urlscan.io logo urlscan.io
SecurityTrails logo

shells.systems Open in urlscan Pro
2606:4700:3031::ac43:ac54  Public Scan

Go To Rescan Add Verdict Report
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Submission: On July 04 via manual from AE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3031::ac43:ac54, located in United States and belongs to CLOUDFLARENET, US. The main domain is shells.systems.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 21st 2021. Valid for: a year.
This is the only time shells.systems was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

64    2606:4700:3031::ac43:ac54 (United States)

ASN13335 (CLOUDFLARENET, US)
shells.systems
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
Domain Requested by
64 shells.systems shells.systems
7 fonts.gstatic.com fonts.googleapis.com
6 www.googletagmanager.com shells.systems
4 secure.gravatar.com shells.systems
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 s.w.org shells.systems
1 fonts.googleapis.com shells.systems
85 7

This site contains links to these domains. Also see Links.

Domain
blog.trendmicro.com
github.com
cybersecuritynews.com
wordpress.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-21 -
2022-06-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2019-12-19 -
2021-12-18		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Frame ID: 514D96E54478D1CB2F021AD52A2E6EAC
Requests: 85 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

85
Requests

100 %
HTTPS

89 %
IPv6

7
Domains

7
Subdomains

9
IPs

3
Countries

6871 kB
Transfer

7348 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/ 		49 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.32
Resource Hash
f4acbda01d9d76f1eb7e7478f073eb3c4aa18f5918f3a4887cce4edc6c8d4e4c

Request headers

:method
GET
:authority
shells.systems
:scheme
https
:path
/reviving-leaked-muddyc3-used-by-muddywater-apt/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.0.32
x-pingback
https://shells.systems/xmlrpc.php
link
<https://shells.systems/wp-json/>; rel="https://api.w.org/" <https://shells.systems/?p=750>; rel=shortlink
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=04Ojk2%2Fi2aU9AdjeV%2FHv7feym4sYxf%2FR%2F%2Bytqv1r5ZHiRXDn%2FncUXDDD1B0f4JqK7nj9oxB%2BAZG6NmQD6PXHB8vJ%2FiqClBdRf7etamd6gy%2BSKOAxmYIJHSq8fMcsYg38FYhBnh0tQOo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66961023d8bd4e80-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38782884-3
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b83dae16d672e3cd393dfb82971d6d4be64059bf7bad332ba03e03433ce2a55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37015
x-xss-protection
0
last-modified
Sun, 04 Jul 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Jul 2021 05:48:10 GMT
style.min.css
shells.systems/wp-includes/css/dist/block-library/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-includes/css/dist/block-library/style.min.css?ver=5.0.2
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a96eb1ccacae26e452d6e147fb29ca8ca20ce183970a3a4fb5febf8662fcc7

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.0.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 09:59:52 GMT
server
cloudflare
age
6750
etag
W/"6f1-63e3-57bdedc44b600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4VARBQaMtVmL63OhcUTRp6hyYYK8ecB%2BEDYMu26oQTGcie26xqVvYiLQzAl0hnxt4C574sSgweXa%2B4pSSfLrZeE5uiZYKKKSXFJ4Fy1H6neJwvyjZ8eqEkcPKUvH9NTnUpm5tk9hK6U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
669610248e6a2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
foobox.free.min.css
shells.systems/wp-content/plugins/foobox-image-lightbox/free/css/ 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-content/plugins/foobox-image-lightbox/free/css/foobox.free.min.css?ver=2.7.16
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f592c1248f3224a2adddaa84e9ec8c8e7ed7a7bcf0913e658534eeb1dd5fe00

Request headers

:path
/wp-content/plugins/foobox-image-lightbox/free/css/foobox.free.min.css?ver=2.7.16
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jan 2021 01:46:15 GMT
server
cloudflare
age
6750
etag
W/"1a46-7312-5b80941667764"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=shOY97AXUg30A0KbyZdfSudJ6Lv0MGGZ1JoWUzp6w3L6RR5F9VFZewRLYsQTdRpjP6OICXneDleD58x45Iaq2kcaLNEcDLzDKvsb7YzilgT9JTABuZyMCpNm0KFxLR%2BjOLs6%2FLFATzs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
669610248e6d2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
css
fonts.googleapis.com/ 		11 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=5.0.2
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b5d2316a8bd48559cecdf09bed4b709f5c16cc8a72b2f70d55c42995889f6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Jul 2021 05:48:10 GMT
server
ESF
date
Sun, 04 Jul 2021 05:48:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Jul 2021 05:48:10 GMT
bootstrap.min.css
shells.systems/wp-content/themes/thesimplest/assets/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-content/themes/thesimplest/assets/css/bootstrap.min.css?ver=3.3.7
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

:path
/wp-content/themes/thesimplest/assets/css/bootstrap.min.css?ver=3.3.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Dec 2018 22:05:48 GMT
server
cloudflare
age
6750
etag
W/"dad-1d970-57dcbcca5cf88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n3TKf56kMbUP%2BcyVZbjhoEV3S156JOuzgWy8Q10q5yxPKNlvHfkZztzX02iOLs4qNKzJHYg%2B27QVfD1po5HaI3jiipmqeQAfxYIKbudwvhawJCJhEzPTzG83ghk8wWdSe4AinOC6le0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
669610248e702c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
font-awesome.min.css
shells.systems/wp-content/themes/thesimplest/assets/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-content/themes/thesimplest/assets/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path
/wp-content/themes/thesimplest/assets/css/font-awesome.min.css?ver=4.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Dec 2018 22:05:48 GMT
server
cloudflare
age
6750
etag
W/"dac-7918-57dcbcca5cf88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=054xfU2z2DXAXcNE11pi74WfUCedXbtQKy2E4CxMVbkFu1AaXZbWXU0RQq3HxkdP7PbwXolhZ6aruAS6IiuXUiLxqI6%2FFAHY6A0pse0%2BZ23C2cXy8XyqcphoD0O%2FvOXKl4SpVxdL4eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
669610248e6e2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
style.css
shells.systems/wp-content/themes/thesimplest/ 		38 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-content/themes/thesimplest/style.css?ver=5.0.2
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca1dfcad1108ff8b71f22a462bf8348b6ff1335c1e0bb8de940ec067a2364bc5

Request headers

:path
/wp-content/themes/thesimplest/style.css?ver=5.0.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Dec 2018 22:05:48 GMT
server
cloudflare
age
6750
etag
W/"d93-975b-57dcbcca5bc00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0e6TFKsymthRVE8Ee%2FB0r81TsGCvdYTPttAn0J1qp0h4os8RZoK7ufrKlbEzLHQNnPo8S2YMWKWc4psiYCogNeZzUXw5XVcgt4BxE0OWIx%2BSIfhxbamNo7yPEEmhVvrpKg5WnSE2%2BrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
669610248e712c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wp-emoji-release.min.js
shells.systems/wp-includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-includes/js/wp-emoji-release.min.js?ver=5.0.2
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.0.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Oct 2018 04:11:25 GMT
server
cloudflare
age
6749
etag
W/"9ed-2efa-577d80c351540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aHVsST6aTBFWbFjavf3sGmJ0Qfm4emC%2FpSWYAydvJn1xKVvoyJrAySnLRgU9mPhiB7QJVqC9YKy9on33I0kp%2BIGc%2BPBo6CtcImmvxeUgWowFt%2B2u%2B8HMgTJ3%2BjW7gxbN9u%2FddWSOvGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024ff2c2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
jquery.js
shells.systems/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 May 2016 09:00:29 GMT
server
cloudflare
age
6750
etag
W/"97b-17ba0-5337eac0d4540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BIXU3dDEPJZyXsdzXGFKoMk%2BSAemjBRZZSqEK9FcSgVBDKx34LLB9hNBLns2MPPen4l%2F12%2FVs1NgmaDabLnjHICLbqZ%2Fekcw9U9cDaiIlz2uaYqKHXIcfWIeZDkk2CIAOBb6dlhcELE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024aea12c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
jquery-migrate.min.js
shells.systems/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
cloudflare
age
6750
etag
W/"975-2748-5333ff613c400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8nM54l7X4R47pgubcXW1MwVOARDrFUbWAU924SJRaUix2LUSoYlKbMKk1AukzbhIhmYj4VQjl0diVuwR0DA5SOYQjDnTfwMxz%2BdAhiHPqVUnRHafqvNwMVeRL19FNQFNd2uNCAj8qfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024aea22c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
foobox.free.min.js
shells.systems/wp-content/plugins/foobox-image-lightbox/free/js/ 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-content/plugins/foobox-image-lightbox/free/js/foobox.free.min.js?ver=2.7.16
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ca8a4feeb61ae9e7c5b6dc7a7918cf9c214c601be52f73231bb20cec8861c00

Request headers

:path
/wp-content/plugins/foobox-image-lightbox/free/js/foobox.free.min.js?ver=2.7.16
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jan 2021 01:46:15 GMT
server
cloudflare
age
6750
etag
W/"7f747-18804-5b80941667764"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5lOup%2FufR2UsVFgU3pqH0LBBJlzbjEe5Q1neqi6LS8V3hP9oJDBx%2B3NJi4s1auaOgyNLZhlY10XugHCVnVA2MposcutS8P566%2FECbere7lVLdTqQsBhQBOMy9CZwYsKSOTxqvm5Yt7U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024aea42c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Screenshot-from-2020-01-13-22-36-28.png
shells.systems/wp-content/uploads/2020/01/ 		185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-22-36-28.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d4c1aab6d663efac1e3d211ec631fee2cf8729d83581e4a67244fea45581a9

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-22-36-28.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2391
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
189614
last-modified
Mon, 13 Jan 2020 20:42:29 GMT
server
cloudflare
etag
"41a2b-2e4ae-59c0b838bc5b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eHc1Byry%2FvqUAw8%2FUyjsjJtmCUna9mmYJcEslts1fuM%2B9QcrO07qMmI0k936vJ7YBzzHI252Xn1leHQstSZqMXket1NGT46hdf0i%2BEpUhLAVMXeQGEsLg7iMK8%2BtXAWSOJNQrmU%2BQdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
66961024ff2f2c2e-FRA
web.jpg
shells.systems/wp-content/uploads/2020/01/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/web.jpg
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebf5c9fe428c668e42a42c1fee0f0c347aa7893ac09efc7bdbf0c7f3bb35348

Request headers

:path
/wp-content/uploads/2020/01/web.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 12:12:57 GMT
server
cloudflare
etag
"419e0-14d42-59c046550977c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y4EdokChs6mZTfLXS3oRQEXAB5J9wpRMKE0cedSDYRaSCvZfj4dmHc2uahlrePqAdU6g56PI1cJgmxQB1rInAD41jiHwgUY3wwRbyLc7vw08fNs1w1OcsuUCtmejjqMdDMwPFgXiCjs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff312c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
85314
photo_2019-05-07_12-13-17.jpg
shells.systems/wp-content/uploads/2020/01/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/photo_2019-05-07_12-13-17.jpg
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf988e003e16e326c65d8566a6d4bc2a8d28056f9dec6e5d4ca292ea7e3c6a0

Request headers

:path
/wp-content/uploads/2020/01/photo_2019-05-07_12-13-17.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 12:12:56 GMT
server
cloudflare
etag
"419df-5e38-59c046541ddf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aksJHpNHi%2F7Y5ExIrBeomoHMuPsaLsBgS7fRp64LxqEZPfJhk20JXY8CLJGTv%2BXVECz9c6O39mSOZBvrC%2BsvDtsVFZRyHkjdBpSe5vkMcKORnerC1WD11TKue%2B%2Bbh2oDPiHc6oX7xTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff332c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
24120
buy.jpg
shells.systems/wp-content/uploads/2020/01/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/buy.jpg
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ee6a76c14e137611dbf6ee29a784dbb9e3867e5c43b7d5b3c5862857e9a7af2

Request headers

:path
/wp-content/uploads/2020/01/buy.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 12:12:55 GMT
server
cloudflare
etag
"419de-12022-59c04653b8116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dro%2FRdebEPFeVFWflRJ1J85%2F%2B76cOiLP1kxOZIVZb%2F2OMQJTPCccOiBaP9CtpVMVEpCPAPDStAZgOWbkh%2BuzHXhmTkdDE57k3hTXQtLSB2o7fyR3OYzu0yesmWFPYOl1Cjh2TTjo4YI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff362c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
73762
Screenshot-from-2020-01-13-14-12-09.png
shells.systems/wp-content/uploads/2020/01/ 		255 KB
255 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-14-12-09.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f8991190f3940fcd63fe8d4a86b8a3cc84428128570ada04b0c3588f2c9d560

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-14-12-09.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 12:12:43 GMT
server
cloudflare
etag
"419dd-3fb25-59c04647eb11f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dYouhgI93lVT1prI8HX2rpL23xvTUA%2F8c0hv0PsflGfkGQ86qSiDyhS1nlBgN7wKwLFHWOX3Ap4PANO%2FSSHNU9iaG%2FLjiRyYNx%2FnHSaWyBBYCLiFriiCNK%2FNePucmESJz2DlIJse2Rw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff3b2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
260901
Screenshot-from-2020-01-13-13-34-57.png
shells.systems/wp-content/uploads/2020/01/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-13-34-57.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba3ad91dbf899ece21edf00118d1a44e0d6164393350795dbf1529033a870b1d

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-13-34-57.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jan 2020 12:12:10 GMT
server
cloudflare
etag
"419db-b477-59c0462890b47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GIBQHosnI7Jk1teH1dILqntZmnsi3jlAeGMwvCmz1DQnfk7d4H0odmD0dnT%2BFEOdGv%2FU0u4P1CbsebI4fEIwDDmtitxCxTwPYKemQhS99Xn45J20wC48UwfnaNWeMq8%2FbzdG0wHQtv4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff3c2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
46199
Screenshot-from-2020-01-13-14-03-45.png
shells.systems/wp-content/uploads/2020/01/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-14-03-45.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1064fb38e97c6ee6f364b4cf6fedd81de34aec8fe6e0f7674ddadf86f1e48b0

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-14-03-45.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jan 2020 12:11:52 GMT
server
cloudflare
etag
"419da-c9c8-59c04616fa431"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZrbCkAJNhT9PICtKsRTVge%2BBOPjsu4oCzhOn45YWMyxrJF4x8vNJqTBp4D9D30LpKgh%2BZMbcUqaCtdwMxwJ7z7Z37IvXg%2BWifV8T%2BLxaSyhbW9BhxrVgutSOvo%2FYYoPkQtJUwXoHIIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff3e2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
51656
Screenshot-from-2020-01-13-14-03-45-1.png
shells.systems/wp-content/uploads/2020/01/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-14-03-45-1.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1064fb38e97c6ee6f364b4cf6fedd81de34aec8fe6e0f7674ddadf86f1e48b0

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-14-03-45-1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 12:12:14 GMT
server
cloudflare
etag
"419dc-c9c8-59c0462c22c37"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HeUh3NXNM6v4vAMRzWNdcODI88phgfOcIyH4ar42NBha6vtW11x0C%2BAlS5PI6%2FyqueV1M9Mrdq7lpGIVIVcq%2F4Jd3VnNVB4j%2FDae%2Bw5dcWpScG3JT5dYiLjP431jajK%2Bl9G2XZVIFbA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff3f2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
51656
Screenshot-from-2020-01-13-11-15-51.png
shells.systems/wp-content/uploads/2020/01/ 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-11-15-51.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca046ace61b069a2d0eab53e8c8bf2e69b5b7f0efcb7f69e40842cbec5585e80

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-11-15-51.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 13:33:43 GMT
server
cloudflare
etag
"41a05-343af-59c05862ae951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BzzTQeDfp4Z4Son6%2BQGc3935dOU7r7Bc04nVdErsDBLFF2pgrOs%2FiyWZa%2BEGjToMPEtcAFuEkDbJk2sAukv93GGwWBno8LYA5ea4usMcw997wSK4yNlQjI0BQALsFUAYq3dq3LNvd7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff412c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
213935
Screenshot-from-2020-01-13-11-16-01.png
shells.systems/wp-content/uploads/2020/01/ 		901 KB
902 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-11-16-01.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d71cd347ffbb81c03835a2dff58a7e9b93e4a43b07c98b614e0d919ccf9367ed

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-11-16-01.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 13:33:40 GMT
server
cloudflare
etag
"41a04-e14d4-59c0585fe5ef9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7GHqYTIT3edifVxckjkowVsBtEr52rxkVJUg%2BT53ZHNJy2jptPojXAlA5PMb69Cw8w6%2FL92964q%2FS6FQY4gzeQZiQpiohxYBrycZ08%2B%2FMyvzbMkYyZv1ilBVK%2FMGHt55Om1SCgHET8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff432c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
922836
Screenshot-from-2020-01-13-15-41-05.png
shells.systems/wp-content/uploads/2020/01/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-15-41-05.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82218cbd84afa1247ca95ba7fa342c17ef684eba3fff24c1a6fceecbc45054fe

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-15-41-05.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jan 2020 13:47:09 GMT
server
cloudflare
etag
"41a06-92b2-59c05b63c220b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CqhxVyCh8TPTIcNsI3%2BoST5EY5brTI6%2B%2FAsutQ6D7OwXXZdZ95XCn%2FSED3gN81yXqEIC7nVYp3iPxvhDV%2FHSYTrS1qQw8qmgZg7nIZvBVW%2BB1%2BeNSofK7xYAeFTGbfsGRkZRolEN5Xo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff452c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
37554
Screenshot-from-2020-01-13-15-51-14.png
shells.systems/wp-content/uploads/2020/01/ 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-15-51-14.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c21be4e6a67e1526b608949b97ce42ef663f8b94a360ac746d331f40e3b715

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-15-51-14.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 13:52:48 GMT
server
cloudflare
etag
"41a07-40913-59c05ca6f9c86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y1ESMoSJoDHA%2B%2BCyTrWRyxM4c1PoJ%2Fp3sfDNyRe9PIPqEDy4MLCBEVa5Dq4GCgjTUdZMJPQJRKg1iKG3exj5B7389lSmj0Pu1ViXPxLLoRHWJBAXuPA3XFARP%2BIf7H6qqQ9xTE%2F%2BZuw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff462c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
264467
Screenshot-from-2020-01-13-15-51-23.png
shells.systems/wp-content/uploads/2020/01/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-15-51-23.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0867ad8d4e8eceabd5341f66d487d1b1502b90c7bfb4a7c5ba2f47355eadda8c

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-15-51-23.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 13:55:14 GMT
server
cloudflare
etag
"41a08-c0d0-59c05d31a4508"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ifAVHO1Fdm72B9FbxQHelv5AMJI969X3OHCOlRI8cpnfKrVKeTUAnowBIKmVy4AJfFmo30z%2F3yEFjvQoYWa5qNHCCLOGtEEIPPnOlL7zgCluwFlLibyhwquvYj4Y9cyYhlDPz%2FAWz9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff482c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
49360
Screenshot-from-2020-01-13-15-49-52.png
shells.systems/wp-content/uploads/2020/01/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-15-49-52.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a64ffe9e67264afacf4ca93e8f91c311220780fe54fa4f5d6416723ad58536c

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-15-49-52.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 14:00:03 GMT
server
cloudflare
etag
"41a09-1ddbb-59c05e45904d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9Pax2l19Ilu40qxc0lPJuW4Y%2F6Royy%2FPhBR2o%2F4NVpkJ5pvqPO9BbMl4q38pzFHQnVZWtS6s0%2FFmzUcegO3xoNUmuGD%2BNFawwXkZSufmWK7FiOACU9mXtjFAaVEnFVNlPKMhzEwykjI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff4a2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
122299
Screenshot-from-2020-01-13-16-27-13.png
shells.systems/wp-content/uploads/2020/01/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-27-13.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae116d4bcb7aced6dbf8c99d391366a6179614c15a0ae9fb2738e448c6c9859

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-27-13.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 14:28:49 GMT
server
cloudflare
etag
"41a0a-b843-59c064b3d2af0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QxPy5c1EXAo2ftG8yPdnQ21VaUYHvLD%2B5yGe%2FbOIK0zCbkyMcJwk6G%2BEqcpbT0QGGTzkS8VBXVaT9tmE1pcCi5j%2FsF0fZjJxRUU9Ermw2USwgpzd8hyLaBmXsSJR2UTDdGgWAtRJ08Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff4b2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
47171
Screenshot-from-2020-01-13-16-34-08.png
shells.systems/wp-content/uploads/2020/01/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-34-08.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7dd37e8ef6b0e0332fe064ce794ae608aea1bdf0df2e77c1c589f9b9de3d14a

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-34-08.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 14:34:41 GMT
server
cloudflare
etag
"41a0c-a26a-59c06603e3279"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ISbPq8YnHGkGXw83z2IuapqeDkUeVU2moJOxJsjAzsfN694mGlJs%2B7bMjHC1w99vtM%2BC4oJXcdFuACN%2FHkyHC%2Bo8%2B2uZCvJZoscSMQVe%2FnXjmQmuZp7H8RbYBX0dYSalspOrQvlzPR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff4c2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
41578
Screenshot-from-2020-01-13-16-36-17.png
shells.systems/wp-content/uploads/2020/01/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-36-17.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc069f4d6cff469d78caf3e72c52612a7e62c0ab9da14b63ec2e2a4bb7a0db8

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-36-17.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jan 2020 14:38:18 GMT
server
cloudflare
etag
"41a0d-1ed78-59c066d2b66b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3BmvpTDGvA63QzFC2Iu2xtkwfgukaJcENDe7G29yEjhhODXIMGpy3Ra%2BihP8PTnSn20WLv%2B3%2BzHQA4EIuNSrkByqh23ltuqGqV8n1oICStbwKnMfd42bLGgOmjMMfuuFjVmienq1jRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff4d2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
126328
Screenshot-from-2020-01-13-16-38-47.png
shells.systems/wp-content/uploads/2020/01/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-38-47.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5772eafc1489da4b3cdc77940e53a0c73d446c6483b8bdfaf4b3e857d3b1dd7f

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-38-47.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 14:39:42 GMT
server
cloudflare
etag
"41a0e-22e4c-59c0672220804"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a7jnOXYJ%2FaXgotB9oOcVlaGsLdgR9vJM2RYN51yn6emQlm9vsEUdKu6thHp2qplrPL%2BjenCthSMeP2Uf6gMJo8kwSUW0vZ8P5bvXJSgwMhEHyAYV3Zytnc28UVDsKpxcMWUJXpp1ESU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff4e2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
142924
Screenshot-from-2020-01-13-16-41-21.png
shells.systems/wp-content/uploads/2020/01/ 		195 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-41-21.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9255717d09fe84067875469ba2c8c45cfe0123aa652932a04fd3a301f2724fde

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-41-21.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 14:41:55 GMT
server
cloudflare
etag
"41a10-30be9-59c067a17a0f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u63zrEkB79209zcDMKw%2BS2ffG2j6XwFHVt4EJZY%2BOzRtCwiYqiU5L9WxRj8nhX7%2F6WIqmimxMM2DqVNObBhOQxoMEti%2F7WXhCtrUt7lFWKQ36%2BblTzZdH2qEVNYU3h4uoBFy3PHN%2F9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff4f2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
199657
Screenshot-from-2020-01-13-16-43-21.png
shells.systems/wp-content/uploads/2020/01/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-43-21.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a055b9901809f135b6b428de9b5c82cfde2a22702c6c978c331dbcf8699e76c

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-43-21.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 14:44:08 GMT
server
cloudflare
etag
"41a11-19627-59c0682057999"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hGGjY7CsCjCtYet5WPVv%2BLx3Y5CPNAwtHRhCjoHrEMdRK70tZCGKbkzaeeDuJR0YU%2BgnudILz%2BzUw30%2Ft3HjPylRq9vpS%2BrZRLVER8lPEavyi6foeXYAYLl1Df8hrG2781AWqfN2ZpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff512c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
103975
Screenshot-from-2020-01-13-16-45-06.png
shells.systems/wp-content/uploads/2020/01/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-45-06.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31f6e140402fc3b6af8bed985c8be77cb43b5a610e12ff983acc2db15c3ee951

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-45-06.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 14:48:41 GMT
server
cloudflare
etag
"41a12-bf71-59c0692448471"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WcpPtIy2HCQrtezlLYyR1Wo9JNjfGTiwpwTcWqA0IZlAMRdlA8xok3Rnja2utB1fE%2Fg2FcyeEhRZXwXOoNmT3lhZQhde2ALy%2FRe0wH4QsOTLcMrQ8nSuw5uGrBd4JDoFtYSRG0eg6J4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff532c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
49009
Screenshot-from-2020-01-13-16-55-48.png
shells.systems/wp-content/uploads/2020/01/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-55-48.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d0cebc81c9ee202ce8283fda81175b1b2e333c17a74cbfeb27ad12ca7104550

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-16-55-48.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 14:56:21 GMT
server
cloudflare
etag
"41a14-f54a-59c06adad9789"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AbyiXXtio91WwbTk4BlZ6Qa7a5Q3Y4HW8%2BV1Bv6A2ytOjSNoQiLzpq%2Fi%2BjaYnDNmCHBP7bhQNhXHNeV%2BwVnMCj5R5zlX%2FXUJnFYWoLkCItaOe1O%2BotEiepCq%2F%2FC0J0VJMLBhGyVMadk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff542c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
62794
Screenshot-from-2020-01-13-17-07-42.png
shells.systems/wp-content/uploads/2020/01/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-17-07-42.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e3444bc5a95919dc1fb5917caf11fe46b38c34f095cd4b88f8b72ed1e7f519

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-17-07-42.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 15:08:23 GMT
server
cloudflare
etag
"41a15-9b57-59c06d8be1512"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nifTD2J%2BQuclE9HCFkyy%2BalVvjZV2y8yuNmKMCm5IXsm4HZ83tiSQpi13H89ItuUieyfQDbpshmrFXv4Rzi98ML3WCXGQzfMieOQvbyP3W8YBuQJaWoiM1W8DkiVTmL15%2BFdw1GIKWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff552c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39767
Screenshot-from-2020-01-13-17-35-26.png
shells.systems/wp-content/uploads/2020/01/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-17-35-26.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6875d9898e1fb48eaa7d89dbcec7ebb97fcde45ed039f1404462a449e3d76fe4

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-17-35-26.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 15:37:52 GMT
server
cloudflare
etag
"41a16-78f4-59c0742314a81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=glnWFqnBLXlJPyqAHN5TnuZwXLSq9lPSFTByiTRAUkN1cVOwIRdQs%2Bnpe5C1pM6qKZOcHFB4bi5d4Wm0DUe06DtfmjlANjDnut5%2FV6zYGzAncDD8HVt9JER%2FXa5dKGkQ6FEkhnpFPgs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff562c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
30964
Screenshot-from-2020-01-13-17-35-35.png
shells.systems/wp-content/uploads/2020/01/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-17-35-35.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d34f6c461f2e00d3f0ed9f24fe5bdd440711e1f7f82f20f5effa1c8e506673

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-17-35-35.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 15:44:12 GMT
server
cloudflare
etag
"41a17-697e-59c0758d3b982"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KydUr5mvscvGbTMC0cml7vHxbwLWpkp6FFinbD3jJDN%2BPRMfHw7UJRd2qn0hWQp3ugy9jEWL5wzeE1si30OFdg7lmgNOH6RjCnQ32pWDznXkqxCOT9aT%2BPDICCNnAMyhESNnubPDdnc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff592c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27006
Screenshot-from-2020-01-13-17-49-16.png
shells.systems/wp-content/uploads/2020/01/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-17-49-16.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be28f4d6f3270e10c80e34ef56dbb5af08b117d9190ec6ff096a8e9e3d80dd7

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-17-49-16.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 15:51:32 GMT
server
cloudflare
etag
"41a18-750b-59c077309af84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=doSJ5yVNGjc2jC6RPwCuU9vNeIuheYQrACxpmu0iSx%2FkvAd3PV%2Fy6vHe%2BbcMrxPKuwCPmDh2cY8I6T0nFgebYbqVUyfgmW5RKo2kEno01uEcCC8GTKUeGyfXCvtybWAfr1PJHgo2GqM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff5a2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29963
Screenshot-from-2020-01-13-17-54-27.png
shells.systems/wp-content/uploads/2020/01/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-17-54-27.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c9a5c585e5f246f0e67b8ac322c55f20fef546a5bb59a595fa686915c2bcd3

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-17-54-27.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jan 2020 15:56:05 GMT
server
cloudflare
etag
"41a19-9581-59c07834f6949"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BDL0SjdpA4J012Rbm2W3d2ZGpMzml%2FxyyHpcKleEG1S0qmu4EuqO7lgAiaTziZZEyV8zl%2Fburif3E6X728yZYzJGfe%2F3El2jDw26tllsZPkxCuhwfw39wzi0BT%2FoCNKsMWvIHnOFAyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff5b2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38273
Screenshot-from-2020-01-13-18-00-15.png
shells.systems/wp-content/uploads/2020/01/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-18-00-15.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14973b04e490ad94070348aadccd97c9c5aab6f6917672f689f9428c90968ffe

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-18-00-15.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 16:01:27 GMT
server
cloudflare
etag
"41a1a-45dc-59c07967cc241"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Paj3q7kvbmCdFrqMXOU9BhnXQl0U1p%2BEcoRm6T6Z5b514iBFwn3xz%2Fa46UT7sCHO0%2BWnm%2FJ5jNhnwLc5hElfpDOXUaQpg0VPmDwbFTp8BLfcsWW2oeMnoD%2FaHEwhDZYNRuvw7iS6xS4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff5d2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17884
Screenshot-from-2020-01-13-18-44-42.png
shells.systems/wp-content/uploads/2020/01/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-18-44-42.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
440668e55c77ff1367559cc3e2558f01f6210ea6f3d4563d1b58f673697544c2

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-18-44-42.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jan 2020 16:47:19 GMT
server
cloudflare
etag
"41a1c-6789-59c083a8e77c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8uV7AEgpLlvWK44W%2B8PnbQ99%2FmujWHt7PtHXSDp1deVSwuuFd%2BnbTr%2BiU%2FhiYu1eZQUU4joVI%2BTCuT6UWjUVcch%2BlEPmpDl9NObDoUgpIzNl%2BpPw%2F3N58yjuS1hzeIMhXRMiTzWPF1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff602c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26505
Screenshot-from-2020-01-13-12-13-23.png
shells.systems/wp-content/uploads/2020/01/ 		594 KB
595 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-12-13-23.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2fbf6ad4d8232be48bb2b8ed5ae7ea0d9970a27dfaefc9a35f0cbdae99ddfa

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-12-13-23.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jan 2020 13:33:14 GMT
server
cloudflare
etag
"41a00-94942-59c05847482d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tUnYVCPve68AiYTCP4%2BEyS7rPCeht2f%2FXZp5G5wBt9xIfXv6qaOut6M8dO%2BxHubvpKbFUO8ZRip1%2FaFIVJDqvDRjojpJizHGv9Aj2zf9KMpRPGL04G1MKlPIm2Xl7HBknoQFFzPA2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff612c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
608578
Screenshot-from-2020-01-13-13-11-37.png
shells.systems/wp-content/uploads/2020/01/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-13-11-37.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08d05512916a7a4af2fd65561626fc6967c0e4fdd0218131746166ed8cb0940

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-13-11-37.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 13:32:05 GMT
server
cloudflare
etag
"419e3-29b33-59c058053c76b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PpEJAzAu1PrzqwvV3roLXM1wGeaYA3G%2B%2FMVbvFh8QhdecQ%2F5iNeAUUyHfBPOcsqIFCUkEuFQpTAqNdkP9Bdf2aczTIGZEjESAgVUye2wS8wLvBvpRjgKtIQIEwUxiNsn8nls%2F0m12fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff622c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
170803
Screenshot-from-2020-01-13-13-14-05.png
shells.systems/wp-content/uploads/2020/01/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-13-14-05.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874c84fd5d02f62f5f6bffd69f9eb9793448bf963d7bbe63edf3d276dfeb7f7a

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-13-14-05.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 13:32:03 GMT
server
cloudflare
etag
"419e2-6f03-59c058034e911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZwMhTUVHSNYOpcvZDjHynqtqarGmNVHd8Rt%2BiaiQsHZA9Y0FflruIZECZwphh7nHx%2BeeZg3WpDjAqnnOPCRT%2FmWH%2B%2FsfDBitsHLCQpcBQkDLbd%2Bem6ljYQ%2FgttAk0B2VZGcm7PKRgDI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff642c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
28419
Screenshot-from-2020-01-13-19-21-55.png
shells.systems/wp-content/uploads/2020/01/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-21-55.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfc170829d6d6b4bbdd1aae20223c8e87587c4d6def73458b1e9947dcc9ea30

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-21-55.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 17:22:33 GMT
server
cloudflare
etag
"41a1d-acef-59c08b887db82"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SPBLBLG2%2Bo7YJVH%2B%2Fbm7dXLzePYIKuepTBRxg0ycWRDczj7LRNgB0ypNC8BKs94jTz0bj5bWV2MYJ2Kt1slq0jlCwO1eRXnMoUg7Ap0H8Ei%2BY6LSCTRlWTug3AmKP%2B4Pe9P0P4OJ5js%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff652c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
44271
Screenshot-from-2020-01-13-19-23-07.png
shells.systems/wp-content/uploads/2020/01/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-23-07.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b4233de9d76ea2f64cd4bf394b7a27e3193fc4d1af0ead8ae6b526c6f2dc46

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-23-07.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 17:23:44 GMT
server
cloudflare
etag
"41a1e-7bad-59c08bcc55651"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=omkI7ekyHW890PYQtzwHJYzM0OwmnkvYVqfAGlGkGPD1bk8xeYLOVHe4VGGuXqBRZ35OGnbu2QiueISzx5arvmsbpi2XKODytWOJ7U9%2BvybhHel2y9kRo42vT1h1%2FwGX3m%2BEW5H3alQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff662c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
31661
Screenshot-from-2020-01-13-19-24-00.png
shells.systems/wp-content/uploads/2020/01/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-24-00.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e16c7335e2737db6bd7eefed983d4c75db1439e10871af7f087ecd5a85c2541

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-24-00.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 17:24:57 GMT
server
cloudflare
etag
"41a1f-bf3c-59c08c12341d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V04BZiISJ20EM%2FI44s6rApGcLPsWdYnslV%2B3kBSIZt%2FbzQERDzaSOn7ydbJ7JVsgknn0qaugiuj2cVkSVEvMqtwUqnu9E1gQrvIPb0nOs7u1SzU%2BHEdQ9JsS1hKExxqfaHfdjUtIHTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff692c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
48956
domain-users.png
shells.systems/wp-content/uploads/2020/01/ 		231 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/domain-users.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2c8b7ae6e71bf8b4f32f5f53ff740d30d73a6d912199ddd74074ed4e505eb0

Request headers

:path
/wp-content/uploads/2020/01/domain-users.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 17:50:36 GMT
server
cloudflare
etag
"41a21-39a92-59c091cd662a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wCghPL4tYBvCrdP47SXCIg2JaGq6ap8%2Fm9QQNIM5YFXz9JCUPGjjDuw34VLG%2B31OaiUbsM1g8LmWd%2FQoI4eLq96cEDEI4XC2d26325Qd0bNZ0URE%2BK3fbfIkYd8HFo1%2FeeH26frP2m4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff6a2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
236178
Screenshot-from-2020-01-13-19-49-06.png
shells.systems/wp-content/uploads/2020/01/ 		338 KB
339 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-49-06.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f6b4fab4df4e847860e04ff69ae2a45ca47901d8f6a51ba312cebe83d5491d

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-49-06.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 17:51:37 GMT
server
cloudflare
etag
"41a22-54988-59c092087d9a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0ftmB39wa5A5Ql%2BhTR3zs1Gs829u9zS%2FJbJ82zYXcrtBiK9iigqe%2Bbg%2FF0gffa37y%2FVcd0%2FoL4okoAgp3984MtNX9ff5MdxO9juDn9qUw9hpwP2pigAtyj0J%2Fmdqu9tcfRH2DiuCht4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff6b2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
346504
Screenshot-from-2020-01-13-19-31-26.png
shells.systems/wp-content/uploads/2020/01/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-31-26.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12dcf6ebd5203b324cc80416d081ca3a1792f7f4a112165a3ccdb7f2d6a0cc47

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-31-26.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 17:32:19 GMT
server
cloudflare
etag
"41a20-14762-59c08db74da09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TTGOjXKqw%2Bjf5HWW%2B2liLbAbSJgMTPlzAFKpsh2L%2BxkWF0TlEEeEBlrLEi7M2BjASwHDZEE%2F7J5PgAfrOGNAwVAfEIkq4Hcft3yfrCqhh7A6Q%2FyLYFiSxvurNW0dWYMQ7Bpd7WMAKOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff6c2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
83810
Screenshot-from-2020-01-13-12-26-03.png
shells.systems/wp-content/uploads/2020/01/ 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-12-26-03.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b7cb6b1320371fc8d00471d882b7d82fcb7af7cc50a879abe0f6e0c4740dfd

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-12-26-03.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 13:32:17 GMT
server
cloudflare
etag
"419f0-22c9e-59c0581080bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iciGJE1lfGomZ4%2Fs790KhRdAKPpG23pZ%2B4k4A1vK%2F91GSUbkEUAh6bF9dZvF2ruDRSvOQVqRe6N45PZ99PJ%2BdpX%2FJWUWMpIJaskHB7e78rkcYpKbp8oFMN1bF6wKEhKQY4X9weRPbuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff6d2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
142494
Screenshot-from-2020-01-13-19-54-04.png
shells.systems/wp-content/uploads/2020/01/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-54-04.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf53c52576f3900650a63f8e606c4c85ba827b6b821b9e1b7c2e40cbea336646

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-54-04.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 17:54:42 GMT
server
cloudflare
etag
"41a23-7876-59c092b835bcb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4WGYJbkx%2FZqSqsrlyIMPjapuq4DKotrwfMUhXNkWxByGsP5VvCX5ySwvZLpIAuZ04BHDSEthPpAEb93TzKv2XuRlu5XBF3%2BTItsLnYVFoBqapRy5Ym%2B9SDoMuSst6lhyBqFrLfGP448%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff6f2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
30838
Screenshot-from-2020-01-13-19-55-05.png
shells.systems/wp-content/uploads/2020/01/ 		406 KB
406 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-55-05.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e41fc078e4a5afe2e456aac799ae277333aff7cf303521da0256c7a26303195

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-55-05.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 17:56:07 GMT
server
cloudflare
etag
"41a24-65779-59c0930935551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p2s7F6w2l8qwEWM7W%2Bbkli9WAjMHkBW%2FrVFa06WIMR6JVd6Cyp5o1UpBWS%2FkBO5QGxJtKLvEr5PJ8dBti%2FiAcdPWl3f4GLQghKnACMXS8mJFIUUaqahau2ToUPk0OZx3N3l3U14XVRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff702c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
415609
Screenshot-from-2020-01-13-19-54-59.png
shells.systems/wp-content/uploads/2020/01/ 		633 KB
633 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-54-59.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f2a4e450fb6a3a7e7af98e0072c481dd86737e131e357c772a48ea7269d42a1

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-19-54-59.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 17:56:22 GMT
server
cloudflare
etag
"41a25-9e2f2-59c0931814761"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=azK6RXp%2B9toL2QcROiHR3LQKJ%2FQpu%2FItVdT7vX72oVH7PrE7Xs%2BaArL2Omot2i9qBSz72rWR09ww7bOy0o9ZDDS2PJrzsspOS8ofU3oAbzxIYAcdoX3SPg8PA9hNods6VaWs230PxEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff712c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
647922
Screenshot-from-2020-01-13-21-26-05.png
shells.systems/wp-content/uploads/2020/01/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-21-26-05.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6d3b4e18521f7face1ea0084b59eb21576d63b8e9d7a7f7030e4c437558416

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-21-26-05.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jan 2020 19:26:37 GMT
server
cloudflare
etag
"41a27-57d3-59c0a743dde73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q53UWumYmDtEjFCVGcETCMAkJKPSqk1FXkA8pdL%2FvUPCSqIJDeu4hh35k4VDyZd1rsoo4umq%2BJPinmBLdPsSi05DwFhGLAWDXOkeBx%2FJ5Xq3ZIhYrSWFKrbfnUtRalXkgPR5vapjSlo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff722c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
22483
Screenshot-from-2020-01-13-21-23-33.png
shells.systems/wp-content/uploads/2020/01/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-21-23-33.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ea0e87097b8f57aae4064f73dd546468342085a97121933a97625a4095223dd

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-21-23-33.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jan 2020 19:25:52 GMT
server
cloudflare
etag
"41a26-10772-59c0a718bbe98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cI1101YgCU7xoG6UiROk4IAsAnZEc2IgxOQFq1opKP5QyxyCz8qczt0AwEA4Un0aqJBQwkut27rjq9yJ9H6MGD0jZUtgPhP%2BuSO16%2BHh6mzlyz1TG%2FNm3Zi9V4CEYy8XExDLGvVbS%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff742c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
67442
Screenshot-from-2020-01-13-21-23-54.png
shells.systems/wp-content/uploads/2020/01/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-21-23-54.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f196378d0543661dba0087795105e80410e33f2fe9dfd36be8088eff41040c5

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-21-23-54.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 19:29:56 GMT
server
cloudflare
etag
"41a28-17669-59c0a801c65c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cC1KNQt%2FbQWXIfKqhcLai4vvQnffUxNtpSLrjS%2F%2B73zhCGM5hAnq8eIhwghGWOClysug6yp%2FvaC8L%2BJ7nUQBA0ndZyHwhnT2rXPu8S1pJE1CHUAKsfKlH6aBxjNRVY0iNvcnid2Z2bA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff752c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
95849
Screenshot-from-2020-01-13-21-24-29.png
shells.systems/wp-content/uploads/2020/01/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-21-24-29.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b6d2540d3878c45487e96a279421db48ec447cc9064a61fefe70e49d0ab464

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-21-24-29.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 19:31:04 GMT
server
cloudflare
etag
"41a29-2ffeb-59c0a842981c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=36twu5hw5A7io1Ouo7cMy4QGuI0GHA11eM1AW3i%2Bp6YxnlQWP8mgirMU321ISOUp0I%2FkEAu8cIT8i87oYqGCUn5O%2F8nnKhl9GaNC0sALhvOpjc9d%2BvrLVtKlIHQ6mRxmIMhgsQrd0S8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff772c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
196587
Screenshot-from-2020-01-13-21-24-22.png
shells.systems/wp-content/uploads/2020/01/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shells.systems/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-21-24-22.png
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fba437f546c3cda86cc26b9eaac08e7fb6d9fcf13851abf04e3b583718e147b3

Request headers

:path
/wp-content/uploads/2020/01/Screenshot-from-2020-01-13-21-24-22.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2020 19:31:05 GMT
server
cloudflare
etag
"41a2a-5cc6-59c0a84319429"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EKd6cBiVfmfpnynAyr7FoHIMllBWnQMl13VMsKLetuWWI6GkMi%2FoL0tuCaDAdcSg5AoTSpR7WiujgOdxIkor%2FkeQdifjGoqEVb5U0ZMQo%2BmJ9TGRfWvrsV0PMXLgZtZcj%2Bn01GENga4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
66961024ff792c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
23750
8c2c34938d3b51479d9c0ae427b61fca
secure.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/8c2c34938d3b51479d9c0ae427b61fca?s=72&d=mm&r=g
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
60e7158cf77f49025e6e2e3a2ed612bff99b0df552f76999a91b2f2fd1e9cb9e

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 04 Jul 2021 05:48:10 GMT
last-modified
Sun, 05 Jun 2016 11:19:36 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="8c2c34938d3b51479d9c0ae427b61fca.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/8c2c34938d3b51479d9c0ae427b61fca?s=72&d=mm&r=g>; rel="canonical"
content-length
2610
expires
Sun, 04 Jul 2021 05:53:10 GMT
1cb0627c3ba4ebd4dac77be152dfee13
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/1cb0627c3ba4ebd4dac77be152dfee13?s=42&d=mm&r=g
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e284cde35ecef32348b6fe06e9b93f163be2efe3039a139dc3adf5eb9af6abf

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 04 Jul 2021 05:48:10 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="1cb0627c3ba4ebd4dac77be152dfee13.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/1cb0627c3ba4ebd4dac77be152dfee13?s=42&d=mm&r=g>; rel="canonical"
content-length
1033
expires
Sun, 04 Jul 2021 05:53:10 GMT
f88c7e6510e02c88cbee6d851f12cbc3
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/f88c7e6510e02c88cbee6d851f12cbc3?s=42&d=mm&r=g
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8879c7fe64d3f6901d48a8f6a91f1ded556909fd68e7a85d83cb7d17f0c566ae

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 04 Jul 2021 05:48:10 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="f88c7e6510e02c88cbee6d851f12cbc3.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f88c7e6510e02c88cbee6d851f12cbc3?s=42&d=mm&r=g>; rel="canonical"
content-length
1033
expires
Sun, 04 Jul 2021 05:53:10 GMT
c9dc4c1efb5827130b1364fff33ee96b
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/c9dc4c1efb5827130b1364fff33ee96b?s=42&d=mm&r=g
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e284cde35ecef32348b6fe06e9b93f163be2efe3039a139dc3adf5eb9af6abf

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 04 Jul 2021 05:48:10 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="c9dc4c1efb5827130b1364fff33ee96b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/c9dc4c1efb5827130b1364fff33ee96b?s=42&d=mm&r=g>; rel="canonical"
content-length
1033
expires
Sun, 04 Jul 2021 05:53:10 GMT
skip-link-focus-fix.js
shells.systems/wp-content/themes/thesimplest/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-content/themes/thesimplest/assets/js/skip-link-focus-fix.js?ver=1.0
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e73b6b648c5083d05a0fb212f636878a447987e1dc5c575dbba15c57d324fcc

Request headers

:path
/wp-content/themes/thesimplest/assets/js/skip-link-focus-fix.js?ver=1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Dec 2018 22:05:48 GMT
server
cloudflare
age
6750
etag
W/"db3-500-57dcbcca5d370"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y8oP2Lr1kO%2F1MZlg%2BE55XbHNgAshrm0HQEjrsCCVhiqV7eGhv7HVm2mF4%2FYqwrSbchX0J9UF0BRzpx8WkYJ5kk%2BbomotPbxJB0YMrd0yUSrV0gQKq0ElyOfulbDGNC6THUcXc2W7eHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024deea2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
bootstrap.min.js
shells.systems/wp-content/themes/thesimplest/assets/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-content/themes/thesimplest/assets/js/bootstrap.min.js?ver=3.3.7
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

:path
/wp-content/themes/thesimplest/assets/js/bootstrap.min.js?ver=3.3.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Dec 2018 22:05:48 GMT
server
cloudflare
age
6750
etag
W/"db2-90b5-57dcbcca5d370"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bWQFvWxhsFBD7G2rwI0mckK%2FLnuiEmzj0yQ%2FX58vKolkVlg1%2FJ7k8%2FcWGezgqfD7CU5tp3LQlosPCIZzR0ScR3mnx8Wz6GqJlSBRyOxCbmfIG0%2FerPh2CqlHynWdrUCu0qOW4nEtl3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024df062c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
comment-reply.min.js
shells.systems/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-includes/js/comment-reply.min.js?ver=5.0.2
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.0.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Oct 2018 04:11:25 GMT
server
cloudflare
age
3990
etag
W/"86d-436-577d80c351540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pL1HNXsWHGLOqCt5oG8AUL%2BDLonl9HMZgD%2FspagWwKlC194UstCWGXvDqOADZWmYKQ%2Fo%2BdKAZt29n0orcdTYnV2AZtHAVMMj9yA2o8OtdzVpqluc632t9F2DnLEKrHP6x6RXUThZIro%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024ff272c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
main.js
shells.systems/wp-content/themes/thesimplest/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-content/themes/thesimplest/assets/js/main.js?ver=1.0
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
608c34a8a593eb8567534306f313bece8e821a39c98b48347b6eefd94c46d54d

Request headers

:path
/wp-content/themes/thesimplest/assets/js/main.js?ver=1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Dec 2018 22:05:48 GMT
server
cloudflare
age
6750
etag
W/"db1-2692-57dcbcca5d370"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0pOQw8kvsAN3yfRyJeqO6wIn7Mm%2FkgtVzgHhMwSwPIrizwW%2BkKZqJ5In%2BV637ObeOC2JZsYT%2Bzh%2BbrghZMYfm7ZKGhUif%2BmPHcg4jzUYaYuSyWC0bMH4IL0eiIYq0HQdHZuMkL%2BdoLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024ff292c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wp-embed.min.js
shells.systems/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-includes/js/wp-embed.min.js?ver=5.0.2
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.0.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Oct 2018 04:00:23 GMT
server
cloudflare
age
6749
etag
W/"95b-57b-577ec029723c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LW3XbVJrlCkRjpAk0cY%2B%2BYeBPr2h%2BmJgrdn6xUBo5ptjWHguRiiRy%2FdyvfHDS1ZhyAxbLarglqW4Mq1wJGc%2FMzP0Js65MNgM2PetaujjBsHJLAKdwOVxjJXBHwcRrU1xGYivLSXVGJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024ff2b2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
form.js
shells.systems/wp-content/plugins/akismet/_inc/ 		700 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-content/plugins/akismet/_inc/form.js?ver=4.1.9
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

:path
/wp-content/plugins/akismet/_inc/form.js?ver=4.1.9
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shells.systems
referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Mar 2021 21:10:45 GMT
server
cloudflare
age
4720
etag
W/"5f1-2bc-5be1261f36c68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2uvqWco8BnvJMdJAAPJcsH30G6jRS3vHh7CE%2BUNAcgSBYIhU%2F6MYbfWZ4gh1P133Y94PGioR7LxnBAyxI9w91oxQmaLA67RZI42HT1aLmUg9dCtCX21aqryQ%2BROe1Ajt%2FMpFyrLUAN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024ff7a2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38782884-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
405
date
Sun, 04 Jul 2021 05:41:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Sun, 04 Jul 2021 07:41:25 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-38782884-3&cv=1&v=3&t=t&pid=416618361&rv=6u0&es=1&e=gtm.init_consent&eid=1&tc=1&z=0
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Jul 2021 05:48:10 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-38782884-3&cv=1&v=3&t=t&pid=416618361&rv=6u0&es=1&e=gtm.init&eid=2&tc=1&z=0
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Jul 2021 05:48:10 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=5.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shells.systems
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 12:34:44 GMT
x-content-type-options
nosniff
age
321206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 12:34:44 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=5.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shells.systems
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 11:45:40 GMT
x-content-type-options
nosniff
age
324150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 11:45:40 GMT
fontawesome-webfont.woff2
shells.systems/wp-content/themes/thesimplest/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shells.systems/wp-content/themes/thesimplest/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: shells.systems
URL: https://shells.systems/wp-content/themes/thesimplest/assets/css/font-awesome.min.css?ver=4.7.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Request headers

:path
/wp-content/themes/thesimplest/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://shells.systems
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
shells.systems
referer
https://shells.systems/wp-content/themes/thesimplest/assets/css/font-awesome.min.css?ver=4.7.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://shells.systems
Referer
https://shells.systems/wp-content/themes/thesimplest/assets/css/font-awesome.min.css?ver=4.7.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 05:48:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Dec 2018 22:05:48 GMT
server
cloudflare
age
6749
etag
W/"da6-12d68-57dcbcca5cba0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1ocDaI5Jxv86B%2Bkknp8%2FYUufZrtMifdK39h6cFaiwVbj5OVwO9Es5XB2kTzRSFUgeNcUZUe1DIBCqy%2FJDDa7jsbVbA%2Fh8%2B9dAC%2BiG5a1Ohk0s3vUgKkgYFLyOxtBgSByOSwPz9mkMd8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66961024ff7b2c2e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=5.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shells.systems
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 05:48:37 GMT
x-content-type-options
nosniff
age
345573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7844
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:45 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 05:48:37 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=5.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shells.systems
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 00:12:38 GMT
x-content-type-options
nosniff
age
279332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Jul 2022 00:12:38 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=5.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shells.systems
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 05:20:26 GMT
x-content-type-options
nosniff
age
347264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 05:20:26 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=5.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shells.systems
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 06:35:26 GMT
x-content-type-options
nosniff
age
342764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32960
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 06:35:26 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v12/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=5.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shells.systems
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 08:00:56 GMT
x-content-type-options
nosniff
age
337634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29400
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:05:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 08:00:56 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1286691872&t=pageview&_s=1&dl=https%3A%2F%2Fshells.systems%2Freviving-leaked-muddyc3-used-by-muddywater-apt%2F&ul=en-us&de=UTF-8&dt=Reviving%20MuddyC3%20Used%20by%20MuddyWater%20(IRAN)%20APT%20-%20Shells.Systems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=26141168&gjid=872874226&cid=1704197045.1625377691&tid=UA-38782884-3&_gid=958155758.1625377691&_r=1&gtm=2ou6u0&z=518422073
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Jul 2021 05:48:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shells.systems
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1f600.svg
s.w.org/images/core/emoji/11/svg/ 		450 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/11/svg/1f600.svg
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
41478e547c5b6ad66bfcf91ead5350fa0bc247956c3ff912020327e3e9ad0d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Sun, 04 Jul 2021 05:48:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Jun 2018 13:09:43 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
450
expires
Thu, 31 Dec 2037 23:55:55 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-38782884-3&cv=1&v=3&t=t&pid=416618361&rv=6u0&es=1&e=gtm.js&eid=3&tc=1&tr=1rep.5rep&epr=1UA&ti=1rep.1rep&z=0
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Jul 2021 05:48:10 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-38782884-3&cv=1&v=3&t=t&pid=416618361&rv=6u0&es=1&e=gtm.dom&eid=5&tc=1&z=0
Requested by
Host: shells.systems
URL: https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Jul 2021 05:48:10 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-38782884-3&cv=1&v=3&t=t&pid=416618361&rv=6u0&e=gtm.js&eid=3&tc=1&epr=2UA&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shells.systems/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Jul 2021 05:48:10 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| $ function| jQuery object| FOOBOX object| FooBox object| jQuery112409818850512097206 object| addComment object| thesimplest_screenReaderText object| wp object| gaplugins object| gaGlobal object| gaData object| twemoji object| ak_js object| commentForm undefined| replyRowContainer undefined| children

3 Cookies

Domain/Path Name / Value
.shells.systems/ Name: _gat_gtag_UA_38782884_3
Value: 1
.shells.systems/ Name: _gid
Value: GA1.2.958155758.1625377691
.shells.systems/ Name: _ga
Value: GA1.2.1704197045.1625377691

1 Console Messages

Source Level URL
Text
console-api log URL: https://shells.systems/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
s.w.org
secure.gravatar.com
shells.systems
www.google-analytics.com
www.googletagmanager.com
192.0.77.48
2606:4700:3031::ac43:ac54
2a00:1450:4001:802::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200e
2a04:fa87:fffe::c000:4902
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
0867ad8d4e8eceabd5341f66d487d1b1502b90c7bfb4a7c5ba2f47355eadda8c
0b5d2316a8bd48559cecdf09bed4b709f5c16cc8a72b2f70d55c42995889f6e8
0cf988e003e16e326c65d8566a6d4bc2a8d28056f9dec6e5d4ca292ea7e3c6a0
0e73b6b648c5083d05a0fb212f636878a447987e1dc5c575dbba15c57d324fcc
11b4233de9d76ea2f64cd4bf394b7a27e3193fc4d1af0ead8ae6b526c6f2dc46
12dcf6ebd5203b324cc80416d081ca3a1792f7f4a112165a3ccdb7f2d6a0cc47
14973b04e490ad94070348aadccd97c9c5aab6f6917672f689f9428c90968ffe
18d4c1aab6d663efac1e3d211ec631fee2cf8729d83581e4a67244fea45581a9
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1b6d3b4e18521f7face1ea0084b59eb21576d63b8e9d7a7f7030e4c437558416
1dc069f4d6cff469d78caf3e72c52612a7e62c0ab9da14b63ec2e2a4bb7a0db8
1f592c1248f3224a2adddaa84e9ec8c8e7ed7a7bcf0913e658534eeb1dd5fe00
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2e284cde35ecef32348b6fe06e9b93f163be2efe3039a139dc3adf5eb9af6abf
31f6e140402fc3b6af8bed985c8be77cb43b5a610e12ff983acc2db15c3ee951
39c9a5c585e5f246f0e67b8ac322c55f20fef546a5bb59a595fa686915c2bcd3
3b83dae16d672e3cd393dfb82971d6d4be64059bf7bad332ba03e03433ce2a55
3ebf5c9fe428c668e42a42c1fee0f0c347aa7893ac09efc7bdbf0c7f3bb35348
41478e547c5b6ad66bfcf91ead5350fa0bc247956c3ff912020327e3e9ad0d2b
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
440668e55c77ff1367559cc3e2558f01f6210ea6f3d4563d1b58f673697544c2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a055b9901809f135b6b428de9b5c82cfde2a22702c6c978c331dbcf8699e76c
4e41fc078e4a5afe2e456aac799ae277333aff7cf303521da0256c7a26303195
4ee6a76c14e137611dbf6ee29a784dbb9e3867e5c43b7d5b3c5862857e9a7af2
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5772eafc1489da4b3cdc77940e53a0c73d446c6483b8bdfaf4b3e857d3b1dd7f
57a96eb1ccacae26e452d6e147fb29ca8ca20ce183970a3a4fb5febf8662fcc7
5d0cebc81c9ee202ce8283fda81175b1b2e333c17a74cbfeb27ad12ca7104550
608c34a8a593eb8567534306f313bece8e821a39c98b48347b6eefd94c46d54d
60e7158cf77f49025e6e2e3a2ed612bff99b0df552f76999a91b2f2fd1e9cb9e
6875d9898e1fb48eaa7d89dbcec7ebb97fcde45ed039f1404462a449e3d76fe4
6ae116d4bcb7aced6dbf8c99d391366a6179614c15a0ae9fb2738e448c6c9859
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be28f4d6f3270e10c80e34ef56dbb5af08b117d9190ec6ff096a8e9e3d80dd7
6ea0e87097b8f57aae4064f73dd546468342085a97121933a97625a4095223dd
6f8991190f3940fcd63fe8d4a86b8a3cc84428128570ada04b0c3588f2c9d560
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79d34f6c461f2e00d3f0ed9f24fe5bdd440711e1f7f82f20f5effa1c8e506673
7f2a4e450fb6a3a7e7af98e0072c481dd86737e131e357c772a48ea7269d42a1
82218cbd84afa1247ca95ba7fa342c17ef684eba3fff24c1a6fceecbc45054fe
82c21be4e6a67e1526b608949b97ce42ef663f8b94a360ac746d331f40e3b715
874c84fd5d02f62f5f6bffd69f9eb9793448bf963d7bbe63edf3d276dfeb7f7a
8879c7fe64d3f6901d48a8f6a91f1ded556909fd68e7a85d83cb7d17f0c566ae
8ca8a4feeb61ae9e7c5b6dc7a7918cf9c214c601be52f73231bb20cec8861c00
8e16c7335e2737db6bd7eefed983d4c75db1439e10871af7f087ecd5a85c2541
9255717d09fe84067875469ba2c8c45cfe0123aa652932a04fd3a301f2724fde
95f6b4fab4df4e847860e04ff69ae2a45ca47901d8f6a51ba312cebe83d5491d
9a64ffe9e67264afacf4ca93e8f91c311220780fe54fa4f5d6416723ad58536c
9f196378d0543661dba0087795105e80410e33f2fe9dfd36be8088eff41040c5
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b0e3444bc5a95919dc1fb5917caf11fe46b38c34f095cd4b88f8b72ed1e7f519
b1064fb38e97c6ee6f364b4cf6fedd81de34aec8fe6e0f7674ddadf86f1e48b0
b3b7cb6b1320371fc8d00471d882b7d82fcb7af7cc50a879abe0f6e0c4740dfd
b7dd37e8ef6b0e0332fe064ce794ae608aea1bdf0df2e77c1c589f9b9de3d14a
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
ba3ad91dbf899ece21edf00118d1a44e0d6164393350795dbf1529033a870b1d
bdfc170829d6d6b4bbdd1aae20223c8e87587c4d6def73458b1e9947dcc9ea30
ca046ace61b069a2d0eab53e8c8bf2e69b5b7f0efcb7f69e40842cbec5585e80
ca1dfcad1108ff8b71f22a462bf8348b6ff1335c1e0bb8de940ec067a2364bc5
cf53c52576f3900650a63f8e606c4c85ba827b6b821b9e1b7c2e40cbea336646
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d71cd347ffbb81c03835a2dff58a7e9b93e4a43b07c98b614e0d919ccf9367ed
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d8b6d2540d3878c45487e96a279421db48ec447cc9064a61fefe70e49d0ab464
e08d05512916a7a4af2fd65561626fc6967c0e4fdd0218131746166ed8cb0940
e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
ec2fbf6ad4d8232be48bb2b8ed5ae7ea0d9970a27dfaefc9a35f0cbdae99ddfa
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
f4acbda01d9d76f1eb7e7478f073eb3c4aa18f5918f3a4887cce4edc6c8d4e4c
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fba437f546c3cda86cc26b9eaac08e7fb6d9fcf13851abf04e3b583718e147b3
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
ff2c8b7ae6e71bf8b4f32f5f53ff740d30d73a6d912199ddd74074ed4e505eb0