themuddyhoof.co.uk Open in urlscan Pro
69.49.230.31  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response themuddyhoof.co.uk/secure-file/File-4635284/	7 KB 7 KB	883ms 138ms	Document text/html	69.49.230.31 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.230.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS cymbells.jp.net Software Apache / Resource Hash 6b02f88fd2e3829957cc5e2822a4bdce90bcbf87ec63745edbc5b71a02c2c359 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 6673 Content-Type text/html Date Sat, 13 Aug 2022 12:03:04 GMT Keep-Alive timeout=5, max=100 Last-Modified Wed, 27 Jul 2022 19:32:32 GMT Server Apache
GET H/1.1	200 OK	ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js Show response www.ameritas.com/	248 KB 93 KB	1013ms 169ms	Script text/javascript	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js Requested by Host: themuddyhoof.co.uk URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash f701596d4e3c046c6fb33d0b9d090e80c194144820d365dbedf21ed091e5f1ad Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://themuddyhoof.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sat, 13 Aug 2022 12:03:05 GMT Content-Encoding gzip X-Content-Type-Options nosniff NEL {"report_to":"default","max_age":31536000,"include_subdomains":true} Content-Security-Policy-Report-Only default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; media-src 'self'; frame-src 'self'; form-action 'self'; base-uri 'self'; report-uri https://ameritas.report-uri.com/r/d/csp/wizard; report-to default Report-To {"group":"default","max_age":31536000,"endpoints":[{"url":"https://ameritas.report-uri.com/a/d/g"}],"include_subdomains":true} Connection keep-alive Content-Length 94141 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Server Server X-Frame-Options sameorigin Vary Accept-Encoding Strict-Transport-Security max-age=63072000; includeSubDomains Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin *.ameritas.com Cache-Control public, max-age=3600, public Permissions-Policy accelerometer=(),camera=(),fullscreen=(self),geolocation=(),microphone=(),payment=(),sync-xhr=(self) X-Correlation-ID i1X-HVVN-WrLk Expires Sat, 13 Aug 2022 13:03:05 GMT
GET H/1.1	200 OK	bootstrap.min.css www.ameritas.com/include/css/	118 KB 29 KB	1041ms 197ms	Stylesheet text/css	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/css/bootstrap.min.css Requested by Host: themuddyhoof.co.uk URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://themuddyhoof.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sat, 13 Aug 2022 12:03:06 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="567159024" Content-Length 27676 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 12 May 2017 17:55:10 GMT Server Server X-Frame-Options SAMEORIGIN ETag "0d3c2e548cbd21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID bMt-6ayH-l92M Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	font-awesome.min.css www.ameritas.com/include/css/	30 KB 10 KB	1028ms 185ms	Stylesheet text/css	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/css/font-awesome.min.css Requested by Host: themuddyhoof.co.uk URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://themuddyhoof.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sat, 13 Aug 2022 12:03:06 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="-1900243327" Content-Length 8332 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 12 May 2017 17:55:10 GMT Server Server X-Frame-Options SAMEORIGIN ETag "0d3c2e548cbd21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID dtB-mMCr-Fhga Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	bootstrap-table.min.css www.ameritas.com/include/css/	6 KB 4 KB	1035ms 192ms	Stylesheet text/css	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/css/bootstrap-table.min.css Requested by Host: themuddyhoof.co.uk URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash caa21e230bb6013532eec8e448b2e0be1c4d16808fdd9bd25395e3c602e75609 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://themuddyhoof.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sat, 13 Aug 2022 12:03:06 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="-675670142" Content-Length 2225 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 12 May 2017 17:55:10 GMT Server Server X-Frame-Options SAMEORIGIN ETag "0d3c2e548cbd21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID f0r-7Mqc-uLrL Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	style_alic.css www.ameritas.com/include/resources/	70 KB 46 KB	1043ms 200ms	Stylesheet text/css	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/resources/style_alic.css Requested by Host: themuddyhoof.co.uk URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash ff6b79f4f2bc6efdf85009b786853ed86c694b5065dc23126b99b902b5438e6e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://themuddyhoof.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sat, 13 Aug 2022 12:03:06 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="185060085" Content-Length 44650 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 11 Aug 2017 20:22:30 GMT Server Server X-Frame-Options SAMEORIGIN ETag "07678edf12d31:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID ekn-kZ4K-AUOp Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	ameritas.css www.ameritas.com/include/resources/	280 B 2 KB	1046ms 203ms	Stylesheet text/css	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/resources/ameritas.css Requested by Host: themuddyhoof.co.uk URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash c8aea846f85981c62eae80293a80dc4d857746c7fffd5045a78eb5c499d9ff3b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://themuddyhoof.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sat, 13 Aug 2022 12:03:06 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="-52000768" Content-Length 317 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Tue, 13 Jun 2017 13:43:22 GMT Server Server X-Frame-Options SAMEORIGIN ETag "0f9e854be4d21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID dnW-rxTb-JnrY Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	jquery.min.js Show response www.ameritas.com/include/js/	85 KB 40 KB	1224ms 193ms	Script application/javascript	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/js/jquery.min.js Requested by Host: themuddyhoof.co.uk URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://themuddyhoof.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sat, 13 Aug 2022 12:03:06 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="292240763" Content-Length 38743 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 12 May 2017 17:55:12 GMT Server Server X-Frame-Options SAMEORIGIN ETag "00f4e648cbd21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID byI-8Y30-TvtH Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 968 B	84ms 42ms	Script text/javascript	2404:6800:4004:820::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: themuddyhoof.co.uk URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f6e9ee48b359abb3b8bef3f5999455ad94042ece3154a2fd44e4f7e3eaec8047 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://themuddyhoof.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 12:03:06 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 555 x-xss-protection 1; mode=block expires Sat, 13 Aug 2022 12:03:06 GMT
GET H2	200	800px-Logo_Microsoft_Office_365_(2013-2019).svg.png upload.wikimedia.org/wikipedia/commons/thumb/c/c3/Logo_Microsoft_Office_365_(2013-2019).svg/	19 KB 21 KB	455ms 156ms	Image image/png	2001:df2:e500:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/thumb/c/c3/Logo_Microsoft_Office_365_(2013-2019).svg/800px-Logo_Microsoft_Office_365_(2013-2019).svg.png?20190416222239 Requested by Host: themuddyhoof.co.uk URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:df2:e500:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/8.0.8 / Resource Hash bf061b90dd20707fd3d8c6e023196954c4b64ad8988e6afbecb05aefa86088f7 Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload Request headers accept-language jp-JP,jp;q=0.9 Referer https://themuddyhoof.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 08:03:52 GMT nel { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0} age 14353 x-cache-status hit-front x-cache cp5004 miss, cp5005 hit/1 content-disposition inline;filename*=UTF-8''Logo_Microsoft_Office_365_%282013-2019%29.svg.png server-timing cache;desc="hit-front", host;desc="cp5005" content-length 19907 x-client-ip 2001:ac8:40:b5::5e accept-ranges bytes last-modified Sun, 28 Mar 2021 16:46:32 GMT server ATS/8.0.8 etag 0c14ba580ad7dd31a188dda3b370c3df strict-transport-security max-age=106384710; includeSubDomains; preload report-to { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache permissions-policy interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org") accept-ch Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version timing-allow-origin *
GET H/1.1	200 OK	bootstrap.min.js Show response www.ameritas.com/include/js/	36 KB 15 KB	197ms 197ms	Script application/javascript	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/js/bootstrap.min.js Requested by Host: themuddyhoof.co.uk URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://themuddyhoof.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sat, 13 Aug 2022 12:03:06 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="658269261" Content-Length 13045 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 12 May 2017 17:55:12 GMT Server Server X-Frame-Options SAMEORIGIN ETag "00f4e648cbd21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID jVj-nruI-ic5H Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET		d5af76d8-a90b-4527-b3a3-182207cc3250.woff www.ameritas.com/include/fonts/alic/	0 0
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/	383 KB 153 KB	90ms 4ms	Script text/javascript	2404:6800:4004:823::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://themuddyhoof.co.uk/ Origin https://themuddyhoof.co.uk accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 09 Aug 2022 00:05:13 GMT content-encoding gzip x-content-type-options nosniff age 388673 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 155978 x-xss-protection 0 last-modified Mon, 08 Aug 2022 08:12:45 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 09 Aug 2023 00:05:13 GMT
GET H/1.1	404 Not Found	sa-alerts Show response themuddyhoof.co.uk/wps/wcm/connect/utilities/globalitems/	315 B 515 B	138ms 138ms	XHR text/html	69.49.230.31 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://themuddyhoof.co.uk/wps/wcm/connect/utilities/globalitems/sa-alerts?srv=cmpnt&source=library&cmpntname=alert-public-alic Requested by Host: www.ameritas.com URL: https://www.ameritas.com/ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.230.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS cymbells.jp.net Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Accept text/html, */*; q=0.01 Referer https://themuddyhoof.co.uk/secure-file/File-4635284/ X-Requested-With XMLHttpRequest accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 x-dtpc -83$192186438_516h2vVRRISIFCWSLWWUMOTQHLNFEBKKQFACJK-0e0 Response headers Date Sat, 13 Aug 2022 12:03:05 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET		1d238354-d156-4dde-89ea-4770ef04b9f9.ttf www.ameritas.com/include/fonts/alic/	0 0
POST H/1.1	404 Not Found	rb_4d4e4829-fb85-4698-a437-c1b20a534b52 Show response themuddyhoof.co.uk/	315 B 515 B	138ms 138ms	XHR text/html	69.49.230.31 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://themuddyhoof.co.uk/rb_4d4e4829-fb85-4698-a437-c1b20a534b52?type=js3&sn=v_4_srv_-2D83_sn_KJEO001MU19M9UDBQOQD0H2I7EBJ6NOH&svrid=-83&flavor=post&vi=VRRISIFCWSLWWUMOTQHLNFEBKKQFACJK-0&modifiedSince=1658566041597&rf=https%3A%2F%2Fthemuddyhoof.co.uk%2Fsecure-file%2FFile-4635284%2F&bp=3&app=f6d384602f00a629&crc=3034444509&en=ebhyx2hs&end=1 Requested by Host: www.ameritas.com URL: https://www.ameritas.com/ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.230.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS cymbells.jp.net Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://themuddyhoof.co.uk/secure-file/File-4635284/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sat, 13 Aug 2022 12:03:07 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
POST H/1.1	404 Not Found	rb_4d4e4829-fb85-4698-a437-c1b20a534b52 Show response themuddyhoof.co.uk/	315 B 515 B	137ms 137ms	XHR text/html	69.49.230.31 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://themuddyhoof.co.uk/rb_4d4e4829-fb85-4698-a437-c1b20a534b52?type=js3&sn=v_4_srv_-2D83_sn_KJEO001MU19M9UDBQOQD0H2I7EBJ6NOH&svrid=-83&flavor=post&vi=VRRISIFCWSLWWUMOTQHLNFEBKKQFACJK-0&modifiedSince=1658566041597&rf=https%3A%2F%2Fthemuddyhoof.co.uk%2Fsecure-file%2FFile-4635284%2F&bp=3&app=f6d384602f00a629&crc=58878096&en=ebhyx2hs&end=1 Requested by Host: www.ameritas.com URL: https://www.ameritas.com/ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.49.230.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS cymbells.jp.net Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://themuddyhoof.co.uk/secure-file/File-4635284/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sat, 13 Aug 2022 12:03:09 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.ameritas.com

URL

https://www.ameritas.com/include/fonts/alic/d5af76d8-a90b-4527-b3a3-182207cc3250.woff

Domain

www.ameritas.com

URL

https://www.ameritas.com/include/fonts/alic/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dT_ object| dtrum function| $ function| onSubmit function| validate number| posted function| validateData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.ameritas.com/	1969-12-31 23:59:59	Name: X-Session-ID Value: 02c7026aa6-989a-44l8wlvQjg9yVkC5LmZzQ832By_h3P6DbbLYDT6ubufYk9NiW2Jjj1-FTNgcQIqv9ACnY
			.themuddyhoof.co.uk/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D83_sn_KJEO001MU19M9UDBQOQD0H2I7EBJ6NOH
			.themuddyhoof.co.uk/	1969-12-31 23:59:59	Name: rxVisitor Value: 1660392186449LFPDAS24JLUOM5O78BJI1DAIENC6EKSC
			.themuddyhoof.co.uk/	1969-12-31 23:59:59	Name: dtLatC Value: 373
			.themuddyhoof.co.uk/	1969-12-31 23:59:59	Name: dtSa Value: -
			.themuddyhoof.co.uk/	1969-12-31 23:59:59	Name: rxvt Value: 1660393987560|1660392186453
			.themuddyhoof.co.uk/	1969-12-31 23:59:59	Name: dtPC Value: -83$192186438_516h-vVRRISIFCWSLWWUMOTQHLNFEBKKQFACJK-0e0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://themuddyhoof.co.uk/wps/wcm/connect/utilities/globalitems/sa-alerts?srv=cmpnt&source=library&cmpntname=alert-public-alic Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Message: Access to font at 'https://www.ameritas.com/include/fonts/alic/d5af76d8-a90b-4527-b3a3-182207cc3250.woff' from origin 'https://themuddyhoof.co.uk' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values '"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com', but only one is allowed.
network	error	URL: https://www.ameritas.com/include/fonts/alic/d5af76d8-a90b-4527-b3a3-182207cc3250.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://themuddyhoof.co.uk/secure-file/File-4635284/ Message: Access to font at 'https://www.ameritas.com/include/fonts/alic/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf' from origin 'https://themuddyhoof.co.uk' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values '"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com', but only one is allowed.
network	error	URL: https://www.ameritas.com/include/fonts/alic/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://themuddyhoof.co.uk/rb_4d4e4829-fb85-4698-a437-c1b20a534b52?type=js3&sn=v_4_srv_-2D83_sn_KJEO001MU19M9UDBQOQD0H2I7EBJ6NOH&svrid=-83&flavor=post&vi=VRRISIFCWSLWWUMOTQHLNFEBKKQFACJK-0&modifiedSince=1658566041597&rf=https%3A%2F%2Fthemuddyhoof.co.uk%2Fsecure-file%2FFile-4635284%2F&bp=3&app=f6d384602f00a629&crc=3034444509&en=ebhyx2hs&end=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://themuddyhoof.co.uk/rb_4d4e4829-fb85-4698-a437-c1b20a534b52?type=js3&sn=v_4_srv_-2D83_sn_KJEO001MU19M9UDBQOQD0H2I7EBJ6NOH&svrid=-83&flavor=post&vi=VRRISIFCWSLWWUMOTQHLNFEBKKQFACJK-0&modifiedSince=1658566041597&rf=https%3A%2F%2Fthemuddyhoof.co.uk%2Fsecure-file%2FFile-4635284%2F&bp=3&app=f6d384602f00a629&crc=58878096&en=ebhyx2hs&end=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

themuddyhoof.co.uk
upload.wikimedia.org
www.ameritas.com
www.google.com
www.gstatic.com
www.ameritas.com
2001:df2:e500:ed1a::2:b
2404:6800:4004:820::2004
2404:6800:4004:823::2003
69.12.28.22
69.49.230.31
18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6b02f88fd2e3829957cc5e2822a4bdce90bcbf87ec63745edbc5b71a02c2c359
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
bf061b90dd20707fd3d8c6e023196954c4b64ad8988e6afbecb05aefa86088f7
c8aea846f85981c62eae80293a80dc4d857746c7fffd5045a78eb5c499d9ff3b
caa21e230bb6013532eec8e448b2e0be1c4d16808fdd9bd25395e3c602e75609
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
f6e9ee48b359abb3b8bef3f5999455ad94042ece3154a2fd44e4f7e3eaec8047
f701596d4e3c046c6fb33d0b9d090e80c194144820d365dbedf21ed091e5f1ad
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff6b79f4f2bc6efdf85009b786853ed86c694b5065dc23126b99b902b5438e6e