.com	92002	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.1 kB	31.172.81.172
cm.g.doubleclick.net	202	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	657 B	142.250.74.130
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ssp.bestssp.com	90974	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	438 B	302 B	185.147.80.35
ssp.bidvol.com	31817	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	2.0 kB	65.109.65.187
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	93.184.220.29
acint.net	22962	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	780 B	193.3.184.137
cs.agency2.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	721 B	23.111.107.44
ad.mail.ru	7643	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	756 B	95.163.41.56
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
sync.bumlam.com	3243	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	988 B	1.2 kB	31.172.81.160
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	960 B	35 kB	216.58.207.227
dmp.gotechnology.io	48839	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	875 B	904 B	167.235.32.7
dabff72e-70f8-11ed-ab15-002590c82437.n4.sync.bumlam.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	178 B	82.146.53.26
0100007fe3cf87634d03ba9a0221a293-sp.ops.beeline.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	828 B	37.9.245.57
nr.bidderstack.com	352019	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	349 B	23.88.12.14
ssp.adriver.ru	12439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	881 B	376 B	81.222.128.215
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	1.9 kB	104.18.21.226
sape-sync.rutarget.ru	173587	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	409 B	45.9.26.83
muddymoose.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	680 kB	209.17.116.160
sync.dmp.otm-r.com	19534	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	134 B	194.55.244.179
sync.1dmp.io	10017	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.2 kB	78.46.100.125
exchange.buzzoola.com	18389	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483 B	382 B	116.202.236.171
tag.digitaltarget.ru	98193	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	745 B	19 kB	185.15.175.145
ocsp.netsolssl.com	8381	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	964 B	172.64.155.188
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.69.31
redirect.frontend.weborama.fr	8348	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	995 B	1.4 kB	35.190.24.218
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	8.5 kB	104.18.20.226
sm.rtb.mts.ru	27154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	838 B	1.0 kB	217.66.147.41
sync.republer.com	45392	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	133 B	23.88.82.46
an.yandex.ru	2577	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.2 kB	77.88.21.90
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	796 B	93.184.220.29
www.acint.net	29072	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	16 kB	193.3.184.137
dm-eu.hybrid.ai	28847	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	468 B	37.18.103.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	www.muddymoose.com/	Malware
2022-11-30	medium	www.muddymoose.com/	Malware
2022-11-30	medium	muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.2.4	Malware
2022-11-30	medium	muddymoose.com/wp-includes/js/imagesloaded.min.js?ver=5.4.12	Malware
2022-11-30	medium	muddymoose.com/	Malware
2022-11-30	medium	muddymoose.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	Malware
2022-11-30	medium	muddymoose.com/wp-content/plugins/bb-plugin/js/fl-slideshow.min.js?ver=2.4.2.4	Malware
2022-11-30	medium	muddymoose.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	Malware
2022-11-30	medium	muddymoose.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12	Malware
2022-11-30	medium	muddymoose.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.4.12	Malware
2022-11-30	medium	muddymoose.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.4	Malware
2022-11-30	medium	muddymoose.com/wp-content/themes/bb-theme/css/base.min.css?ver=1.7.6.2	Malware
2022-11-30	medium	muddymoose.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.6.2	Malware
2022-11-30	medium	muddymoose.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.4.2.4	Malware
2022-11-30	medium	muddymoose.com/wp-includes/js/wp-embed.min.js?ver=5.4.12	Malware
2022-11-30	medium	muddymoose.com/wp-content/plugins/bb-plugin/js/yui3.min.js?ver=2.4.2.4	Malware
2022-11-30	medium	muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.js?ver=7d4a639a733668dbe3cdbf8b67b8fc6a	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (34)

	URL	Size	First Seen	Last Seen
	maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._5a9ztt&client=google-maps-embed&token=79989	62 B	2023-03-08	2023-08-14
Pretty URL maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._5a9ztt&client=google-maps-embed&token=79989 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:38:45 Last Seen2023-08-14 15:49:58 Times Seen139 Hash 4e9cbf09856cb1c01abcbaa05a9958fa ef24dd95bfb48a4c6409fb9204d94221f766e97e 2d7c973e40928aa40b8332e7c48a4b75388e21c8e745cbdeace517d512b04c09 Loading...

	muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.2.4	731 B	2023-03-07	2024-04-25
Pretty URL muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.2.4 IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-25 11:20:17 Times Seen2329 Hash 97669983f6540f2badeef6ab07e5b637 b6f0084f6747da64cf24334b2c0027e57cbf7f23 fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7 Loading...

	muddymoose.com/	250 B	2023-03-07	2024-04-26
Pretty URL muddymoose.com/ IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:22 Last Seen2024-04-26 14:09:23 Times Seen621 Hash 537357420024d824760d7686fbdf31fe 5e14660b667fdc602c82300ccf3253afc242e4bb ca2f5769fc415a62dd2cd8af83b9b64604715e602f6de4c7741f9992a7003a29 Loading...

	muddymoose.com/wp-content/plugins/bb-plugin/js/yui3.min.js?ver=2.4.2.4	223 kB	2023-03-07	2024-04-22
Pretty URL muddymoose.com/wp-content/plugins/bb-plugin/js/yui3.min.js?ver=2.4.2.4 IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:45 Last Seen2024-04-22 16:48:45 Times Seen94 Hash a0e45035cce297d0e79c5b1e5dfb74bf 6412507c4cee4f069866223337e5a391f1da7f5c 73708ac8f0cac95920f58b19809d7d81fa40c3b7c87ffcdf1136bdf34627aaf0 Loading...

	muddymoose.com/wp-includes/js/imagesloaded.min.js?ver=5.4.12	8.1 kB	2023-03-07	2024-04-15
Pretty URL muddymoose.com/wp-includes/js/imagesloaded.min.js?ver=5.4.12 IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:06 Last Seen2024-04-15 15:38:28 Times Seen601 Hash b89ed002fd8fa08062ac8018e5416432 8196c522a7a1a506dde696f68de76c1658a61610 afbd6d3dbf677900ec3d80e8057a7b9f93f72e5971494ed7ce7a4be1cb7c9ae8 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/1/common.js	254 kB	2023-03-11	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/1/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:54:04 Last Seen2023-03-11 23:13:14 Times Seen1 Hash e39ea0b6a59026e9c9a623f639661f9b 6dc69b58001aa7bde94cb7572fa14665e356c29b db099e95eb910c80a88cff3a375d59c4533d74c328b5c94189fe32f0b0ae28a1 Loading...

	muddymoose.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	10 kB	2023-03-07	2024-04-26
Pretty URL muddymoose.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-26 10:14:42 Times Seen37232 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	www.acint.net/mc/?dp=10&tc=1	199 B	2023-03-11	2024-02-07
Pretty URL www.acint.net/mc/?dp=10&tc=1 IP 193.3.184.137 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:12:16 Last Seen2024-02-07 03:09:36 Times Seen3 Hash 49ca54d7b9b08dd7cb4c655730525ee9 3aad2dbc387f3e57dca8d8d3db2aa7bb7704839a 6f9ddf148da5d1802c8140f20f1b2a00f8aea43a1c6e70919b2be79a279bc135 Loading...

	www.google.com/maps/embed/v1/place?q=2344+White+Mountain+Hwy%2C+North+Conway%2C+NH+03860&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8	1.8 kB	2023-03-11	2024-02-07
Pretty URL www.google.com/maps/embed/v1/place?q=2344+White+Mountain+Hwy%2C+North+Conway%2C+NH+03860&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:12:16 Last Seen2024-02-07 03:09:36 Times Seen3 Hash 397dd2706f9cb941dde5620f46bc35c6 b048a7fb75ce08b86a16c561c8e67f4f39f81458 8e794a7f99fdb3f5e130ee6343ecac1107f43b25da2d0b96f86f26603a0b2f50 Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7s46ks1n&10e1&11b0&callback=_xdc_._bl3fil&client=google-maps-embed&token=65890	62 B	2023-03-11	2024-02-07
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7s46ks1n&10e1&11b0&callback=_xdc_._bl3fil&client=google-maps-embed&token=65890 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:12:16 Last Seen2024-02-07 03:09:36 Times Seen3 Hash b03bec074b9319b1f93fc6d5fbfa1de9 fa9f90b22a3e032ddef92540bcfbb9e3c2db9375 36004263b5f6df33f529c473876a7f5f42963f4b958bfd8f05ffd525049889d1 Loading...

	muddymoose.com/wp-includes/js/wp-embed.min.js?ver=5.4.12	1.4 kB	2023-03-07	2024-04-26
Pretty URL muddymoose.com/wp-includes/js/wp-embed.min.js?ver=5.4.12 IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-26 10:10:59 Times Seen6878 Hash 905225d5711b559d3092387d5ffbedbd 6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Loading...

	muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.js?ver=7d4a639a733668dbe3cdbf8b67b8fc6a	22 kB	2023-03-11	2024-02-07
Pretty URL muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.js?ver=7d4a639a733668dbe3cdbf8b67b8fc6a IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:12:16 Last Seen2024-02-07 03:09:36 Times Seen3 Hash 7d4a639a733668dbe3cdbf8b67b8fc6a 5216da48f0176276f51d450bd4d95f05605eaee7 8c7c4bf7b1b80879400b5320b2cd3ba0c5a0bfa73f299585bf4211ad317df5c0 Loading...

	muddymoose.com/wp-content/plugins/bb-plugin/js/fl-slideshow.min.js?ver=2.4.2.4	103 kB	2023-03-07	2024-04-22
Pretty URL muddymoose.com/wp-content/plugins/bb-plugin/js/fl-slideshow.min.js?ver=2.4.2.4 IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:45 Last Seen2024-04-22 16:48:45 Times Seen15 Hash 9468dd1bb44c6c8c5b5c3a9e37325f13 ebae2385dae316c7d795d11e2efee68713e1b27e 4c3260b6f0867e378729b949229f5f18a323e6ac47e344f97d11d535509a5287 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/1/map.js	72 kB	2023-03-11	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/1/map.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:54:04 Last Seen2023-03-11 23:12:16 Times Seen1 Hash 4fff6ce78464889e5a2028f20253ce85 924e8b33887fba9509f010a0f1802533f6cd0448 82c19ea6ef8bc5c3368e21a99b85715eee48d4a1adaed53f805499ed5558d485 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/1/onion.js	27 kB	2023-03-11	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/1/onion.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:54:04 Last Seen2023-03-11 23:12:16 Times Seen1 Hash ced152e1bee18e5f4c893dbba68c7501 5a3bfec6642a6a6bb1c23e78beead96e044d5a71 60ff2b67ca4666fd28f8bc93e088822d95fbe98d88c6b1f6b746d73344d98ff0 Loading...

	muddymoose.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	97 kB	2023-03-07	2024-04-26
Pretty URL muddymoose.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-04-26 10:14:42 Times Seen17760 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	www.acint.net/aci.js	23 kB	2023-03-07	2023-03-17
Pretty URL www.acint.net/aci.js IP 193.3.184.137 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-03-17 20:29:36 Times Seen1 Hash 296c412bb908c9c3dce5d63fdd740fbc d00fa58ccedf948ecba31f911399c35483db13ad a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33 Loading...

	muddymoose.com/	72 B	2023-03-07	2024-03-14
Pretty URL muddymoose.com/ IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:04 Last Seen2024-03-14 01:03:01 Times Seen189 Hash 46dc272707f808a010d65270e350be87 ff0b024e575cd5217454cff3866870a8e3c6d061 029f3cf62854c4139b5392266d61b3e9ceec43cc74c113861e7e782cf5dfc2c4 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 14:54:56 Times Seen37093726 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js	225 kB	2023-03-11	2023-03-11
Pretty URL maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js IP 142.250.74.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:54:04 Last Seen2023-03-11 23:12:16 Times Seen1 Hash 8e8f2c37526b2b4f958f08037e244b2c 988386a032a7caa5c701f1591aac431d719c0bfe dc77c0fb903cd75c57e9c72c977a11bd521a34d7eb356118e86768762aa2d199 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/1/util.js	170 kB	2023-03-11	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/1/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:54:04 Last Seen2023-03-11 23:13:14 Times Seen1 Hash 1869be15b4f227b772acbd045fad1a0b 74b0740732ed46e6b588b712ccb3238ec824d8f0 ebc4b582e1dcce5a8347546dce540c0b431f22a8f78811240328a2fc5f8eb7b5 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/1/search_impl.js	2.8 kB	2023-03-11	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/1/search_impl.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:54:04 Last Seen2023-03-11 23:12:16 Times Seen1 Hash 3073db8528bb070df546ff6c8cc875c1 fddddc8ada9c47c79ef3c94399118ae5e5b7f545 8d8d7f300c855802d23f4d822711212d8e402e76da6764ec2fa3a27fb7065885 Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d44.036826349453406&2d-71.13819147803895&2m2&1d44.05117059256398&2d-71.11227929693598&2u16&4sen-US&5e0&6sm%40628000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&14b1&callback=_xdc_._wcy7tq&client=google-maps-embed&token=113391	16 kB	2023-03-11	2024-02-07
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d44.036826349453406&2d-71.13819147803895&2m2&1d44.05117059256398&2d-71.11227929693598&2u16&4sen-US&5e0&6sm%40628000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&14b1&callback=_xdc_._wcy7tq&client=google-maps-embed&token=113391 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:12:16 Last Seen2024-02-07 03:09:36 Times Seen3 Hash 95bd97ffd6f49d776afbfba3aae86b9d ce8b550931e1e948a016ca56ee3b0f261352f87a 96120b05ce8de2277130543d8cedbd778142aa81cccb461a76ec6a1b3a9a223a Loading...

	muddymoose.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.12	14 kB	2023-03-07	2024-04-24
Pretty URL muddymoose.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.12 IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-24 18:30:20 Times Seen2872 Hash c8d5a4cd14632bc2bdf15b5e45ca9d4d cdf210b710c2792eda450a1a11e5dc1f8dae8594 956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694 Loading...

	tag.digitaltarget.ru/processor.js?i=901256768866222	16 kB	2023-03-08	2023-03-11
Pretty URL tag.digitaltarget.ru/processor.js?i=901256768866222 IP 185.15.175.145 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:13 Last Seen2023-03-11 23:51:33 Times Seen1 Hash c9571a7ce0a22f154c74bdc8e35523e0 101feba577e71fc076ea5bf3f4af08b5d3fe988d 51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0 Loading...

	muddymoose.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.6.2	22 kB	2023-03-10	2023-11-29
Pretty URL muddymoose.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.6.2 IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 02:51:53 Last Seen2023-11-29 09:32:27 Times Seen26 Hash 1c1c8d7b370c88a5ba8a551047dfeb3d 63bdff8e79948b9e203c28ac4233f219b9808438 49b428122b908c8bade67f5824eebefce093cbb78b77a2ed31d22903ed0c1270 Loading...

	muddymoose.com/	81 B	2023-03-11	2024-02-07
Pretty URL muddymoose.com/ IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:12:16 Last Seen2024-02-07 03:09:36 Times Seen3 Hash 255921b1863f6d85ae55a5ea3bed2e29 a7e115747237640025d113640d5e1d9b0705e4d0 c420ebb42fb952fa7399850fb4c03f304bc7eaf8d9170d157c42d5f3187c4417 Loading...

	muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.4.2.4	20 kB	2023-03-07	2024-02-07
Pretty URL muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.4.2.4 IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:45 Last Seen2024-02-07 09:57:14 Times Seen96 Hash 5fc8c870192a1530ebf2858370448630 05178cc81180f091c9ca091949be1af932c93a22 2c04e438b5c5b6c29c3fa3831a969f2e7134664af8df56abb1fd930dbfd389dd Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/1/overlay.js	3.6 kB	2023-03-11	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/1/overlay.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:54:04 Last Seen2023-03-11 23:12:16 Times Seen1 Hash f850e3ff6a31907682e3a13aa88f9c47 ab3eef470160c6ff0134394f661f79d22ac0dbf9 826ffa194c82355186ca505487674f92a796e17a6838da75e4a73b39d04d7ba7 Loading...

	tag.digitaltarget.ru/adcm.js	3.1 kB	2023-03-07	2023-05-06
Pretty URL tag.digitaltarget.ru/adcm.js IP 185.15.175.145 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-05-06 00:46:41 Times Seen299 Hash e7097284185069f52fc736bcd50cda13 1cdfdf2d869841202079ddf91e0a00a8610812e6 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/1/controls.js	89 kB	2023-03-11	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/1/controls.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:54:04 Last Seen2023-03-11 23:12:16 Times Seen1 Hash a10ff9cf15d9c18dafc57104e1f7a008 8f6404b352009b9fc5361c4c3aa7ac56dce1b021 494596bd6eef3707a51e5c394adb08ba9b959b1d526cdd6be207332b816a8aee Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d44.036468514660484&2d-71.13532879912749&2m2&1d44.05100401434589&2d-71.11516665440257&2u13&4sen-US&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&14b1&callback=_xdc_._5hjici&client=google-maps-embed&token=38189	2.3 kB	2023-03-11	2024-02-07
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d44.036468514660484&2d-71.13532879912749&2m2&1d44.05100401434589&2d-71.11516665440257&2u13&4sen-US&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&14b1&callback=_xdc_._5hjici&client=google-maps-embed&token=38189 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:12:16 Last Seen2024-02-07 03:09:36 Times Seen3 Hash a4997cd1c905e3724b4b0d92d103f220 62fc60af9f62f97b02f2fd072ee3f94a67d49bf1 939ea26b0817869e6f330f017ef2b816de6e70da3a17c983c727facfea5e4c45 Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7s46ksix&10e1&11b0&callback=_xdc_._9hx7uw&client=google-maps-embed&token=67609	62 B	2023-03-11	2024-02-07
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7s46ksix&10e1&11b0&callback=_xdc_._9hx7uw&client=google-maps-embed&token=67609 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:12:16 Last Seen2024-02-07 03:09:36 Times Seen3 Hash 95ad3322c68d9f214694eba38ec6d8bc 06b193e3d05e2702f958b822a69df2a9568566f8 09b1a1bb8ad6db44da984d29f337009a84ad47518585f99f419772b8d685ca9b Loading...

	muddymoose.com/	2.2 kB	2023-03-11	2024-02-07
Pretty URL muddymoose.com/ IP 209.17.116.160 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:12:16 Last Seen2024-02-07 03:09:36 Times Seen3 Hash 5af7d8a31b39df8731cca2d7404e53ee a5e4f2943a95460630d40219a82b8fcbfb03c6e2 e442d9092257fb9ca4b315b8cc94cfddad3f60c1576f6fa19cfde5c80356a6c5 Loading...

HTTP Transactions (161)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7264
Expires: Wed, 30 Nov 2022 23:50:20 GMT
Date: Wed, 30 Nov 2022 21:49:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5899
Expires: Wed, 30 Nov 2022 23:27:35 GMT
Date: Wed, 30 Nov 2022 21:49:16 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3453
Cache-Control: max-age=135576
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:16 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:28:52 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

www.muddymoose.com/

209.17.116.160

301 Moved Permanently

175 B

URL HTTP/1.1
www.muddymoose.com/
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
175 B (175 bytes)
Hash
27d3037d4815f88b7bb724cb258524e1
092678ca1f61e13d97f37f7be9438e7b32b722e9
0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: openresty/1.19.9.1
Date: Wed, 30 Nov 2022 21:49:16 GMT
Content-Type: text/html
Content-Length: 175
Connection: keep-alive
Location: https://www.muddymoose.com/

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Z1TXZxYlGTttHa9Ae22jEzpIj5YUl67WY8b9Xm21OgN+saEDhoAEx3cU1/+GO9ExX/dicSD+gsRYFhlexR/GfQ==
x-amz-request-id: 6HHABGRM5V50FCAK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 21:45:23 GMT
age: 233
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 21:19:44 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1772
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 21:49:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 21:08:56 GMT
cache-control: public,max-age=3600
age: 2420
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.netsolssl.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.netsolssl.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
5bb54532af80964c4a12c1f5f924ccd7
47c74a1473e7c2a86802f4c7fce8fd54a83a5486
b078aded5d04f283748eaf963bfba797783a1e4ea3300d21424c5082562c06b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 03:47:53 GMT
Expires: Tue, 06 Dec 2022 03:47:52 GMT
Etag: "47c74a1473e7c2a86802f4c7fce8fd54a83a5486"
Cache-Control: max-age=452915,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7726cac2ed82b4e8-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3440
Cache-Control: max-age=130495
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:16 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:04:11 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.69.31

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.69.31:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5eJwemnsLF0h/4klP07WIQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BHK7tvwdrKDXAwu5roDVZvwFW5U=

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 21:49:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 21:49:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 21:49:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 21:49:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 86187
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10958 bytes)
Hash
777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
age: 84746
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9330 bytes)
Hash
bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 85704
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7298 bytes)
Hash
e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 85973
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5785 bytes)
Hash
59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 85232
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:55:46 GMT
age: 60812
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.muddymoose.com/

209.17.116.160

301 Moved Permanently

0 B

URL HTTP/2
www.muddymoose.com/
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:19 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://muddymoose.com/
x-powered-by: PHP/7.0.33
x-pingback: https://muddymoose.com/xmlrpc.php
x-redirect-by: WordPress
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
X-Firefox-Spdy: h2

muddymoose.com/wp-content/plugins/bb-plugin/css/yui3.css?ver=2.4.2.4

209.17.116.160

200 OK

458 B

URL HTTP/2
muddymoose.com/wp-content/plugins/bb-plugin/css/yui3.css?ver=2.4.2.4
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
ASCII text, with very long lines (320)
Size
458 B (458 bytes)
Hash
03239bd8d53fe79e8bd42196c0bff2b2
e4342c2e287451b0282d5104d8aa5eeebfa34f37
75eaf8646506bf8fd202570dfc8bdc48fa2b35c526135e66c7a2dd15c8aa1fc0

HTTP Headers

GET /wp-content/plugins/bb-plugin/css/yui3.css?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
content-length: 458
last-modified: Fri, 02 Jul 2021 01:47:40 GMT
etag: "1ca-5c61a24133fc8"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.2.4

209.17.116.160

200 OK

731 B

URL HTTP/2
muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.2.4
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
ASCII text, with very long lines (479)
Size
731 B (731 bytes)
Hash
97669983f6540f2badeef6ab07e5b637
b6f0084f6747da64cf24334b2c0027e57cbf7f23
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
content-length: 731
last-modified: Fri, 02 Jul 2021 01:47:48 GMT
etag: "2db-5c61a24982749"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ed999db91146cdfd9ac1d178ffd7b6ab
f4be7104633c84b1e170f20426671e0c9d649bbb
3ce4d863b27cdec31929e8fe8935c1f8fd15f6b1e8cb1a26d14d87360c0fe9e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CE4D863B27CDEC31929E8FE8935C1F8FD15F6B1E8CB1A26D14D87360C0FE9E5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6254
Expires: Wed, 30 Nov 2022 23:33:37 GMT
Date: Wed, 30 Nov 2022 21:49:23 GMT
Connection: keep-alive

www.acint.net/aci.js

193.3.184.137

200 OK

7.5 kB

URL HTTP/2
www.acint.net/aci.js
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
ASCII text, with very long lines (1408)
Size
7.5 kB (7461 bytes)
Hash
ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de

HTTP Headers

GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://muddymoose.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Thu, 01 Dec 2022 09:49:23 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/2020/04/tripadvisor-logo-6939149F8F-seeklogo.com_.png

209.17.116.160

200 OK

10 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/2020/04/tripadvisor-logo-6939149F8F-seeklogo.com_.png
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
PNG image data, 300 x 139, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10470 bytes)
Hash
67d280936024173b79dbc7fd1f7c36ea
c529a76af6fefef4767a41b6f04b4995874d88eb
027638bdd31466b2f8c5790ff7e15e1e183a346f0e499d3d422aae9b2fa531c1

HTTP Headers

GET /wp-content/uploads/2020/04/tripadvisor-logo-6939149F8F-seeklogo.com_.png HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/png
content-length: 10470
last-modified: Mon, 13 Apr 2020 19:41:59 GMT
etag: "28e6-5a33146c570d1"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/2020/04/download-1-300x156.jpg

209.17.116.160

200 OK

6.6 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/2020/04/download-1-300x156.jpg
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x156, components 3\012- data
Size
6.6 kB (6552 bytes)
Hash
322ef593808e71f6a4dfb3c2dcac1f70
16c6b64f457cd950564a418224473d29ea97889c
a1bd536a0f18323eba9be564e8a3532dd58d3be12919d3356d9043d9beeb9588

HTTP Headers

GET /wp-content/uploads/2020/04/download-1-300x156.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 6552
last-modified: Mon, 13 Apr 2020 19:41:22 GMT
etag: "1998-5a3314494a615"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.acint.net/hit/?v=0.4.0&uid=7858a0b2-8708-4ec0-8946-921761be34c5&dp=10&tz=%2B00%3A00&nc=68241308&u=https%3A%2F%2Fmuddymoose.com%2F&r=&rs=1280x1024&t=Muddy%20Moose%20%E2%80%93%20Restaurant%20%26%20Pub&oE=1&oP=1&dT=2022-11-30T21%3A49%3A22.493&fu=29ec144b-380a-404a-a7e7-043a5c5a4df4

193.3.184.137

200 OK

43 B

URL HTTP/2
www.acint.net/hit/?v=0.4.0&uid=7858a0b2-8708-4ec0-8946-921761be34c5&dp=10&tz=%2B00%3A00&nc=68241308&u=https%3A%2F%2Fmuddymoose.com%2F&r=&rs=1280x1024&t=Muddy%20Moose%20%E2%80%93%20Restaurant%20%26%20Pub&oE=1&oP=1&dT=2022-11-30T21%3A49%3A22.493&fu=29ec144b-380a-404a-a7e7-043a5c5a4df4
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hit/?v=0.4.0&uid=7858a0b2-8708-4ec0-8946-921761be34c5&dp=10&tz=%2B00%3A00&nc=68241308&u=https%3A%2F%2Fmuddymoose.com%2F&r=&rs=1280x1024&t=Muddy%20Moose%20%E2%80%93%20Restaurant%20%26%20Pub&oE=1&oP=1&dT=2022-11-30T21%3A49%3A22.493&fu=29ec144b-380a-404a-a7e7-043a5c5a4df4 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://muddymoose.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10

193.3.184.137

302 Found

154 B

URL HTTP/2
www.acint.net/mc/?dp=10
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://muddymoose.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 30-Nov-22 21:59:23 GMT
aid=fwAAAWOHz+OaugNNk6IjAqcfbKCM50J1BgWCmwy8kyjPHqZc; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/2020/04/muddy-moose-color-logo.png

209.17.116.160

200 OK

43 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/2020/04/muddy-moose-color-logo.png
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
PNG image data, 144 x 151, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (42688 bytes)
Hash
4f1869482a208a03be4a58c9a3243bdf
174ea6ee08e2886dcf398590e429e0821fba5064
9d381969a6ee5e611761e3d3a07af435adb573e96d8f0b19c571ed980c4a1cb6

HTTP Headers

GET /wp-content/uploads/2020/04/muddy-moose-color-logo.png HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/png
content-length: 42688
last-modified: Mon, 13 Apr 2020 19:41:59 GMT
etag: "a6c0-5a33146c2bd79"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/2013/11/creditcards.jpg

209.17.116.160

200 OK

19 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/2013/11/creditcards.jpg
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 250x46, components 3\012- data
Size
19 kB (19275 bytes)
Hash
357402e31dbce632e4f4edd0ac24b70f
5d41d4f23b1048c24b006b0da010806f7a473f8c
5bc3c559ecebedc8b596fc599257158f5bc5db0efae28144790a4836fb88bbf1

HTTP Headers

GET /wp-content/uploads/2013/11/creditcards.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 19275
last-modified: Mon, 13 Apr 2020 19:40:59 GMT
etag: "4b4b-5a331432fe9de"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/bb-plugin/cache/mmpic31-150x150-circle.jpg

209.17.116.160

200 OK

8.9 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/bb-plugin/cache/mmpic31-150x150-circle.jpg
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
8.9 kB (8858 bytes)
Hash
260f86ac063559fe0f6bfd992702efe4
1e90f9795d9977114b5aa8f0c4c2c0fe0342532a
0bb69cfcc6ab23dc3945be0eefe0152f13d3cd171e4fb6c4e0c0fb3537db279a

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/mmpic31-150x150-circle.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 8858
last-modified: Fri, 09 Sep 2022 15:30:09 GMT
etag: "229a-5e84038ac36a4"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/bb-plugin/cache/mmpic24-150x150-circle.jpg

209.17.116.160

200 OK

9.0 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/bb-plugin/cache/mmpic24-150x150-circle.jpg
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
9.0 kB (9044 bytes)
Hash
610cffbb26c487bd89ff9eebf0399f56
0995a344d36a1cebe00141dc48c5c8d36f38fd88
5245014d7c51ea6f5006e1ef102c894bc7bfd37f8c96b5a8e468b3a8782c2c9f

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/mmpic24-150x150-circle.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 9044
last-modified: Fri, 09 Sep 2022 15:30:09 GMT
etag: "2354-5e84038acea37"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/2013/11/breakfor.jpg

209.17.116.160

200 OK

24 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/2013/11/breakfor.jpg
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 300x170, components 3\012- data
Size
24 kB (23867 bytes)
Hash
f75850c549ccd787a60a8c44d34a7cc6
71a78689b2e8e32ee6c8fab5971d49f64cbaf851
d8c77a1efe6959cce79550e5b62bde408ec34118060898ce2ccbb1fc4082fdf6

HTTP Headers

GET /wp-content/uploads/2013/11/breakfor.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 23867
last-modified: Mon, 13 Apr 2020 19:40:59 GMT
etag: "5d3b-5a331432f6518"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google.com/maps/embed/v1/place?q=2344+White+Mountain+Hwy%2C+North+Conway%2C+NH+03860&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8

142.250.74.164

200 OK

912 B

URL HTTP/2
www.google.com/maps/embed/v1/place?q=2344+White+Mountain+Hwy%2C+North+Conway%2C+NH+03860&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1538)
Size
912 B (912 bytes)
Hash
e75eceb3e895f732f11f79a8f17a5fa9
ec20dde54c429c2c69598c83df5e34d4970b3a2f
fc6f8169ad7be27e3d4b4743b8c27442514b0b202b43d6638679c2a34dc4aa9f

HTTP Headers

GET /maps/embed/v1/place?q=2344+White+Mountain+Hwy%2C+North+Conway%2C+NH+03860&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://muddymoose.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Language, Origin, X-Origin, Referer
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-FPvChmHUvIhFPRmqcg2KEg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Wed, 30 Nov 2022 21:49:23 GMT
server: scaffolding on HTTPServer2
content-length: 912
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/bb-plugin/cache/1df7b665cf3bfc4f015aa5243d6df4707587aac9e4105d0c3d94b1c46ebda82e-150x150-circle.jpg

209.17.116.160

200 OK

6.7 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/bb-plugin/cache/1df7b665cf3bfc4f015aa5243d6df4707587aac9e4105d0c3d94b1c46ebda82e-150x150-circle.jpg
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
6.7 kB (6725 bytes)
Hash
29010afd0736bd678973c4b3e3acbb24
222db7dd65274ce0a9cda90d4c0612cb4b6226b0
f5742254801350d6e5278c98735b98337a347d3c59e500ecbe9c26c0a0a20143

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/1df7b665cf3bfc4f015aa5243d6df4707587aac9e4105d0c3d94b1c46ebda82e-150x150-circle.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 6725
last-modified: Fri, 09 Sep 2022 15:30:09 GMT
etag: "1a45-5e84038ac9075"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

muddymoose.com/wp-includes/js/imagesloaded.min.js?ver=5.4.12

209.17.116.160

200 OK

3.4 kB

URL HTTP/2
muddymoose.com/wp-includes/js/imagesloaded.min.js?ver=5.4.12
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
data
Size
3.4 kB (3357 bytes)
Hash
c9213aee21077360bf50e0b8b57aed49
8025fab7e61e4fdfa82d5dec2545e46de7fda185
930b6c17cc323f70e4faafabda58b99353e0fcaceb4e1d341b39b4b520b2e135

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=5.4.12 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Apr 2020 19:42:47 GMT
etag: W/"1fd4-5a331499c5aba"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

muddymoose.com/

209.17.116.160

200 OK

7.5 kB

URL HTTP/2
muddymoose.com/
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1902)
Size
7.5 kB (7525 bytes)
Hash
cfcede1ec638a54e271153fb626aedca
e1520ce1863f3272e77462e043eaa8013a148d7e
7dd93db344948922f46a1af48332a558017c2c8b089993308753bc19a186314d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.0.33
x-pingback: https://muddymoose.com/xmlrpc.php
link: <https://muddymoose.com/wp-json/>; rel="https://api.w.org/", <https://muddymoose.com/>; rel=shortlink
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a378e3cc6029dde181c06e0e0568cfa5
0eedaf829e2aa8ed4515963f324fda6ce6c1a024
00c029ae05bbc62c592d0aa39980d2143aa880833cbda0cf89301c2d7b790897

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00C029AE05BBC62C592D0AA39980D2143AA880833CBDA0CF89301C2D7B790897"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9258
Expires: Thu, 01 Dec 2022 00:23:42 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive

muddymoose.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.12

209.17.116.160

200 OK

86 kB

URL HTTP/2
muddymoose.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.12
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
data
Size
86 kB (85540 bytes)
Hash
b9dadd3db9bdbf733c68372c14687ea1
0614e74e925b778c3c65e592d8d6ea2a654e3809
176ef0e9a6bd479e0ab38a387f282bbb32a4d72cd0e7348f589384bb6ae59b92

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.12 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 10:01:42 GMT
etag: W/"363c-5bffff34695bf"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

dm-eu.hybrid.ai/match?id=106&vid=0100007FE3CF87634D03BA9A0221A293

37.18.103.16

204 No Content

0 B

URL HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=0100007FE3CF87634D03BA9A0221A293
IP
37.18.103.16:0
ASN
#205675 Hybrid LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 30 Nov 2022 21:49:24 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=391453b84602bd370541; Expires=Thu, 30 Nov 2023 21:49:23 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6af0e1fdb65f3cc3718b99bead1f9b5b
5258190d223960ce20e8456ee26ef2d3b0cd9f0a
e07851e40a79d50ea3b23979d38ee080900cf0d28098457353dc940e034137d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E07851E40A79D50EA3B23979D38EE080900CF0D28098457353DC940E034137D9"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8056
Expires: Thu, 01 Dec 2022 00:03:40 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive

muddymoose.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

209.17.116.160

200 OK

4.8 kB

URL HTTP/2
muddymoose.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
data
Size
4.8 kB (4809 bytes)
Hash
9d8fb36ae902b5c32434411fdda70786
84955e24aa2ea7bb974855707f5eaef9447b7ae9
a2ecbc29c1c48e3c077bded5533af3033d6ad413f3270ac9491d821f57572e93

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Apr 2020 19:42:48 GMT
etag: W/"2748-5a33149a89f5a"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb70f2b49102d0dbba09a0645173612d
ba3b4186dccf12f16ac6bbeee4328708ba0e3a72
a3e17a5b5b580d0b1248f49ff41c1266c60d6eac80c9ed63c81bd35ecf8f78d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3E17A5B5B580D0B1248F49FF41C1266C60D6EAC80C9ED63C81BD35ECF8F78D8"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13272
Expires: Thu, 01 Dec 2022 01:30:36 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be716dad2ada48944da6df3841eafeb8
3b95a6e57f7dab8ea8ffc76745d01acc38c151ce
c1d22e713d8a7a1228de17f230af48e6a1441f7a067783e6f4b9a03bb375f33e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1D22E713D8A7A1228DE17F230AF48E6A1441F7A067783E6F4B9A03BB375F33E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6878
Expires: Wed, 30 Nov 2022 23:44:02 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive

muddymoose.com/wp-content/plugins/bb-plugin/js/fl-slideshow.min.js?ver=2.4.2.4

209.17.116.160

200 OK

31 kB

URL HTTP/2
muddymoose.com/wp-content/plugins/bb-plugin/js/fl-slideshow.min.js?ver=2.4.2.4
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
data
Size
31 kB (31320 bytes)
Hash
018d240fb03e5d72d9e1886c1640e96c
cc6f11dd47ac3a31d1196d7b6c079855891b23df
4b41ee2ab94c6556b43277473c2624266eeeaea92191b291aa635576bd8de2ee

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/fl-slideshow.min.js?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:49 GMT
etag: W/"190f7-5c61a249b72ee"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cac131d4ffb2a7c985e665c9893492f3
0d1547dacf457b818499bc789b454627173f088e
49e53f1eab25176d5890ef7034fbfe14a6bcceafbaf71a54f744c68109a1087b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49E53F1EAB25176D5890EF7034FBFE14A6BCCEAFBAF71A54F744C68109A1087B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12346
Expires: Thu, 01 Dec 2022 01:15:10 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive

ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D

185.147.80.35

302 Found

0 B

URL HTTP/1.1
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
185.147.80.35:0
ASN
#41722 Miran Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Wed, 30 Nov 2022 21:49:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=SFDSOUEI
Set-Cookie: uid=SFDSOUEI; Expires=Thu, 01 Dec 2032 00:00:00 GMT; mf2=1; Expires=Sat, 31 Dec 2022 00:00:00 GMT;

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.214

302 Moved Temporarily

142 B

URL HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.214:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=1603420AE4CF87630800615D02E16B7D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDFmOHz+RdYQAIfWvhArg81VUPwOiapE7T05sEnka5PVPJ; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293

78.46.100.125

302 Found

0 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293
IP
78.46.100.125:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=dab5eef1-70f8-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 21:49:24 GMT; SameSite=None; Secure
uid-legacy=dab5eef1-70f8-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 21:49:24 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293&cs=1
X-Firefox-Spdy: h2

sync.republer.com/match?dsp=sape

23.88.82.46

204 No Content

0 B

URL HTTP/2
sync.republer.com/match?dsp=sape
IP
23.88.82.46:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

muddymoose.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

209.17.116.160

200 OK

40 kB

URL HTTP/2
muddymoose.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
data
Size
40 kB (39902 bytes)
Hash
e807a9dde694386d580353540c726a6c
98705fc9dac5d33ef02b413e36fe582d7e56e719
d645608903dca184de572a65f694057c25fd7af8c32d87a52e43bd5587b161b4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Apr 2020 19:42:48 GMT
etag: W/"17a69-5a33149b0060a"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

ut.rktch.com/matchspm?pi=1000005&pui=0100007FE3CF87634D03BA9A0221A293

89.108.97.2

302 Found

0 B

URL HTTP/1.1
ut.rktch.com/matchspm?pi=1000005&pui=0100007FE3CF87634D03BA9A0221A293
IP
89.108.97.2:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /matchspm?pi=1000005&pui=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=7b8e4e1abee8289793e6c2572d91de10b29d; Max-Age=2592000; Expires=Fri, 30 Dec 2022 21:49:24 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6b9efc56a5c83007514905bc0fbb010e
9133a19f469b8cc3d2fb36399c0955554b0fe1da
d0c5cd5deea1f0b5e77402c785309b5088f732f05ddb5a2ef90f66541c4f0aa5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 15:41:02 GMT
Expires: Tue, 06 Dec 2022 15:41:01 GMT
Etag: "9133a19f469b8cc3d2fb36399c0955554b0fe1da"
Cache-Control: max-age=495696,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7726caf21f7bb505-OSL

stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293

109.248.237.37

302 Found

0 B

URL HTTP/2
stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293
IP
109.248.237.37:0
ASN
#201009 Centre of server systems Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9769e2a53532bb8b5c5c80cb1082693b
9a010d35c1889ce7f705a595e9a958b41d652780
fccc7f3f9e20887c0121de115349c0d795c053504c79c0f37c9f072b7e1d8240

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2645
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Last-Modified: Wed, 30 Nov 2022 21:05:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
6ae6fbfa7ddaa9a503215f41ebd4c685
3f0df12eae694413fdccf34b08ccbc0b13e6b5cf
a01b2e4931ae411967e0a539662709883cfd3780476c9a6b1c77731d0395c329

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 04 Dec 2022 17:47:58 GMT
ETag: "3f0df12eae694413fdccf34b08ccbc0b13e6b5cf"
Last-Modified: Wed, 30 Nov 2022 17:47:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2852
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf27934b521-OSL

www.acint.net/match?dp=129&euid=vs1p2wpl81

193.3.184.137

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=129&euid=vs1p2wpl81
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=129&euid=vs1p2wpl81 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.dmp.otm-r.com/match/sape?id=0100007FE3CF87634D03BA9A0221A293

194.55.244.179

204 No Content

0 B

URL HTTP/2
sync.dmp.otm-r.com/match/sape?id=0100007FE3CF87634D03BA9A0221A293
IP
194.55.244.179:0
ASN
#34959 Kviktel LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.23.2
date: Wed, 30 Nov 2022 21:49:24 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

s.uuidksinc.net/match/396/?remote_uid=0100007FE3CF87634D03BA9A0221A293

31.220.27.134

302 Found

0 B

URL HTTP/2
s.uuidksinc.net/match/396/?remote_uid=0100007FE3CF87634D03BA9A0221A293
IP
31.220.27.134:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.19.0
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=EksMVDd2SMcDV9vqP6XV
set-cookie: jcsuuid=EksMVDd2SMcDV9vqP6XV; expires=Thu, 30 Nov 2023 21:49:24 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.acint.net/match?dp=95&euid=SFDSOUEI

193.3.184.137

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=95&euid=SFDSOUEI
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=95&euid=SFDSOUEI HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

muddymoose.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12

209.17.116.160

200 OK

9.5 kB

URL HTTP/2
muddymoose.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
ASCII text, with very long lines (28088)
Size
9.5 kB (9524 bytes)
Hash
dd45ab09383d8ece86bd2e2ce9a53c23
33f44eecac0826edea9fe9c305eb81e47600eae8
bc5fcb371f2b295548e793a642bb43bfae65137c396e3c96b9818cad523fced3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.12 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 29 Apr 2020 22:02:30 GMT
etag: W/"d159-5a4751abb368e"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a51bed3d90e4059a74ba9368573a2147
a3435cd6360fff30efb00edf9867583870965d5e
df8bc13f0a8eaa6496dafa686c74add64ea7356acfd00788920a86a9bc02e273

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8BC13F0A8EAA6496DAFA686C74ADD64EA7356ACFD00788920A86A9BC02E273"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12331
Expires: Thu, 01 Dec 2022 01:14:55 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive

muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.css?ver=a7904b60096de2d1d2fe78a40934634d

209.17.116.160

200 OK

6.2 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.css?ver=a7904b60096de2d1d2fe78a40934634d
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
ASCII text, with very long lines (29342), with no line terminators
Size
6.2 kB (6195 bytes)
Hash
f7f784d11d62987a9d8ffb91a04fdd7a
1a70a320b51e26035b9e0e2a9268e288c35a8012
1529019624a83352415383a8332076d737581e94c01419eb9e6670a7603525ef

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/7-layout.css?ver=a7904b60096de2d1d2fe78a40934634d HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 09 Sep 2022 15:30:09 GMT
etag: W/"729e-5e84038a44772"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293&cs=1

78.46.100.125

200 OK

35 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293&cs=1
IP
78.46.100.125:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FE3CF87634D03BA9A0221A293&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=dab5eef1-70f8-11ed-8677-901b0e934d81
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=dab5eef1-70f8-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 21:49:24 GMT; SameSite=None; Secure
uid-legacy=dab5eef1-70f8-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 21:49:24 GMT
X-Firefox-Spdy: h2

acint.net/match?dp=14&euid=1603420AE4CF87630800615D02E16B7D

193.3.184.137

200 OK

43 B

URL HTTP/2
acint.net/match?dp=14&euid=1603420AE4CF87630800615D02E16B7D
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=1603420AE4CF87630800615D02E16B7D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D

116.202.236.171

301 Moved Permanently

115 B

URL HTTP/2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
116.202.236.171:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
115 B (115 bytes)
Hash
42151893e71634bac6d6635a388056f6
60b3b797b701afbab0f88efac90dda255cec6e96
7ac868a26812ca37596d28f7ca5049cbaa42859890a5d38ae76bccd66ff9a271

HTTP Headers

GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=8f433a8f-d302-406f-59ae-0c4d312f5f64
serverid: TODO
X-Firefox-Spdy: h2

0100007fe3cf87634d03ba9a0221a293-sp.ops.beeline.ru/p?ssp=sp&id=0100007FE3CF87634D03BA9A0221A293

37.9.245.57

301 Moved Permanently

0 B

URL HTTP/2
0100007fe3cf87634d03ba9a0221a293-sp.ops.beeline.ru/p?ssp=sp&id=0100007FE3CF87634D03BA9A0221A293
IP
37.9.245.57:0
ASN
#16345 PVimpelCom

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: 0100007fe3cf87634d03ba9a0221a293-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=98249774-50a1-455e-901f-7d8d8a8db5f5
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=98249774-50a1-455e-901f-7d8d8a8db5f5; expires=Tue, 21 Nov 2023 21:49:24 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.32
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

142.250.74.74

200 OK

56 kB

URL HTTP/2
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2469)
Size
56 kB (56247 bytes)
Hash
ae982bda467166cfab5d71a97e24ef33
da59be6fc15e9ee90cf86529a56ae4f53ab33cfb
12a3d40d1606dad192f6633ab51d725042acb8d79cf821a76d21631fc65639c7

HTTP Headers

GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56247
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=12
date: Wed, 30 Nov 2022 21:27:46 GMT
expires: Wed, 30 Nov 2022 21:57:46 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 1298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/check?sspuid=0100007FE3CF87634D03BA9A0221A293

31.172.81.172

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/check?sspuid=0100007FE3CF87634D03BA9A0221A293
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/check?sspuid=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape

mediatoday.ru/core/match.gif?s=32&id=0100007FE3CF87634D03BA9A0221A293

139.45.228.100

200 OK

43 B

URL HTTP/2
mediatoday.ru/core/match.gif?s=32&id=0100007FE3CF87634D03BA9A0221A293
IP
139.45.228.100:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /core/match.gif?s=32&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUzUNWocIPbd45D; expires=Sat, 27-Nov-2032 21:49:24 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2

sync.bumlam.com/?src=sap1&s_data=CAIQARjkn5-cBmIgMDEwMDAwN0ZFM0NGODc2MzREMDNCQTlBMDIyMUEyOTOiARDav_cucPgR7asVACWQyCQ3

31.172.81.160

200 OK

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&s_data=CAIQARjkn5-cBmIgMDEwMDAwN0ZFM0NGODc2MzREMDNCQTlBMDIyMUEyOTOiARDav_cucPgR7asVACWQyCQ3
IP
31.172.81.160:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&s_data=CAIQARjkn5-cBmIgMDEwMDAwN0ZFM0NGODc2MzREMDNCQTlBMDIyMUEyOTOiARDav_cucPgR7asVACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 21:49:24 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

acint.net/match?dp=110&euid=093bcf05fa264c919979a0c737a2d3fb

193.3.184.137

200 OK

43 B

URL HTTP/2
acint.net/match?dp=110&euid=093bcf05fa264c919979a0c737a2d3fb
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=110&euid=093bcf05fa264c919979a0c737a2d3fb HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

nr.bidderstack.com/sape/cm?user_id=0100007FE3CF87634D03BA9A0221A293

23.88.12.14

200 OK

44 B

URL HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=0100007FE3CF87634D03BA9A0221A293
IP
23.88.12.14:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

HTTP Headers

GET /sape/cm?user_id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=b1ef5401-1a7d-45d8-9bcd-0ea5a81feb65; domain=.bidderstack.com; path=/; expires=Thu, 30-Nov-2023 21:49:24 GMT;
Access-Control-Allow-Credentials: true

www.acint.net/match?dp=127&euid=EksMVDd2SMcDV9vqP6XV

193.3.184.137

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=127&euid=EksMVDd2SMcDV9vqP6XV
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=EksMVDd2SMcDV9vqP6XV HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0

176.9.8.252

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
176.9.8.252:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1669844964247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=5e71de10-948a-45f3-a9d9-491cf1b27881;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=5e71de10-948a-45f3-a9d9-491cf1b27881;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=5e71de10-948a-45f3-a9d9-491cf1b27881
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

muddymoose.com/wp-content/plugins/bb-plugin/css/fl-slideshow.min.css?ver=2.4.2.4

209.17.116.160

200 OK

2.1 kB

URL HTTP/2
muddymoose.com/wp-content/plugins/bb-plugin/css/fl-slideshow.min.css?ver=2.4.2.4
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
ASCII text, with very long lines (9623), with no line terminators
Size
2.1 kB (2143 bytes)
Hash
b9e7e9b67eb7c3432ddfde220a9e96a3
d7f4e38f9868f4c424f5047c4a23e802db945dce
18e8f4f965c986de519672d7f72bff099960a8ac9c0044c9662ca63944a687da

HTTP Headers

GET /wp-content/plugins/bb-plugin/css/fl-slideshow.min.css?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:40 GMT
etag: W/"2597-5c61a241389e5"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f42124f2ea5983e6f12ef55ec5663bae
400804fa4f63a3400afb61f14687414a2c795ce1
ff2f35f7c00e329aa04725c12e30c10c36fb9e1f48386f91a8c15e2cd1a34643

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF2F35F7C00E329AA04725C12E30C10C36FB9E1F48386F91A8C15E2CD1A34643"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13127
Expires: Thu, 01 Dec 2022 01:28:11 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive

sync.bumlam.com/?src=sape

31.172.81.160

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sape
IP
31.172.81.160:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 21:49:24 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=dabff72e-70f8-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.acint.net/match?dp=126&euid=8f433a8f-d302-406f-59ae-0c4d312f5f64

193.3.184.137

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=126&euid=8f433a8f-d302-406f-59ae-0c4d312f5f64
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=126&euid=8f433a8f-d302-406f-59ae-0c4d312f5f64 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=111&euid=98249774-50a1-455e-901f-7d8d8a8db5f5

193.3.184.137

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=111&euid=98249774-50a1-455e-901f-7d8d8a8db5f5
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=111&euid=98249774-50a1-455e-901f-7d8d8a8db5f5 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

dmp.gotechnology.io/match/sape?id=0100007FE3CF87634D03BA9A0221A293

167.235.32.7

302 Found

0 B

URL HTTP/2
dmp.gotechnology.io/match/sape?id=0100007FE3CF87634D03BA9A0221A293
IP
167.235.32.7:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=0100007FE3CF87634D03BA9A0221A293&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6fd105d27beebbe7df8ca8ae6eaabf91
8b1b23b1c6c117c8b8093b64c04d3f0e1ba114f5
7e8dcea46878a1b704a1e086b299fc17586264d8b4f8f6c60112ead8a5667e24

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E8DCEA46878A1B704A1E086B299FC17586264D8B4F8F6C60112EAD8A5667E24"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=673
Expires: Wed, 30 Nov 2022 22:00:37 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive

pix.bumlam.com/sync/sape/sync_ok?guid=dabff72e-70f8-11ed-ab15-002590c82437

31.172.81.172

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/sync_ok?guid=dabff72e-70f8-11ed-ab15-002590c82437
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/sync_ok?guid=dabff72e-70f8-11ed-ab15-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://dabff72e-70f8-11ed-ab15-002590c82437.n4.sync.bumlam.com/?src=sape

www.acint.net/match?dp=71&euid=5e71de10-948a-45f3-a9d9-491cf1b27881

193.3.184.137

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=71&euid=5e71de10-948a-45f3-a9d9-491cf1b27881
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=71&euid=5e71de10-948a-45f3-a9d9-491cf1b27881 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/2020/04/mmpic1-768x1024.jpg

209.17.116.160

200 OK

192 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/2020/04/mmpic1-768x1024.jpg
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 768x1024, components 3\012- data
Size
192 kB (191754 bytes)
Hash
c9702a5f187cbf9f0a0e9068a2fa7bca
ade4193ccbf4516bdef8e1fbd02a12b1b109e0cf
85b935c2ba0abf168ee94bf3a4707172a9b5600c2d581515dbbfe8c30e9012ea

HTTP Headers

GET /wp-content/uploads/2020/04/mmpic1-768x1024.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: image/jpeg
content-length: 191754
last-modified: Mon, 13 Apr 2020 19:41:23 GMT
etag: "2ed0a-5a331449ebc5d"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

muddymoose.com/favicon.ico

209.17.116.160

200 OK

0 B

URL HTTP/2
muddymoose.com/favicon.ico
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Cookie: fid=29ec144b-380a-404a-a7e7-043a5c5a4df4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/x-icon
content-length: 0
last-modified: Mon, 13 Apr 2020 19:37:48 GMT
etag: "0-5a33137c6307b"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

cs.agency2.ru/p?ssp=sp&uid=0100007FE3CF87634D03BA9A0221A293

23.111.107.44

301 Moved Permanently

0 B

URL HTTP/1.1
cs.agency2.ru/p?ssp=sp&uid=0100007FE3CF87634D03BA9A0221A293
IP
23.111.107.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&uid=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=95f3567d-2185-4a7c-86a7-51d42879ab93
Set-Cookie: uuid=95f3567d-2185-4a7c-86a7-51d42879ab93; expires=Tue, 21 Nov 2023 21:49:24 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js

142.250.74.3

200 OK

69 kB

URL HTTP/2
maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2669)
Size
69 kB (68704 bytes)
Hash
c088038bb01fdc7f15f21e2216b6b8b4
fa724c5616022f6825ac476354c492b0bf544d21
b0ecfa74efada796d206177e1bc78c7ac75250608051c6576335c6231fc2de78

HTTP Headers

GET /maps-api-v3/embed/js/51/1/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 04:52:12 GMT
expires: Thu, 30 Nov 2023 04:52:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 21:36:22 GMT
content-type: text/javascript
age: 61032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adlmerge.com/merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293

95.211.66.35

200 OK

86 B

URL HTTP/2
adlmerge.com/merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293
IP
95.211.66.35:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
86 B (86 bytes)
Hash
cd01ca32a344e7529987fed41a31de69
4558538a8b95d32e8209cabc21462c0cbb8789e1
d243a8594bf956ada2c21d571ef312c61cbcbfc655b50efd1a55c11c2c4427a7

HTTP Headers

GET /merge_gpsid/?sid=50&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2

dmp.gotechnology.io/match/sape?id=0100007FE3CF87634D03BA9A0221A293&chk=1

167.235.32.7

302 Found

0 B

URL HTTP/2
dmp.gotechnology.io/match/sape?id=0100007FE3CF87634D03BA9A0221A293&chk=1
IP
167.235.32.7:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=0100007FE3CF87634D03BA9A0221A293&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/NTY3ODgyZjY4MTU5OTViZA
set-cookie: pid=NTY3ODgyZjY4MTU5OTViZA; expires=Thu, 30 Nov 2023 21:49:24 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
04544caa268aa7cccf11691396fd33fa
0fbc1ec62717acbd8e9a24f20905029cb1670987
fd24756e6773ec189e73523dcf58fc8ce3460d614faeac26b9140cc2afd7e557

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD24756E6773EC189E73523DCF58FC8CE3460D614FAEAC26B9140CC2AFD7E557"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10646
Expires: Thu, 01 Dec 2022 00:46:50 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive

dabff72e-70f8-11ed-ab15-002590c82437.n4.sync.bumlam.com/?src=sape

82.146.53.26

302 Moved Temporarily

0 B

URL HTTP/1.1
dabff72e-70f8-11ed-ab15-002590c82437.n4.sync.bumlam.com/?src=sape
IP
82.146.53.26:0
ASN
#29182 JSC IOT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: dabff72e-70f8-11ed-ab15-002590c82437.n4.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: close
Location: https://pix.bumlam.com/sync/sape/done

ssp.bidvol.com/usersync?dspcsid=8&redirect=1

65.109.65.187

302 Found

1.4 kB

URL HTTP/2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
65.109.65.187:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
1.4 kB (1414 bytes)
Hash
a068f2d8369d1a1f46b3626f6748bb16
7c6d69530107984181a0cdb31cdf58bcfdc8b664
de1945572eede0f5495faf774e105b5a9cfed25880867d138c38eaacb82915c8

HTTP Headers

GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.0
date: Wed, 30 Nov 2022 21:49:24 GMT
x-request-id: 55ea45a9-dd43-4ca4-b02e-2d8570f00021
set-cookie: bvuid=vs1p2wpl81; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=vs1p2wpl81; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=vs1p2wpl81
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
a068f2d8369d1a1f46b3626f6748bb16
7c6d69530107984181a0cdb31cdf58bcfdc8b664
de1945572eede0f5495faf774e105b5a9cfed25880867d138c38eaacb82915c8

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 04 Dec 2022 19:49:35 GMT
ETag: "7c6d69530107984181a0cdb31cdf58bcfdc8b664"
Last-Modified: Wed, 30 Nov 2022 19:49:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2754
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf58e9db521-OSL

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691

195.209.108.49

302 Moved Temporarily

0 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
195.209.108.49:0
ASN
#52007 LLC AdRiver

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5076541672; expires=Fri, 29 Nov 2024 21:49:24 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5076541672
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-PPh2NNA7qaAiGikw

142.250.74.130

200 OK

170 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-PPh2NNA7qaAiGikw
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
170 B (170 bytes)
Hash
e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

HTTP Headers

GET /pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-PPh2NNA7qaAiGikw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
date: Wed, 30 Nov 2022 21:49:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
411d3ad688493b55b6bf08d4712e670f
0a6ae69196a293468b5348227cdd36ccebd918d2
a37b2dcd55d74baa6c3ea45657f6d9bcc8b0b02875dd7b48e4b50cbf3b2d3e87

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 04 Dec 2022 17:52:37 GMT
ETag: "0a6ae69196a293468b5348227cdd36ccebd918d2"
Last-Modified: Wed, 30 Nov 2022 17:52:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2552
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf5aed1b521-OSL

ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FE3CF87634D03BA9A0221A293

81.222.128.215

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FE3CF87634D03BA9A0221A293
IP
81.222.128.215:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
c85ae5715c5dd3305628d7e290853c60
4051633741212c3e83cf57866b2986efc881d4c8
8aff49d37cd717175d4450a095b71e93ec964a2a3693922e7c0244a2488d32ae

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 04 Dec 2022 18:37:48 GMT
ETag: "4051633741212c3e83cf57866b2986efc881d4c8"
Last-Modified: Wed, 30 Nov 2022 18:37:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1441
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf5ff45b521-OSL

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5f9ec7b9a4f6f9f6e80876bb96d202e3
6cb872a2c7967b7b485d210acc5cc2b837b5a9f8
43ea672dcbd5bfd7f32f70380732dc897b68c5e2d8ac57f3d37cb343c6e37ba5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43EA672DCBD5BFD7F32F70380732DC897B68C5E2D8AC57F3D37CB343C6E37BA5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8569
Expires: Thu, 01 Dec 2022 00:12:13 GMT
Date: Wed, 30 Nov 2022 21:49:24 GMT
Connection: keep-alive

muddymoose.com/wp-content/uploads/2020/04/mmpic45-1024x768.jpg

209.17.116.160

200 OK

145 kB

URL HTTP/2
muddymoose.com/wp-content/uploads/2020/04/mmpic45-1024x768.jpg
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x768, components 3\012- data
Size
145 kB (144556 bytes)
Hash
2b64655b50e648410fa6ecb758234b2d
9d4d7661c6be689062a9d65c45113ae9b03db955
3d8a775aa3334a4f9b159d2c11f09c61cb1c8b9f70e1f87389d0eeb018100949

HTTP Headers

GET /wp-content/uploads/2020/04/mmpic45-1024x768.jpg HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Cookie: fid=29ec144b-380a-404a-a7e7-043a5c5a4df4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/jpeg
content-length: 144556
last-modified: Mon, 13 Apr 2020 19:41:53 GMT
etag: "234ac-5a33146655361"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=454190,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7726caf5eec6b4f4-OSL

pix.bumlam.com/sync/sape/done

31.172.81.172

200 OK

43 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/done
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkYWJmZjcyZS03MGY4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
7dcecaac2cc647c3c9371ddf6c6ff760
7fb0fe4fc8c67c92d229d6df070f61914945e9b6
b08688f159bd765d5bcdf55ff073b9f598ca26d6514e58e0be3d99870cef49a1

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 04 Dec 2022 20:59:43 GMT
ETag: "7fb0fe4fc8c67c92d229d6df070f61914945e9b6"
Last-Modified: Wed, 30 Nov 2022 20:59:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 326
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf64f5ab4f4-OSL

tag.digitaltarget.ru/adcm.js

185.15.175.145

200 OK

3.1 kB

URL HTTP/1.1
tag.digitaltarget.ru/adcm.js
IP
185.15.175.145:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (3051), with no line terminators
Size
3.1 kB (3051 bytes)
Hash
e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

HTTP Headers

GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Wed, 30 Nov 2022 21:34:07 GMT
Connection: keep-alive
ETag: "6387cc4f-beb"
Accept-Ranges: bytes

ad.mail.ru/cm.gif?p=48&id=0100007FE3CF87634D03BA9A0221A293

95.163.41.56

200 OK

43 B

URL HTTP/2
ad.mail.ru/cm.gif?p=48&id=0100007FE3CF87634D03BA9A0221A293
IP
95.163.41.56:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /cm.gif?p=48&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=3YhbTb3Fu62E002Byw1_W3YE:::0-0-0-8a228a4:CAASECgYjtS96u_o5ozz1QWloJ0aYDWcoXTWxmC77s9FxBAG6Hvql7AKjBt4bNhPgp8rFoE9u-ki8GWwWd4U6FNJuOXi3lTVtEEG3_tVI8VOIOHQ0QnW7jSksPubD1cZLFA_ga8VqMbqdGV5fbXX546cGu3GbA; path=/; expires=Fri, 01-Dec-23 21:49:24 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 01 Dec 2022 03:49:24 GMT
cache-control: max-age=21600
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293

77.88.21.90

302 Found

492 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293
IP
77.88.21.90:0
ASN
#13238 YANDEX LLC

File type
data
Size
492 B (492 bytes)
Hash
ed1aff791b0099a8ad461ddf339f79ed
d677e4afe79e0bca4924f5f2aafff91d2a574196
118d0cc44d94e15e821799f06e127f2689b6f739f0e21721dc3dc2a5d8b9605c

HTTP Headers

GET /mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293?redir-setuniq=1
date: Wed, 30 Nov 2022 21:49:24 GMT
set-cookie: yandexuid=8432908741669844964; domain=.yandex.ru; path=/; expires=Sat, 27-Nov-2032 21:49:24 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 21:49:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293

188.42.196.115

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
tuuid=28302b66-4f87-524f-9238-3ff2f1bff017; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
ut=Y4fP5QACNmj4-jZz70HOc4f8nqQLNEFPEmB_Tw==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D

77.245.57.72

200 OK

0 B

URL HTTP/1.1
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
77.245.57.72:0
ASN
#36057 WEBAIR-INTERNET-MTL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: close

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2e6727238eddf2dbc0c32a99b17a8f24
a7fe53809acbed028ceb25f3bbc1fc174eac3eff
d01e92f3492460eb71ec1133efc65c042ea3b90bfeebbc97b3cd9acb4398d2f1

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4732
Cache-Control: max-age=92185
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Etag: "63868281-1d7"
Expires: Thu, 01 Dec 2022 23:25:49 GMT
Last-Modified: Tue, 29 Nov 2022 22:06:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5076541672

195.209.108.49

302 Moved Temporarily

40 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5076541672
IP
195.209.108.49:0
ASN
#52007 LLC AdRiver

File type
ASCII text, with CRLF line terminators
Size
40 B (40 bytes)
Hash
251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5076541672 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Fri, 29 Nov 2024 21:49:24 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
36005cf389f7a8c8ac2a34dbb51bda0a
d4a3788867e7eaa8422fda443b1d2e882d443cbc
897e5d004db6dbbdaf9662d2c3829c881efda0f5fc41acdb401b436cda544b33

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 04 Dec 2022 19:42:36 GMT
ETag: "d4a3788867e7eaa8422fda443b1d2e882d443cbc"
Last-Modified: Wed, 30 Nov 2022 19:42:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 83
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7726caf6a83ab521-OSL

ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293&crf=1

188.42.196.115

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293&crf=1
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=73&external_user_id=0100007FE3CF87634D03BA9A0221A293&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
tuuid=1941311b-ad1c-524f-b87a-16e2dbfdd906; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
ut=Y4fP5AAJpMCuJSzcZuOPc0jt8kokxncvW5toFw==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

sape-sync.rutarget.ru/sync

45.9.26.83

302 Moved Temporarily

0 B

URL HTTP/1.1
sape-sync.rutarget.ru/sync
IP
45.9.26.83:0
ASN
#208677 Cloud technology Limited (Ltd.)

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=ORvOhxXaSjG9
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=ORvOhxXaSjG9; Path=/; Domain=.rutarget.ru; Expires=Mon, 29 May 2023 21:49:24 GMT; SameSite=None; Secure

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
cb4ce3d8de13973a6e1d5c083bf8f4bb
8f39db8d7c9f487d84ea69b11b779ebabcd15c27
5bec501284238586786df4a3da7f64a2d7b01a6d0391437ac12f62c1df4d311e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 30 Nov 2022 20:21:36 GMT
Expires: Thu, 01 Dec 2022 20:21:36 GMT
ETag: "8f39db8d7c9f487d84ea69b11b779ebabcd15c27"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

193.3.184.137

302 Found

154 B

URL HTTP/2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FE3CF87634D03BA9A0221A293
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sm.rtb.mts.ru/p?ssp=sape&id=0100007FE3CF87634D03BA9A0221A293

217.66.147.41

301 Moved Permanently

0 B

URL HTTP/1.1
sm.rtb.mts.ru/p?ssp=sape&id=0100007FE3CF87634D03BA9A0221A293
IP
217.66.147.41:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sape&id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FE3CF87634D03BA9A0221A293
Set-Cookie: dspid=d5b17cac-c23b-4e92-bb7e-10a32792fe0f; expires=Tue, 21 Nov 2023 21:49:24 GMT; domain=.mts.ru; path=/; secure; SameSite=None

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=454190,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7726caf5bbceb505-OSL

redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect

35.190.24.218

302 Found

0 B

URL HTTP/2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP
35.190.24.218:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: Weborama Collect Frontend
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1008601827
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
set-cookie: AFFICHE_W=yMCoOSqu0UbI36; expires=Thu, 28 Dec 2023 21:49:24 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.acint.net/match?dp=104&euid=ORvOhxXaSjG9

193.3.184.137

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=104&euid=ORvOhxXaSjG9
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=104&euid=ORvOhxXaSjG9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission; cSyncDp7v2=1669844963; cSyncDp14v3=1669844963; cSyncDp17=1669844963; cSyncDp32=1669844963; cSyncDp45v3=1669844963; cSyncDp53=1669844963; cSyncDp54v2=1669844963; cSyncDp62=1669844963; cSyncDp67v2=1669844963; cSyncDp68=1669844963; cSyncDp71=1669844963; cSyncDp77=1669844963; cSyncDp84=1669844963; cSyncDp85=1669844963; cSyncDp95v3=1669844963; cSyncDp101=1669844963; cSyncDp104v2=1669844963; cSyncDp107=1669844963; cSyncDp110=1669844963; cSyncDp111v2=1669844963; cSyncDp112v2=1669844963; cSyncDp125v2=1669844963; cSyncDp126=1669844963; cSyncDp127=1669844963; cSyncDp129=1669844963; cSyncDp136v2=1669844963; cSyncDp138=1669844963; cSyncDp146=1669844963; cSyncDp148=1669844963; cSyncDp149v2=1669844963; cSyncDp151=1669844963; cSyncDp178=1669844963; cSyncDp179=1669844963; cSyncDp186=1669844963; cSyncDp221=1669844963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FE3CF87634D03BA9A0221A293

81.222.128.215

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FE3CF87634D03BA9A0221A293
IP
81.222.128.215:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

tag.digitaltarget.ru/processor.js?i=901256768866222

185.15.175.145

200 OK

16 kB

URL HTTP/1.1
tag.digitaltarget.ru/processor.js?i=901256768866222
IP
185.15.175.145:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (15897), with no line terminators
Size
16 kB (15897 bytes)
Hash
c9571a7ce0a22f154c74bdc8e35523e0
101feba577e71fc076ea5bf3f4af08b5d3fe988d
51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0

HTTP Headers

GET /processor.js?i=901256768866222 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Type: application/javascript
Content-Length: 15897
Last-Modified: Wed, 30 Nov 2022 21:34:08 GMT
Connection: keep-alive
ETag: "6387cc50-3e19"
Accept-Ranges: bytes

px.adhigh.net/p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293

193.232.150.149

302 Found

0 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293
IP
193.232.150.149:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 21:49:24 GMT
content-length: 0
x-backend-id: f16-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=uPcBq8620Jzb.AikABlGEyoQWWA;Path=/;Domain=.adhigh.net;Expires=Thu, 30-Nov-2023 21:49:24 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293&bounced=1
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D

188.42.196.115

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
tuuid=58953218-3a04-524f-9f70-d807fcf717e3; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
ut=Y4fP5AAIZHC0o9JNrD3fJTPQt2BLoXfAlXny6g==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:24 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FE3CF87634D03BA9A0221A293

217.66.147.41

200 OK

0 B

URL HTTP/1.1
sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FE3CF87634D03BA9A0221A293
IP
217.66.147.41:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/second?ssp=30&exu=0100007FE3CF87634D03BA9A0221A293 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:24 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1008601827

35.190.24.218

204 No Content

0 B

URL HTTP/2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1008601827
IP
35.190.24.218:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1008601827 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Wed, 30 Nov 2022 21:49:24 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 30 Nov 2022 21:49:25 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.4.2.4

209.17.116.160

200 OK

8.6 kB

URL HTTP/2
muddymoose.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.4.2.4
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
data
Size
8.6 kB (8609 bytes)
Hash
9737c53caca7d3732f4e43845bdcfb16
cb046455bf60c556b92bff863010336d6a9bb308
fa94d89e2af74be562608d903c977f43e5f5ccb93d4e25e522f62efdfdb62238

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:49 GMT
etag: W/"4eba-5c61a24995402"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1

188.42.196.115

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
tuuid=910cbf9e-c60d-524f-ab93-9dadc8145248; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
ut=Y4fP5QAA8jDnlSrZZIt4B0bVbicr1plwDnxpXg==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 21:49:25 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
cb4ce3d8de13973a6e1d5c083bf8f4bb
8f39db8d7c9f487d84ea69b11b779ebabcd15c27
5bec501284238586786df4a3da7f64a2d7b01a6d0391437ac12f62c1df4d311e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 30 Nov 2022 21:49:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 30 Nov 2022 20:21:36 GMT
Expires: Thu, 01 Dec 2022 20:21:36 GMT
ETag: "8f39db8d7c9f487d84ea69b11b779ebabcd15c27"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

muddymoose.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.4.12

209.17.116.160

200 OK

696 B

URL HTTP/2
muddymoose.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.4.12
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
ASCII text, with very long lines (1954), with no line terminators
Size
696 B (696 bytes)
Hash
504fa048b4187f1a65c6d50b24d080c2
41c2844bc9f3b2e5ea9886c280d5ee4016bac9f8
d550e2c95f1bf6fdf75504d0c357d81e47385d6381bc0f9988aa860d09f0bcf3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.4.12 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 13 Apr 2020 19:42:18 GMT
etag: W/"7a2-5a33147eac2c4"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

px.adhigh.net/p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293&bounced=1

193.232.150.149

200 OK

49 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293&bounced=1
IP
193.232.150.149:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

HTTP Headers

GET /p/cm/sape?u=0100007FE3CF87634D03BA9A0221A293&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 21:49:25 GMT
content-type: image/gif
content-length: 49
x-backend-id: f16-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b791e396b363c462c259e47f24d08e02
13f187bcacde8ed75da820ced57d0ebe5e8f3351
daac86ec5af86c6307b74075b1b158bf881957605a7234ce1c2306e8071e8547

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAAC86EC5AF86C6307B74075B1B158BF881957605A7234CE1C2306E8071E8547"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6460
Expires: Wed, 30 Nov 2022 23:37:05 GMT
Date: Wed, 30 Nov 2022 21:49:25 GMT
Connection: keep-alive

x01.aidata.io/0.gif?pid=9401454&id=0100007FE3CF87634D03BA9A0221A293&bounce=1

89.108.120.76

204 No Content

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=0100007FE3CF87634D03BA9A0221A293&bounce=1
IP
89.108.120.76:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=0100007FE3CF87634D03BA9A0221A293&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 21:49:25 GMT
expires: Wed, 30 Nov 2022 21:49:24 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
set-cookie: __upin=mOWhnlFOnnAg6vGNGCxSgg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669844965;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9051 bytes)
Hash
05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 86394
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dmg.digitaltarget.ru/1/1093/i/i?i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.147

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.147:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 30 Nov 2022 21:49:25 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965162&i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=5g1OEVScb44z97R7ztRk; Max-Age=93312000; Expires=Fri, 14 Nov 2025 21:49:25 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/1/1093/i/i?i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.147

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.147:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 30 Nov 2022 21:49:25 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965200&i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=yYD.671co2RnXRF7jXc5; Max-Age=93312000; Expires=Fri, 14 Nov 2025 21:49:25 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965162&i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.147

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965162&i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.147:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1669844965162&i=837887356025310.438748135057166&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:25 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965200&i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.147

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669844965200&i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.147:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1669844965200&i=837887356025310.978222753717721&a=77&e=0100007FE3CF87634D03BA9A0221A293&pref=https%3A%2F%2Fmuddymoose.com%2F&c=ss:77.up:0100007FE3CF87634D03BA9A0221A293.sync:up.xdua:duig_gj5_bZ5puMpLZjV1L3h.xps:xpsO6D21J4_FU4TnTspx9owwL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 21:49:25 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 15
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
17 kB (17095 bytes)
Hash
3d41aac6d02feb1fde7283494b19108a
fe3ffb2ab31753daea33fb55bf4b4ace0a6061e7
53c33db0ad6ee509db0ac63ac17d1a529fa2e24686e9212cab7566ade6c98505

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 8131
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 8129
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

muddymoose.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.4

209.17.116.160

200 OK

0 B

URL HTTP/2
muddymoose.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.4
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:42 GMT
etag: W/"e7d0-5c61a243108cf"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

muddymoose.com/wp-content/themes/bb-theme/css/base.min.css?ver=1.7.6.2

209.17.116.160

200 OK

0 B

URL HTTP/2
muddymoose.com/wp-content/themes/bb-theme/css/base.min.css?ver=1.7.6.2
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/bb-theme/css/base.min.css?ver=1.7.6.2 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 28 May 2020 18:03:28 GMT
etag: W/"bd2a-5a6b9254e642b"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10&tc=1

193.3.184.137

200 OK

0 B

URL HTTP/2
www.acint.net/mc/?dp=10&tc=1
IP
193.3.184.137:0
ASN
#50214 QWARTA LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Cookie: aid=fwAAAWOHz+OaugNNk6IhAm3EkA6kh04NObhwm5xrCR1MlRYJ; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1669844963; expires=Thu, 01-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1669844963; expires=Wed, 14-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1669844963; expires=Wed, 14-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1669844963; expires=Wed, 14-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1669844963; expires=Thu, 15-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1669844963; expires=Fri, 30-Dec-22 21:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293?redir-setuniq=1

77.88.21.90

200 OK

0 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293?redir-setuniq=1
IP
77.88.21.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/sapeis/0100007FE3CF87634D03BA9A0221A293?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
timing-allow-origin: *
date: Wed, 30 Nov 2022 21:49:24 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 21:49:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

muddymoose.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.6.2

209.17.116.160

200 OK

0 B

URL HTTP/2
muddymoose.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.6.2
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.6.2 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 28 May 2020 18:03:29 GMT
etag: W/"55d9-5a6b92554f3bf"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

muddymoose.com/wp-content/themes/muddymoose-child/muddymoose-styles.css?ver=1646687323

209.17.116.160

200 OK

0 B

URL HTTP/2
muddymoose.com/wp-content/themes/muddymoose-child/muddymoose-styles.css?ver=1646687323
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/muddymoose-child/muddymoose-styles.css?ver=1646687323 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Mar 2022 21:08:43 GMT
etag: W/"3ff-5d9a744fbb100"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/bb-theme/skin-60de742810617.css?ver=1.7.6.2

209.17.116.160

200 OK

0 B

URL HTTP/2
muddymoose.com/wp-content/uploads/bb-theme/skin-60de742810617.css?ver=1.7.6.2
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/bb-theme/skin-60de742810617.css?ver=1.7.6.2 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 02:04:24 GMT
etag: W/"e521-5c61a5fec6647"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

muddymoose.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.4.2.4

209.17.116.160

200 OK

0 B

URL HTTP/2
muddymoose.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.4.2.4
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:40 GMT
etag: W/"167e-5c61a24137a48"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/gonetdspis/NTY3ODgyZjY4MTU5OTViZA

77.88.21.90

302 Found

0 B

URL HTTP/2
an.yandex.ru/mapuid/gonetdspis/NTY3ODgyZjY4MTU5OTViZA
IP
77.88.21.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/gonetdspis/NTY3ODgyZjY4MTU5OTViZA HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/NTY3ODgyZjY4MTU5OTViZA?redir-setuniq=1
date: Wed, 30 Nov 2022 21:49:24 GMT
set-cookie: yandexuid=8765806421669844964; domain=.yandex.ru; path=/; expires=Sat, 27-Nov-2032 21:49:24 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 21:49:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 21:49:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

muddymoose.com/wp-includes/js/wp-embed.min.js?ver=5.4.12

209.17.116.160

200 OK

0 B

URL HTTP/2
muddymoose.com/wp-includes/js/wp-embed.min.js?ver=5.4.12
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.4.12 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 10:01:42 GMT
etag: W/"592-5bffff3467670"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

muddymoose.com/wp-content/plugins/bb-plugin/js/yui3.min.js?ver=2.4.2.4

209.17.116.160

200 OK

0 B

URL HTTP/2
muddymoose.com/wp-content/plugins/bb-plugin/js/yui3.min.js?ver=2.4.2.4
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/yui3.min.js?ver=2.4.2.4 HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 02 Jul 2021 01:47:49 GMT
etag: W/"3670e-5c61a249af60e"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.js?ver=7d4a639a733668dbe3cdbf8b67b8fc6a

209.17.116.160

200 OK

0 B

URL HTTP/2
muddymoose.com/wp-content/uploads/bb-plugin/cache/7-layout.js?ver=7d4a639a733668dbe3cdbf8b67b8fc6a
IP
209.17.116.160:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/7-layout.js?ver=7d4a639a733668dbe3cdbf8b67b8fc6a HTTP/1.1
Host: muddymoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://muddymoose.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 30 Nov 2022 21:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 09 Sep 2022 15:30:09 GMT
etag: W/"569e-5e84038a5f538"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (34)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations