Report - trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366136154111868987&website=15494-63fd842c&placement=15494&eyeg=1

Report Overview

Submitted URL
trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366136154111868987&website=15494-63fd842c&placement=15494&eyeg=1
IP
51.68.82.147
ASN
#16276 OVH SAS
Submitted
2024-05-07 07:16:12
Access
public
Website Title
Action Blocked!
Final URL
accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tuk.kutberg.com	unknown	unknown	No data	No data	581 B	1.5 kB	99.198.106.194
accuvisitor.com	unknown	2024-02-02	2024-02-02	2024-03-28	4.5 kB	79 kB	51.91.68.47
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	1.6 kB	50 kB	142.250.74.67
get.geojs.io	17418	2017-02-18	2017-03-30	2024-05-06	405 B	1.0 kB	172.67.70.233
trimbuilder.foundation	unknown	2024-04-08	2024-04-22	2024-04-22	1.1 kB	542 B	51.68.81.31
mediaservingoc.com	unknown	2024-02-21	2024-02-21	2024-03-26	725 B	639 B	95.217.42.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	469 B	57 kB	142.250.74.106
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-06	409 B	31 kB	151.101.194.137
wurfl.io	17880	2014-03-25	2014-04-09	2024-05-05	391 B	2.2 kB	13.50.181.252

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-06	medium	mediaservingoc.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf	170 B	2024-05-07	2024-05-07
Pretty URL accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf IP 51.91.68.47 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 09:16:19 Last Seen2024-05-07 09:16:19 Times Seen1 Hash e840f18f78551ffb8353c668c7791c33 b553800b2268dbd9093d8a28122ff1bdf3f8fa67 bb0fbeeccfbcca3ff4c460a983011f19311783fc3cdb34527c73b4c56e23725b Loading...

	get.geojs.io/v1/ip/country.js	82 B	2024-04-01	2024-05-19
Pretty URL get.geojs.io/v1/ip/country.js IP 172.67.70.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-01 17:56:42 Last Seen2024-05-19 12:09:00 Times Seen76 Hash bc6ee8470cd86e343324428608688d37 f1674eb6cd18dceb2bc3151e021d6cc97e7b1d9d 70f6e168492577b5f0ca28a9e982219df1aba2b134a49ab227033d6ff9f0beff Loading...

	accuvisitor.com/3p/script.js	2.0 kB	2024-02-25	2024-05-19
Pretty URL accuvisitor.com/3p/script.js IP 51.91.68.47 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 03:29:57 Last Seen2024-05-19 12:09:00 Times Seen168 Hash 8e8ad12b42350341e870a648dbfa1363 6a5ce0d03d3d8b244a4671a824131b19cbade987 252b35641180eb6f5ef167a3abf6dcef81b012f3d902cc0f46bb009fcd6451b5 Loading...

	code.jquery.com/jquery-3.7.1.min.js	88 kB	2023-08-31	2024-05-19
Pretty URL code.jquery.com/jquery-3.7.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03:19 Last Seen2024-05-19 15:39:58 Times Seen9791 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	unknown	6 B	2023-03-07	2024-05-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-03-07 13:46:59 Last Seen2024-05-19 12:09:00 Times Seen590 Hash e67906ab4373125a18eb2b5a75f59bd2 58ed4e16ee46029764b9e9faef0e08a6c2c3be5e c38ba39cea630681f6bdc6acc7eade251530622bc6f10dda7f1fd77af189a1df Loading...

	wurfl.io/wurfl.js	4.0 kB	2024-03-24	2024-05-19
Pretty URL wurfl.io/wurfl.js IP 13.50.181.252 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-24 12:36:23 Last Seen2024-05-19 12:09:00 Times Seen140 Hash 4e56ee18d87f62dc6297b5d332d1b081 63b4003113f47f2602ac99e828ebf7d615dac68f 2bf5cac174101bde02ebd7664e6dac3f41c3206a3aee299ca2153f4e96d5fd9e Loading...

HTTP Transactions (19)

URL IP Response Size

trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366136154111868987&website=15494-63fd842c&placement=15494&eyeg=1

51.68.81.31

154 B

URL
trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366136154111868987&website=15494-63fd842c&placement=15494&eyeg=1
IP
51.68.81.31:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
6413f9dc38ce131d60db208e7d81a40c
984ebde693bddfdee13b4b06a290b822abdc69ad
bf4d0c2fe5252a3e32908499c90a4da5f961c7a7d989c5ef37b406d145929f1b

HTTP Headers

GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366136154111868987&website=15494-63fd842c&placement=15494&eyeg=1 HTTP/1.1
Host: trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 502 Bad Gateway
Date: Tue, 07 May 2024 07:15:45 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Cache-Control: no-transform

trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366136154111868987&website=15494-63fd842c&placement=15494&eyeg=1

51.68.82.147

0 B

URL
trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366136154111868987&website=15494-63fd842c&placement=15494&eyeg=1
IP
51.68.82.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7366136154111868987&website=15494-63fd842c&placement=15494&eyeg=1 HTTP/1.1
Host: trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 07 May 2024 07:15:45 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://2358ba28.persefone.top/rc/7edf752b35?pubid=pubid&affclick=8268424465742437334

mediaservingoc.com/click.php?key=glg0el5milh3xjhb2jhu&subid=M7366153007563538472&partner_id=20961&pid=20961-45b4929d-c0fb8912&campaign_id=9626e6&browser=Firefox&device=Mozilla+Firefox&app_name=unknown&geo=NO&carrier=NO+WiFi&pcid=9626e6_20961-45b4929d-c0fb8912&pg=20961-NO

95.217.42.163

302 Found

0 B

URL User Request GET HTTP/1.1
mediaservingoc.com/click.php?key=glg0el5milh3xjhb2jhu&subid=M7366153007563538472&partner_id=20961&pid=20961-45b4929d-c0fb8912&campaign_id=9626e6&browser=Firefox&device=Mozilla+Firefox&app_name=unknown&geo=NO&carrier=NO+WiFi&pcid=9626e6_20961-45b4929d-c0fb8912&pg=20961-NO
IP
95.217.42.163:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectmediaservingoc.com
Fingerprint5F:3A:2A:6B:6A:18:7A:54:45:E7:19:86:E9:B2:FD:20:A2:53:EC:C9
ValiditySun, 21 Apr 2024 19:41:20 GMT - Sat, 20 Jul 2024 19:41:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /click.php?key=glg0el5milh3xjhb2jhu&subid=M7366153007563538472&partner_id=20961&pid=20961-45b4929d-c0fb8912&campaign_id=9626e6&browser=Firefox&device=Mozilla+Firefox&app_name=unknown&geo=NO&carrier=NO+WiFi&pcid=9626e6_20961-45b4929d-c0fb8912&pg=20961-NO HTTP/1.1
Host: mediaservingoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.26.0
Date: Tue, 07 May 2024 07:15:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=17ikvc0; expires=Wed, 08-May-2024 07:15:46 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf; expires=Wed, 08-May-2024 07:15:46 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Strict-Transport-Security: max-age=31536000

tuk.kutberg.com/favicon.ico

99.198.106.194

1.2 kB

URL
tuk.kutberg.com/favicon.ico
IP
99.198.106.194:0
ASN
#32475 SINGLEHOP-LLC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
91abe01116ab422c598e9c8af72cf4da
0f2815fe8e067d48537ad168225ab4674271fa27
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: tuk.kutberg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=5168919f&cid=pubd33c7878b99d4553aa92ce1d279d3560&2=pubid
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx
date: Tue, 07 May 2024 07:15:46 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 11 Aug 2023 10:37:02 GMT
etag: "64d60f4e-47e"
expires: Wed, 08 May 2024 07:15:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=604800; persist=1
accept-ranges: bytes

accuvisitor.com/3p/script.js

51.91.68.47

200 OK

2.0 kB

URL GET HTTP/3
accuvisitor.com/3p/script.js
IP
51.91.68.47:443
ASN
#16276 OVH SAS

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerLet's Encrypt
Subjectaccuvisitor.com
Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49
ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT

File type
assembler source, ASCII text
Size
2.0 kB (2029 bytes)
Hash
8e8ad12b42350341e870a648dbfa1363
6a5ce0d03d3d8b244a4671a824131b19cbade987
252b35641180eb6f5ef167a3abf6dcef81b012f3d902cc0f46bb009fcd6451b5

HTTP Headers

GET /3p/script.js HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.25.3
date: Tue, 07 May 2024 07:15:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 2029
last-modified: Tue, 06 Feb 2024 10:52:54 GMT
etag: "65c20f86-7ed"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes

accuvisitor.com/3p/style.css

51.91.68.47

200 OK

3.8 kB

URL GET HTTP/3
accuvisitor.com/3p/style.css
IP
51.91.68.47:443
ASN
#16276 OVH SAS

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerLet's Encrypt
Subjectaccuvisitor.com
Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49
ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT

File type
ASCII text
Size
3.8 kB (3774 bytes)
Hash
4fab41811a8c6b717a86f86ab4de0105
06a085af05ca6879b83eac1498eead0ceddaadac
8cc56e01ec04772b51e8d8a3f8e0cb740a44a501c992a37b10515001cef94d4c

HTTP Headers

GET /3p/style.css HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.25.3
date: Tue, 07 May 2024 07:15:47 GMT
content-type: text/css
content-length: 3774
last-modified: Fri, 02 Feb 2024 21:21:55 GMT
etag: "65bd5cf3-ebe"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes

accuvisitor.com/3p/images/logo.png

51.91.68.47

200 OK

3.2 kB

URL GET HTTP/3
accuvisitor.com/3p/images/logo.png
IP
51.91.68.47:443
ASN
#16276 OVH SAS

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerLet's Encrypt
Subjectaccuvisitor.com
Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49
ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced
Size
3.2 kB (3210 bytes)
Hash
15a34b8fc618b2d90712f47874c211cc
d1d998d74f30c2b5344de2f9f3f3ef4ac2fe03bb
3be024377b052ad72a32aa5de6eabbddf6fd4168d4579cc865c872d8e57fca36

HTTP Headers

GET /3p/images/logo.png HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.25.3
date: Tue, 07 May 2024 07:15:47 GMT
content-type: image/png
content-length: 3210
last-modified: Sun, 04 Feb 2024 19:21:22 GMT
etag: "65bfe3b2-c8a"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes

accuvisitor.com/3p/images/check.png

51.91.68.47

200 OK

2.6 kB

URL GET HTTP/3
accuvisitor.com/3p/images/check.png
IP
51.91.68.47:443
ASN
#16276 OVH SAS

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerLet's Encrypt
Subjectaccuvisitor.com
Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49
ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced
Size
2.6 kB (2649 bytes)
Hash
c0879fd8363b5549b2ed0cec9b042b3b
abeba0b0e5727a368e6bc963aecad9da8ec6f341
7879caae870090c87c28a02d608dd25d1988b6887c30f5ea99a3777964d905f5

HTTP Headers

GET /3p/images/check.png HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.25.3
date: Tue, 07 May 2024 07:15:47 GMT
content-type: image/png
content-length: 2649
last-modified: Sun, 04 Feb 2024 19:21:22 GMT
etag: "65bfe3b2-a59"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes

accuvisitor.com/3p/images/arrow.png

51.91.68.47

200 OK

2.9 kB

URL GET HTTP/3
accuvisitor.com/3p/images/arrow.png
IP
51.91.68.47:443
ASN
#16276 OVH SAS

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerLet's Encrypt
Subjectaccuvisitor.com
Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49
ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced
Size
2.9 kB (2938 bytes)
Hash
d190208ba37115f53c9a9057a130fcf3
5019f7d77731be18d40c89b746a247af4eb91853
25da48f054c6205c8c98783dcf2ca52813c0448180f5313fd17c95604d2ab901

HTTP Headers

GET /3p/images/arrow.png HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.25.3
date: Tue, 07 May 2024 07:15:47 GMT
content-type: image/png
content-length: 2938
last-modified: Sun, 04 Feb 2024 19:21:22 GMT
etag: "65bfe3b2-b7a"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes

code.jquery.com/jquery-3.7.1.min.js

151.101.194.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.7.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
30 kB (30336 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /jquery-3.7.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-155ed"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 07 May 2024 07:15:47 GMT
age: 923943
x-served-by: cache-lga21978-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 5, 176035
x-timer: S1715066147.387965,VS0,VE0
vary: Accept-Encoding
content-length: 30336
X-Firefox-Spdy: h2

wurfl.io/wurfl.js

13.50.181.252

200 OK

1.5 kB

URL GET HTTP/1.1
wurfl.io/wurfl.js
IP
13.50.181.252:443
ASN
#16509 AMAZON-02

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerAmazon
Subjectwurfl.io
Fingerprint84:98:DD:3B:AF:04:6D:BB:FE:28:6C:10:1A:EF:71:B5:3C:48:38:97
ValidityWed, 23 Aug 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3512)
Size
1.5 kB (1488 bytes)
Hash
4e56ee18d87f62dc6297b5d332d1b081
63b4003113f47f2602ac99e828ebf7d615dac68f
2bf5cac174101bde02ebd7664e6dac3f41c3206a3aee299ca2153f4e96d5fd9e

HTTP Headers

GET /wurfl.js HTTP/1.1
Host: wurfl.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
Cache-Control: no-cache
Content-Encoding: br
Content-Type: application/javascript
Cross-Origin-Embedder-Policy: cross-origin
Cross-Origin-Opener-Policy: cross-origin
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 07 May 2024 07:15:47 GMT
Vary: accept-encoding, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version
Content-Length: 1488
Connection: keep-alive

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

142.250.74.106

200 OK

56 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
56 kB (56410 bytes)
Hash
088f0c81284ba649db5b859459961ab4
fb0fc4f4c65377b16aebcc226e27905b815482df
62a6becbff52f4f5de0ab589181ab9988448a33607ac5dc3610bc899cc4816ca

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 07:15:47 GMT
date: Tue, 07 May 2024 07:15:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://accuvisitor.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:03:54 GMT
expires: Fri, 02 May 2025 02:03:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 450713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://accuvisitor.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 251230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://accuvisitor.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 451247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accuvisitor.com/favicon.ico

51.91.68.47

404 Not Found

153 B

URL GET HTTP/3
accuvisitor.com/favicon.ico
IP
51.91.68.47:443
ASN
#16276 OVH SAS

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerLet's Encrypt
Subjectaccuvisitor.com
Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49
ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT

File type
HTML document, ASCII text, with no line terminators
Size
153 B (153 bytes)
Hash
6b0b81c864261cf3a7340fccfaf803ff
f20f1f9b60e76821f868af83941dce31641ea54c
f0f033de8e5147740811165be4c48fb96fb4bd1c249840ccc22735875fe0f753

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
server: nginx/1.25.3
date: Tue, 07 May 2024 07:15:47 GMT
content-type: text/html; charset=utf-8
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
content-encoding: gzip

accuvisitor.com/3p/images/bg.png

51.91.68.47

200 OK

56 kB

URL GET HTTP/3
accuvisitor.com/3p/images/bg.png
IP
51.91.68.47:443
ASN
#16276 OVH SAS

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerLet's Encrypt
Subjectaccuvisitor.com
Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49
ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT

File type
PNG image data, 3500 x 3500, 4-bit colormap, non-interlaced
Size
56 kB (55530 bytes)
Hash
1d3c98099c0b3e2cda9c3ca2cd6a1a89
2bf1561dcfef7eba77215690758f45a8148718df
45dc96c114f10246160edc4407b8a4b517b1b27a43e56aedea256906c1c567c7

HTTP Headers

GET /3p/images/bg.png HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/3p/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
server: nginx/1.25.3
date: Tue, 07 May 2024 07:15:47 GMT
content-type: image/png
content-length: 55530
last-modified: Sun, 04 Feb 2024 19:21:22 GMT
etag: "65bfe3b2-d8ea"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes

accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf

51.91.68.47

200 OK

3.4 kB

URL User Request GET HTTP/2
accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
IP
51.91.68.47:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subjectaccuvisitor.com
Fingerprint61:56:5E:0C:3B:C2:AF:84:9F:43:1F:8E:61:24:4C:59:4B:06:44:49
ValidityTue, 02 Apr 2024 06:05:48 GMT - Mon, 01 Jul 2024 06:05:47 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3594), with no line terminators
Size
3.4 kB (3362 bytes)
Hash
60b081c7969b1e5d8f7d1ea270ccf3ab
c3120b610dfb8e02d46c63923f004f1af9672c73
62b38530eea51c55fb2a34790a087ce187793819a2acdff2a493b1d7d5899b71

HTTP Headers

GET /3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf HTTP/1.1
Host: accuvisitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.25.3
date: Tue, 07 May 2024 07:15:47 GMT
content-type: text/html; charset=UTF-8
accept-ch: DPR, Width, Viewport-Width, Device-Memory, RTT, Downlink, ECT, Save-Data, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Data
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2

get.geojs.io/v1/ip/country.js

172.67.70.233

200 OK

82 B

URL GET HTTP/2
get.geojs.io/v1/ip/country.js
IP
172.67.70.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://accuvisitor.com/3p/?country=Norway&device_name=Desktop&domain=mediaservingoc.com&uclick=17ikvc0&uclickhash=17ikvc0-17ikvc0-ir0-0-523y-ik3y-ikbl-75bacf
Certificate
IssuerLet's Encrypt
Subjectgeojs.io
FingerprintB4:9E:CC:F3:6D:DD:E3:68:A0:4A:B0:10:ED:5E:C2:60:0E:41:FE:36
ValidityMon, 11 Mar 2024 03:28:55 GMT - Sun, 09 Jun 2024 03:28:54 GMT

File type
ASCII text, with no line terminators
Size
82 B (82 bytes)
Hash
750e773c34cbfd6371bdfdf7b9463161
fdb8e6df2f251b201f4b564c4a321b30217f0e96
0be35419f6d82d9d78f2dcf0439d27832787a265a60759ddc7bb785b37ac3e9f

HTTP Headers

GET /v1/ip/country.js HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accuvisitor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 07:15:47 GMT
content-type: application/javascript; charset=utf-8
x-request-id: d7ade5b60409e6dd77b90e31e05a9904-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6iEs77L2idft8Elx%2FlLl%2B1juwMZIZ1Ywhl%2F0CEoC7CbylMNyZrkjq88EvjMykbWto90OZVCQzmr3iWOia5gtYCKlPY6rlBp%2FFj3aZryauGWpXsmOkhyCFbWAxtVIZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87ff6bbcc9e6b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers