Report - ww12.axg2ywjul.xyz/?usid=20&utid=13658182141

Report Overview

Visited public
2024-12-19 09:38:57
Tags
URL
ww12.axg2ywjul.xyz/?usid=20&utid=13658182141
Finishing URL
ww12.axg2ywjul.xyz/?usid=20&utid=13658182141
IP / ASN
76.223.26.96
#16509 AMAZON-02
Title
axg2ywjul.xyz

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
syndicatedsearch.goog	unknown	2023-04-14	2023-09-25	2024-12-18	3.5 kB	71 kB	172.217.21.174
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2024-12-18	977 B	2.1 kB	142.250.74.129
d38psrni17bvxu.cloudfront.net	unknown	2008-04-25	2022-09-22	2024-12-18	481 B	12 kB	108.157.217.21
www.google.com	7	1997-09-15	2015-05-10	2024-12-18	435 B	148 kB	142.250.74.100
euob.netgreencolumn.com	unknown	2022-08-01	2023-10-21	2024-12-17	442 B	39 kB	54.240.174.99
ww12.axg2ywjul.xyz	unknown	2023-07-03	2024-08-04	2024-12-05	2.8 kB	30 kB	76.223.26.96
parking3.parklogic.com	unknown	2007-02-28	2023-05-10	2024-12-18	1.0 kB	3.1 kB	170.187.143.93
obseu.netgreencolumn.com	unknown	2022-08-01	2023-10-21	2024-12-17	5.4 kB	3.4 kB	54.75.69.192

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-12-19 09:38:33	low	54.75.69.192	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	ww12.axg2ywjul.xyz/?usid=20&utid=13658182141	ScriptElement	968 B	2023-03-08	2025-06-18
Pretty URL ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:24 Last Seen2025-06-18 04:52 Times Seen96607 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	ww12.axg2ywjul.xyz/?usid=20&utid=13658182141	ScriptElement	7.9 kB	2024-12-19	2024-12-19
Pretty URL ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-19 09:38 Last Seen2024-12-19 09:38 Times Seen1 Hash 3c1d5bc0355a010896aa8f3dd04b14f0 08556d1cb4a6894d2b6f677892f0d1d0b9c4987f a8f8a80b0e9b552024c0ef164b58c4947eaaf2169687ebb00f7524e5e6c85e5a Loading...

	ww12.axg2ywjul.xyz/?usid=20&utid=13658182141	ScriptElement	669 B	2024-12-19	2024-12-19
Pretty URL ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-19 09:38 Last Seen2024-12-19 09:38 Times Seen1 Hash f1851617c835fcca13a56bc91ecec465 c2ff296dcaeff8e4becef96a3d941ec4ba84860f fb8c77d0557bbcff33ff0d80489be414eb1a560109038c4be33796df19b583bc Loading...

	euob.netgreencolumn.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js	ScriptElement	107 kB	2024-12-18	2024-12-20
Pretty URL euob.netgreencolumn.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js IP 54.240.174.99 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-18 12:13 Last Seen2024-12-20 23:36 Times Seen909 Hash 0860061f14f3ff03e13b972836459b26 5860eada2fc18b2043dda45d0f97b32c8f5cdbe4 27ffe454f22660ecb1d424219321dd8aaac242dc26512651945ce8765cf2c403 Loading...

	parking3.parklogic.com/page/enhance.js?pcId=12&domain=axg2ywjul.xyz	ScriptElement	2.3 kB	2024-12-19	2024-12-19
Pretty URL parking3.parklogic.com/page/enhance.js?pcId=12&domain=axg2ywjul.xyz IP 170.187.143.93 ASN #63949 Akamai Connected Cloud Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-19 02:29 Last Seen2024-12-19 23:29 Times Seen3 Hash 44ac63ca6f0c18e875fe276f92c099ec c5f975a1910921e31cf55a5a26eb9de0af3cee49 7a27f87147cb9a334e3783e8f0695cbfd47f9329e974beebb1b082c8459f6520 Loading...

	syndicatedsearch.goog/afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDMsYnVja2V0MDc3fHx8fHx8Njc2M2U5OTg1MzcyNHx8fDE3MzQ2MDExMTIuMzYzOXw5N2MxMTYxMTVhMTcwMWFhMjRiNjVkYzM5M2JmYzU4MzY0Y2RmMGFjfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHxaSEF0ZEdWaGJXbHVkR1Z5Ym1WME1EUmZNM0JvfGQ4MmYzNjFmYmYxYTJjZGI5NWNmNzZkYzY3MzEwM2Q2M2VlZTU3YmR8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyZTA0OTIyM2ZjNGJjMDQ2Nzg0MTkyNDc4NjBmYWU4NGZjZDQ0YmYyfDB8ZHAtdGVhbWludGVybmV0MDRfM3BofDB8MHx8fHw%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=2091734601113516&num=0&output=afd_ads&domain_name=ww12.axg2ywjul.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1734601113518&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fusid%3D20%26utid%3D13658182141	ScriptElement	871 B	2024-12-19	2024-12-19
Pretty URL syndicatedsearch.goog/afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDMsYnVja2V0MDc3fHx8fHx8Njc2M2U5OTg1MzcyNHx8fDE3MzQ2MDExMTIuMzYzOXw5N2MxMTYxMTVhMTcwMWFhMjRiNjVkYzM5M2JmYzU4MzY0Y2RmMGFjfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHxaSEF0ZEdWaGJXbHVkR1Z5Ym1WME1EUmZNM0JvfGQ4MmYzNjFmYmYxYTJjZGI5NWNmNzZkYzY3MzEwM2Q2M2VlZTU3YmR8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyZTA0OTIyM2ZjNGJjMDQ2Nzg0MTkyNDc4NjBmYWU4NGZjZDQ0YmYyfDB8ZHAtdGVhbWludGVybmV0MDRfM3BofDB8MHx8fHw%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=2091734601113516&num=0&output=afd_ads&domain_name=ww12.axg2ywjul.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1734601113518&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fusid%3D20%26utid%3D13658182141 IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-19 09:38 Last Seen2024-12-19 09:38 Times Seen1 Hash 9877365d52a0c03f22a6839473532edd 435dbcf9386bece0a98c3bc7774504045997579e 43d859f48e899a3800f6949d898f720e12f54c942f64d760f4e199a2bfbf6f84 Loading...

	syndicatedsearch.goog/adsense/domains/caf.js	ScriptElement	147 kB	2024-12-12	2025-01-08
Pretty URL syndicatedsearch.goog/adsense/domains/caf.js IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 23:21 Last Seen2025-01-08 16:41 Times Seen1992 Hash 5c2922039da0f64eac7904b0dfa46574 fd7b5b2f640d8dc71cc974bfc38b3b66eba62c15 b9a0f443f6e522b92409b3d3073b18349fab37718e477ff09e1c35e680cc4907 Loading...

	ww12.axg2ywjul.xyz/?usid=20&utid=13658182141	ScriptElement	40 B	2024-05-06	2025-02-18
Pretty URL ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-06 14:00 Last Seen2025-02-18 15:14 Times Seen28582 Hash 53d0dd97ba61304ca54789b815e61272 6c736ccfa75ef3781c16c50a7734b7e48e13627b bf501fe693bbbfdd3cc98546a1aad9f6111ac826f59ef1ee37da5101497dc9b7 Loading...

	ww12.axg2ywjul.xyz/?usid=20&utid=13658182141	ScriptElement	483 B	2024-01-04	2025-06-18
Pretty URL ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-04 10:26 Last Seen2025-06-18 04:52 Times Seen93603 Hash 18f2edc58d8a7b9e6b82454e8658c157 e5dfdd0fa61b3a5ef68dab382a0ba93e9e7b67fb 2d9b07a0704d92dda4deae88bc582aeb659923c8d44d0e7362e13cb28d88d250 Loading...

	www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true	ScriptElement	147 kB	2024-12-13	2025-01-09
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 03:39 Last Seen2025-01-09 18:40 Times Seen257 Hash a6382fcb85727be00d4a36a4e4ad29eb 5e4ed17a42f9ff390c9e9bd70332ec8736d0c848 c2d3bbd3a63731a11fce565c3eccade1d7527bb29391102b7742daa71ce86009 Loading...

	ww12.axg2ywjul.xyz/?usid=20&utid=13658182141	ScriptElement	50 B	2024-01-04	2025-06-18
Pretty URL ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-04 10:26 Last Seen2025-06-18 04:52 Times Seen93492 Hash 1b334e0123cf0cb113092022fb726782 45abb42a6680499daa10d83d2859329de1843de2 42591f96b9a41a7e2e5ecd0240dd7fecdcf03ef8454b57c68f08697474a4b579 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b326b5062b2f0e69046810717534cb09	4 B	2023-03-07 01:03	2025-06-18 04:52
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-06-18 04:52 Times Seen116896 Hash b326b5062b2f0e69046810717534cb09 5ffe533b830f08a0326348a9160afafc8ada44db b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b Loading...

	#2 Eval - e5d8c139688b25ef77b263d88ea99150	7 B	2023-03-07 01:20	2025-06-18 04:52
Pretty Observations First Seen2023-03-07 01:20 Last Seen2025-06-18 04:52 Times Seen108732 Hash e5d8c139688b25ef77b263d88ea99150 7abc9c61c4966543f66d150c0155bfac575f86a7 53e5f34ac520035c7f124076d1e68c70a85c83cf68a339fa713b872b54126148 Loading...

	#3 Eval - 889ca9e2c79a3ce7aaadbcdfd0ce4ef5	62 B	2023-03-07 01:20	2025-06-18 04:52
Pretty Observations First Seen2023-03-07 01:20 Last Seen2025-06-18 04:52 Times Seen108688 Hash 889ca9e2c79a3ce7aaadbcdfd0ce4ef5 b05c2c051bae71f80cb8c289e5a42d4f96d323fa 6477acf082d26199b6ce8346b93149b1b999233d9fe76b0340ebf43317cf98f8 Loading...

	#4 Eval - 6559111e4eae643ce013ce0821e91a02	25 B	2023-03-07 01:20	2025-06-18 04:52
Pretty Observations First Seen2023-03-07 01:20 Last Seen2025-06-18 04:52 Times Seen108654 Hash 6559111e4eae643ce013ce0821e91a02 fa1086c9aa2cb2d14f5c13bceefe21511bcdae5a d72255f7e5ea4dfdf9821df800356367d0bc7df07ecd103bb660018cb1e4f400 Loading...

HTTP Transactions (23)

	URL	IP	Response	Size
	euob.netgreencolumn.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js	54.240.174.99	200 OK	39 kB
URL GET HTTP/2 euob.netgreencolumn.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js IP 54.240.174.99:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerAmazon Subject.netgreencolumn.com Fingerprint37:0F:62:6F:89:67:64:A4:86:1E:1B:D0:1E:E4:8C:2D:D5:7E:D4:0B ValidityTue, 18 Jun 2024 00:00:00 GMT - Thu, 17 Jul 2025 23:59:59 GMT File type data Size 39 kB (38917 bytes) Hash 0860061f14f3ff03e13b972836459b26 5860eada2fc18b2043dda45d0f97b32c8f5cdbe4 27ffe454f22660ecb1d424219321dd8aaac242dc26512651945ce8765cf2c403 HTTP Headers `GET /sxp/i/c4601e5f6cdd73216cafdd5af209201c.js HTTP/1.1 Host: euob.netgreencolumn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript; charset=utf-8 content-length: 38917 content-encoding: gzip server: Caddy date: Wed, 18 Dec 2024 23:36:42 GMT cache-control: max-age=43200 expires: Thu, 19 Dec 2024 11:36:38 GMT etag: "1a089-WGDq2i/BiyBD3aRdD5ezLI9c2+Q" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: HYIaDCxNNvjB9F4r4S30hEctr5H6rxwrUW-63tqaUwXQQF_eqzpRdA== age: 36114 X-Firefox-Spdy: h2

	ww12.axg2ywjul.xyz/favicon.ico	76.223.26.96	200 OK	0 B
URL GET HTTP/2 ww12.axg2ywjul.xyz/favicon.ico IP 76.223.26.96:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerLet's Encrypt Subjectww12.axg2ywjul.xyz Fingerprint32:38:50:C2:1E:75:09:D3:5A:FF:13:19:42:A0:38:4B:BB:24:3F:84 ValidityThu, 28 Nov 2024 07:47:16 GMT - Wed, 26 Feb 2025 07:47:15 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: ww12.axg2ywjul.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK accept-ranges: bytes alt-svc: h3=":50944"; ma=2592000 content-type: image/x-icon date: Thu, 19 Dec 2024 09:38:33 GMT etag: "670f7248-0" last-modified: Wed, 16 Oct 2024 07:59:04 GMT server: Caddy, nginx content-length: 0 X-Firefox-Spdy: h2`

	ww12.axg2ywjul.xyz/track.php?domain=axg2ywjul.xyz&toggle=browserjs&uid=MTczNDYwMTExMi4zNDE5Ojc2YTQ1YWI2MjNkYzJmNmRjYjI0MWQ2OTY5NTc3ZGY2MjhiNmZmN2EzMTVmZDhmYTA5OTYwNWUxMjY3OTk1ODg6Njc2M2U5OTg1Mzc3MQ%3D%3D	76.223.26.96	200 OK	11 kB
URL GET HTTP/2 ww12.axg2ywjul.xyz/track.php?domain=axg2ywjul.xyz&toggle=browserjs&uid=MTczNDYwMTExMi4zNDE5Ojc2YTQ1YWI2MjNkYzJmNmRjYjI0MWQ2OTY5NTc3ZGY2MjhiNmZmN2EzMTVmZDhmYTA5OTYwNWUxMjY3OTk1ODg6Njc2M2U5OTg1Mzc3MQ%3D%3D IP 76.223.26.96:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerLet's Encrypt Subjectww12.axg2ywjul.xyz Fingerprint32:38:50:C2:1E:75:09:D3:5A:FF:13:19:42:A0:38:4B:BB:24:3F:84 ValidityThu, 28 Nov 2024 07:47:16 GMT - Wed, 26 Feb 2025 07:47:15 GMT File type gzip compressed data, max speed, from Unix Size 11 kB (11395 bytes) Hash 8feec8bd8c5937092f7d8abb36fcfed5 7749bd3d7052a59a8cd3f43c95db719cbfe9a035 7480f34591cf0b7fbab5546194b2d1bc83ac4f1a290ed640a64d2f4f379bae04 HTTP Headers GET /track.php?domain=axg2ywjul.xyz&toggle=browserjs&uid=MTczNDYwMTExMi4zNDE5Ojc2YTQ1YWI2MjNkYzJmNmRjYjI0MWQ2OTY5NTc3ZGY2MjhiNmZmN2EzMTVmZDhmYTA5OTYwNWUxMjY3OTk1ODg6Njc2M2U5OTg1Mzc3MQ%3D%3D HTTP/1.1 Host: ww12.axg2ywjul.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile accept-ch-lifetime: 30 access-control-allow-origin: * alt-svc: h3=":50944"; ma=2592000 content-encoding: gzip content-type: text/html; charset=UTF-8 date: Thu, 19 Dec 2024 09:38:33 GMT server: Caddy, nginx vary: Accept-Encoding x-custom-track: browserjs X-Firefox-Spdy: h2`

	parking3.parklogic.com/page/scribe.php?pcId=12&domain=axg2ywjul.xyz&pId=2447&usid=20&utid=13658182141&query=null&domainJs=ww12.axg2ywjul.xyz&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null	170.187.143.93	200 OK	492 B
URL GET HTTP/2 parking3.parklogic.com/page/scribe.php?pcId=12&domain=axg2ywjul.xyz&pId=2447&usid=20&utid=13658182141&query=null&domainJs=ww12.axg2ywjul.xyz&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null IP 170.187.143.93:443 ASN #63949 Akamai Connected Cloud Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerSectigo Limited Subject.parklogic.com FingerprintA5:25:E3:1A:B4:C8:32:BD:0D:BA:C8:B4:19:22:F9:75:D4:D3:88:3F ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT File type gzip compressed data, max speed, from Unix Size 492 B (492 bytes) Hash 5a39081199592034cc007791cf6e827d 6ea0bf782c1d05e96f72e5a817ded42040a20cd2 9acc249da372c9e2fad6a12232244bb51b139b10d759ae1ec841be840d48e1ee HTTP Headers GET /page/scribe.php?pcId=12&domain=axg2ywjul.xyz&pId=2447&usid=20&utid=13658182141&query=null&domainJs=ww12.axg2ywjul.xyz&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null HTTP/1.1 Host: parking3.parklogic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ww12.axg2ywjul.xyz/ Origin: https://ww12.axg2ywjul.xyz DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 19 Dec 2024 09:38:33 GMT content-type: text/html; charset=UTF-8 access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2`

	obseu.netgreencolumn.com/ct	54.75.69.192	200 OK	1.1 kB
URL POST HTTP/2 obseu.netgreencolumn.com/ct IP 54.75.69.192:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerZeroSSL Subject.netgreencolumn.com FingerprintA9:B5:E3:B5:6F:A5:EB:77:45:F5:40:42:76:3A:DF:E2:AF:62:7C:1B ValidityTue, 17 Dec 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT File type JSON text data Size 1.1 kB (1119 bytes) Hash efbd609369111389553fff9d87093306 bd35b5ff6ce1bd12a0f8422037562c237711ea56 817043959080f987fec1c46752fd848acc3264821059c19b9eb50f338c64f18f HTTP Headers `POST /ct HTTP/1.1 Host: obseu.netgreencolumn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 4178 Origin: https://ww12.axg2ywjul.xyz DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK access-control-allow-credentials: true access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin: https://ww12.axg2ywjul.xyz cache-control: no-cache, no-store, must-revalidate content-encoding: gzip content-type: application/json date: Thu, 19 Dec 2024 09:38:33 GMT expires: Fri, 01 Jan 1990 00:00:00 GMT pragma: no-cache set-cookie: cg_uuid=521df612d80ae3351adac5ac1c950c6d; Max-Age=29030400; Path=/; Expires=Thu, 20 Nov 2025 09:38:33 GMT; HttpOnly; Secure; SameSite=None timing-allow-origin: https://ww12.axg2ywjul.xyz content-length: 1119 X-Firefox-Spdy: h2

	syndicatedsearch.goog/afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDMsYnVja2V0MDc3fHx8fHx8Njc2M2U5OTg1MzcyNHx8fDE3MzQ2MDExMTIuMzYzOXw5N2MxMTYxMTVhMTcwMWFhMjRiNjVkYzM5M2JmYzU4MzY0Y2RmMGFjfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHxaSEF0ZEdWaGJXbHVkR1Z5Ym1WME1EUmZNM0JvfGQ4MmYzNjFmYmYxYTJjZGI5NWNmNzZkYzY3MzEwM2Q2M2VlZTU3YmR8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyZTA0OTIyM2ZjNGJjMDQ2Nzg0MTkyNDc4NjBmYWU4NGZjZDQ0YmYyfDB8ZHAtdGVhbWludGVybmV0MDRfM3BofDB8MHx8fHw%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=2091734601113516&num=0&output=afd_ads&domain_name=ww12.axg2ywjul.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1734601113518&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fusid%3D20%26utid%3D13658182141	172.217.21.174	200 OK	3.3 kB
URL GET HTTP/2 syndicatedsearch.goog/afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDMsYnVja2V0MDc3fHx8fHx8Njc2M2U5OTg1MzcyNHx8fDE3MzQ2MDExMTIuMzYzOXw5N2MxMTYxMTVhMTcwMWFhMjRiNjVkYzM5M2JmYzU4MzY0Y2RmMGFjfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHxaSEF0ZEdWaGJXbHVkR1Z5Ym1WME1EUmZNM0JvfGQ4MmYzNjFmYmYxYTJjZGI5NWNmNzZkYzY3MzEwM2Q2M2VlZTU3YmR8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyZTA0OTIyM2ZjNGJjMDQ2Nzg0MTkyNDc4NjBmYWU4NGZjZDQ0YmYyfDB8ZHAtdGVhbWludGVybmV0MDRfM3BofDB8MHx8fHw%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=2091734601113516&num=0&output=afd_ads&domain_name=ww12.axg2ywjul.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1734601113518&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fusid%3D20%26utid%3D13658182141 IP 172.217.21.174:443 ASN #15169 GOOGLE Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint58:3D:9C:C1:AD:FF:DB:76:C6:A2:47:40:3C:B0:40:4D:0E:9E:28:A8 ValidityMon, 04 Nov 2024 08:40:55 GMT - Mon, 27 Jan 2025 08:40:54 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (14303) Size 3.3 kB (3251 bytes) Hash 1d864cb89e573c1968aaa1ba46a13021 0e26e9967e106722a5fd0280ac50d9279847b5a7 bb408a4ee6a3193c29239fff390c50be06efbed801eaa4d9aeb40eecdf7db0a5 HTTP Headers GET /afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDMsYnVja2V0MDc3fHx8fHx8Njc2M2U5OTg1MzcyNHx8fDE3MzQ2MDExMTIuMzYzOXw5N2MxMTYxMTVhMTcwMWFhMjRiNjVkYzM5M2JmYzU4MzY0Y2RmMGFjfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHxaSEF0ZEdWaGJXbHVkR1Z5Ym1WME1EUmZNM0JvfGQ4MmYzNjFmYmYxYTJjZGI5NWNmNzZkYzY3MzEwM2Q2M2VlZTU3YmR8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyZTA0OTIyM2ZjNGJjMDQ2Nzg0MTkyNDc4NjBmYWU4NGZjZDQ0YmYyfDB8ZHAtdGVhbWludGVybmV0MDRfM3BofDB8MHx8fHw%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=2091734601113516&num=0&output=afd_ads&domain_name=ww12.axg2ywjul.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1734601113518&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fusid%3D20%26utid%3D13658182141 HTTP/1.1 Host: syndicatedsearch.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Thu, 19 Dec 2024 09:38:33 GMT expires: Thu, 19 Dec 2024 09:38:33 GMT cache-control: private, max-age=3600 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-vxmtw_QK4V6uX3LG0QB0CA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-encoding: br server: gws content-length: 3251 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	obseu.netgreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001269eac135eb468b9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d59168a6f2617071a10acf9f29f674c8082dd512a3e19aa707755d238dc67c6556454709603535e660d5ac6ed6d1b77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a3704b7b27df82282288d55d1d2a47745409a78e2b337905a5f84f788af8a028c4f247604379b9aca6939974b6c1cc1fa90a8e522c3a89acdaf6fc2b8f9ba56a952d5f99aecb655f4cb23d71e0d95e7be19db82ddb0bfd46a4c15c9b1bc6ce7cc23d3d979125d96191c0f4e1dbbaf1132bea3df4eeab6a0e6aaed96290b440bb595452c55748fbafc38681fcc56898649089b6c820bd323b24837c2c8484965e6788a833e541e6990dce37a17e4e4d5fc033ad0ed9c0ee31f88b3bd317e28ccad06a82191c2df11e5a137b4a5fc9a764b853ffcac77ce5d125b3d028daa3e7f57a83a6cc592626c8a61e0a9ba7071a5acdbfb066a63286ee40f2e12cba60bd329d54c809d4ae38db0721e4ae8e7b393f611f370d5c13c7fd9e38975be357445128e6b548dc9c1e0cffb9deb9a22485b6a282e385ebb5340d6b803cfad24b7291002042837157636de87aa8751dc4ebc0628b63c97bc1fd709ffb0dc82574667c5d1d52fed2f8c9783e0cce0a4f87d2c7bab7c957039eb1bc7c95d1193b8eda714f2d90d1b81766c374821e8d06f17ddb44c9c27895a620a0dfd1c092477efdb46a27d30af9dee1ef4fc332564352cd371d42bba1439db841888b91c954cd858f2f1c771aef2fa104b647f2dc3cd4204920413a7f77fd48cedc7147b36fdcb5aa768a9e5f86746fbd4e3f7fcaaac30047ef73fd92028544624258b63a2c82afd068d74567ccd001abdec1edd101c857502216f2733940c5d3751cc860b8ad9a74d184fe040b2dfe297545&cri=VBakFiGawY&ts=445&cb=1734601113982	54.75.69.192	200 OK	43 B
URL GET HTTP/2 obseu.netgreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001269eac135eb468b9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d59168a6f2617071a10acf9f29f674c8082dd512a3e19aa707755d238dc67c6556454709603535e660d5ac6ed6d1b77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a3704b7b27df82282288d55d1d2a47745409a78e2b337905a5f84f788af8a028c4f247604379b9aca6939974b6c1cc1fa90a8e522c3a89acdaf6fc2b8f9ba56a952d5f99aecb655f4cb23d71e0d95e7be19db82ddb0bfd46a4c15c9b1bc6ce7cc23d3d979125d96191c0f4e1dbbaf1132bea3df4eeab6a0e6aaed96290b440bb595452c55748fbafc38681fcc56898649089b6c820bd323b24837c2c8484965e6788a833e541e6990dce37a17e4e4d5fc033ad0ed9c0ee31f88b3bd317e28ccad06a82191c2df11e5a137b4a5fc9a764b853ffcac77ce5d125b3d028daa3e7f57a83a6cc592626c8a61e0a9ba7071a5acdbfb066a63286ee40f2e12cba60bd329d54c809d4ae38db0721e4ae8e7b393f611f370d5c13c7fd9e38975be357445128e6b548dc9c1e0cffb9deb9a22485b6a282e385ebb5340d6b803cfad24b7291002042837157636de87aa8751dc4ebc0628b63c97bc1fd709ffb0dc82574667c5d1d52fed2f8c9783e0cce0a4f87d2c7bab7c957039eb1bc7c95d1193b8eda714f2d90d1b81766c374821e8d06f17ddb44c9c27895a620a0dfd1c092477efdb46a27d30af9dee1ef4fc332564352cd371d42bba1439db841888b91c954cd858f2f1c771aef2fa104b647f2dc3cd4204920413a7f77fd48cedc7147b36fdcb5aa768a9e5f86746fbd4e3f7fcaaac30047ef73fd92028544624258b63a2c82afd068d74567ccd001abdec1edd101c857502216f2733940c5d3751cc860b8ad9a74d184fe040b2dfe297545&cri=VBakFiGawY&ts=445&cb=1734601113982 IP 54.75.69.192:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerZeroSSL Subject.netgreencolumn.com FingerprintA9:B5:E3:B5:6F:A5:EB:77:45:F5:40:42:76:3A:DF:E2:AF:62:7C:1B ValidityTue, 17 Dec 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash db04c7b378cb2db912c3ba8a5a774ee3 dee34bd86c3484d31002182aa2b7caa4699126b8 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a HTTP Headers GET /tracker/tc_imp.gif?e=37dfbd8ee84e001269eac135eb468b9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d59168a6f2617071a10acf9f29f674c8082dd512a3e19aa707755d238dc67c6556454709603535e660d5ac6ed6d1b77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a3704b7b27df82282288d55d1d2a47745409a78e2b337905a5f84f788af8a028c4f247604379b9aca6939974b6c1cc1fa90a8e522c3a89acdaf6fc2b8f9ba56a952d5f99aecb655f4cb23d71e0d95e7be19db82ddb0bfd46a4c15c9b1bc6ce7cc23d3d979125d96191c0f4e1dbbaf1132bea3df4eeab6a0e6aaed96290b440bb595452c55748fbafc38681fcc56898649089b6c820bd323b24837c2c8484965e6788a833e541e6990dce37a17e4e4d5fc033ad0ed9c0ee31f88b3bd317e28ccad06a82191c2df11e5a137b4a5fc9a764b853ffcac77ce5d125b3d028daa3e7f57a83a6cc592626c8a61e0a9ba7071a5acdbfb066a63286ee40f2e12cba60bd329d54c809d4ae38db0721e4ae8e7b393f611f370d5c13c7fd9e38975be357445128e6b548dc9c1e0cffb9deb9a22485b6a282e385ebb5340d6b803cfad24b7291002042837157636de87aa8751dc4ebc0628b63c97bc1fd709ffb0dc82574667c5d1d52fed2f8c9783e0cce0a4f87d2c7bab7c957039eb1bc7c95d1193b8eda714f2d90d1b81766c374821e8d06f17ddb44c9c27895a620a0dfd1c092477efdb46a27d30af9dee1ef4fc332564352cd371d42bba1439db841888b91c954cd858f2f1c771aef2fa104b647f2dc3cd4204920413a7f77fd48cedc7147b36fdcb5aa768a9e5f86746fbd4e3f7fcaaac30047ef73fd92028544624258b63a2c82afd068d74567ccd001abdec1edd101c857502216f2733940c5d3751cc860b8ad9a74d184fe040b2dfe297545&cri=VBakFiGawY&ts=445&cb=1734601113982 HTTP/1.1 Host: obseu.netgreencolumn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Cookie: cg_uuid=521df612d80ae3351adac5ac1c950c6d Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK cache-control: no-cache, no-store, must-revalidate content-type: image/gif date: Thu, 19 Dec 2024 09:38:34 GMT expires: Fri, 01 Jan 1990 00:00:00 GMT pragma: no-cache content-length: 43 X-Firefox-Spdy: h2`

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff	142.250.74.129	200 OK	174 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP 142.250.74.129:443 ASN #15169 GOOGLE Requested by https://syndicatedsearch.goog/afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDMsYnVja2V0MDc3fHx8fHx8Njc2M2U5OTg1MzcyNHx8fDE3MzQ2MDExMTIuMzYzOXw5N2MxMTYxMTVhMTcwMWFhMjRiNjVkYzM5M2JmYzU4MzY0Y2RmMGFjfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHxaSEF0ZEdWaGJXbHVkR1Z5Ym1WME1EUmZNM0JvfGQ4MmYzNjFmYmYxYTJjZGI5NWNmNzZkYzY3MzEwM2Q2M2VlZTU3YmR8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyZTA0OTIyM2ZjNGJjMDQ2Nzg0MTkyNDc4NjBmYWU4NGZjZDQ0YmYyfDB8ZHAtdGVhbWludGVybmV0MDRfM3BofDB8MHx8fHw%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=2091734601113516&num=0&output=afd_ads&domain_name=ww12.axg2ywjul.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1734601113518&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fusid%3D20%26utid%3D13658182141 Certificate IssuerGoogle Trust Services Subject.googleusercontent.com Fingerprint38:49:64:1C:E7:DB:46:FE:EB:37:6F:02:8A:1F:A4:10:71:7B:92:A0 ValidityMon, 04 Nov 2024 08:38:44 GMT - Mon, 27 Jan 2025 08:38:43 GMT File type SVG Scalable Vector Graphics image Size 174 B (174 bytes) Hash 11b3089d616633ca6b73b57aa877eeb4 07632f63e06b30d9b63c97177d3a8122629bda9b 809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://syndicatedsearch.goog/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 18 Dec 2024 23:11:31 GMT expires: Thu, 19 Dec 2024 22:11:31 GMT cache-control: public, max-age=82800 age: 37623 last-modified: Thu, 02 Nov 2023 22:48:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff	142.250.74.129	200 OK	270 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff IP 142.250.74.129:443 ASN #15169 GOOGLE Requested by https://syndicatedsearch.goog/afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDMsYnVja2V0MDc3fHx8fHx8Njc2M2U5OTg1MzcyNHx8fDE3MzQ2MDExMTIuMzYzOXw5N2MxMTYxMTVhMTcwMWFhMjRiNjVkYzM5M2JmYzU4MzY0Y2RmMGFjfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHxaSEF0ZEdWaGJXbHVkR1Z5Ym1WME1EUmZNM0JvfGQ4MmYzNjFmYmYxYTJjZGI5NWNmNzZkYzY3MzEwM2Q2M2VlZTU3YmR8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyZTA0OTIyM2ZjNGJjMDQ2Nzg0MTkyNDc4NjBmYWU4NGZjZDQ0YmYyfDB8ZHAtdGVhbWludGVybmV0MDRfM3BofDB8MHx8fHw%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=2091734601113516&num=0&output=afd_ads&domain_name=ww12.axg2ywjul.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1734601113518&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fusid%3D20%26utid%3D13658182141 Certificate IssuerGoogle Trust Services Subject.googleusercontent.com Fingerprint38:49:64:1C:E7:DB:46:FE:EB:37:6F:02:8A:1F:A4:10:71:7B:92:A0 ValidityMon, 04 Nov 2024 08:38:44 GMT - Mon, 27 Jan 2025 08:38:43 GMT File type SVG Scalable Vector Graphics image Size 270 B (270 bytes) Hash 8959ddcd9712196961d93f58064ed655 62ab1e38e7e9fbf58a04381b76c2d96a9c829f24 17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://syndicatedsearch.goog/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 270 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 18 Dec 2024 20:25:19 GMT expires: Thu, 19 Dec 2024 19:25:19 GMT cache-control: public, max-age=82800 age: 47595 last-modified: Thu, 20 Jul 2023 22:48:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	syndicatedsearch.goog/adsense/domains/caf.js	172.217.21.174	200 OK	65 kB
URL GET HTTP/3 syndicatedsearch.goog/adsense/domains/caf.js IP 172.217.21.174:443 ASN #15169 GOOGLE Requested by https://syndicatedsearch.goog/afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDMsYnVja2V0MDc3fHx8fHx8Njc2M2U5OTg1MzcyNHx8fDE3MzQ2MDExMTIuMzYzOXw5N2MxMTYxMTVhMTcwMWFhMjRiNjVkYzM5M2JmYzU4MzY0Y2RmMGFjfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHxaSEF0ZEdWaGJXbHVkR1Z5Ym1WME1EUmZNM0JvfGQ4MmYzNjFmYmYxYTJjZGI5NWNmNzZkYzY3MzEwM2Q2M2VlZTU3YmR8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyZTA0OTIyM2ZjNGJjMDQ2Nzg0MTkyNDc4NjBmYWU4NGZjZDQ0YmYyfDB8ZHAtdGVhbWludGVybmV0MDRfM3BofDB8MHx8fHw%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=2091734601113516&num=0&output=afd_ads&domain_name=ww12.axg2ywjul.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1734601113518&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww12.axg2ywjul.xyz%2F%3Fusid%3D20%26utid%3D13658182141 Certificate IssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint58:3D:9C:C1:AD:FF:DB:76:C6:A2:47:40:3C:B0:40:4D:0E:9E:28:A8 ValidityMon, 04 Nov 2024 08:40:55 GMT - Mon, 27 Jan 2025 08:40:54 GMT File type gzip compressed data, max compression Size 65 kB (64961 bytes) Hash 289e4e36c5cf321f658ae55e124297fc 0ecad2398dc30bbc1c8e3cd2cfc131ac5036c5e5 d11532cccf3cc10209d59379244c8c3985186f01b0f5adfb671e8cbdd8bb652d HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: syndicatedsearch.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://syndicatedsearch.goog/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Thu, 19 Dec 2024 09:38:33 GMT expires: Thu, 19 Dec 2024 09:38:33 GMT cache-control: private, max-age=3600 etag: "3418246937568077699" x-content-type-options: nosniff link: <https://syndicatedsearch.goog>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	obseu.netgreencolumn.com/mon	54.75.69.192	200 OK	0 B
URL POST HTTP/2 obseu.netgreencolumn.com/mon IP 54.75.69.192:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerZeroSSL Subject.netgreencolumn.com FingerprintA9:B5:E3:B5:6F:A5:EB:77:45:F5:40:42:76:3A:DF:E2:AF:62:7C:1B ValidityTue, 17 Dec 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /mon HTTP/1.1 Host: obseu.netgreencolumn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 2396 Origin: https://ww12.axg2ywjul.xyz DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Cookie: cg_uuid=521df612d80ae3351adac5ac1c950c6d Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK access-control-allow-credentials: true access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin: https://ww12.axg2ywjul.xyz content-type: application/json date: Thu, 19 Dec 2024 09:38:35 GMT content-length: 0 X-Firefox-Spdy: h2`

	syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=axtugcbykahv&aqid=meljZ_eIKYqvxdwPm7jQyAo&psid=7840396037&pbt=bs&adbx=375&adby=170.1999969482422&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=704712957&csala=5%7C0%7C355%7C81%7C84&lle=0&ifv=1&hpt=1	172.217.21.174	204 No Content	0 B
URL GET HTTP/3 syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=axtugcbykahv&aqid=meljZ_eIKYqvxdwPm7jQyAo&psid=7840396037&pbt=bs&adbx=375&adby=170.1999969482422&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=704712957&csala=5%7C0%7C355%7C81%7C84&lle=0&ifv=1&hpt=1 IP 172.217.21.174:443 ASN #15169 GOOGLE Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint58:3D:9C:C1:AD:FF:DB:76:C6:A2:47:40:3C:B0:40:4D:0E:9E:28:A8 ValidityMon, 04 Nov 2024 08:40:55 GMT - Mon, 27 Jan 2025 08:40:54 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=axtugcbykahv&aqid=meljZ_eIKYqvxdwPm7jQyAo&psid=7840396037&pbt=bs&adbx=375&adby=170.1999969482422&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=704712957&csala=5%7C0%7C355%7C81%7C84&lle=0&ifv=1&hpt=1 HTTP/1.1 Host: syndicatedsearch.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-KTwaoxFpTD9LkV389kkF0g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Thu, 19 Dec 2024 09:38:35 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=3vzd7ygcr394&aqid=meljZ_eIKYqvxdwPm7jQyAo&psid=7840396037&pbt=bv&adbx=375&adby=170.1999969482422&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=704712957&csala=5%7C0%7C355%7C81%7C84&lle=0&ifv=1&hpt=1	172.217.21.174	204 No Content	0 B
URL GET HTTP/3 syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=3vzd7ygcr394&aqid=meljZ_eIKYqvxdwPm7jQyAo&psid=7840396037&pbt=bv&adbx=375&adby=170.1999969482422&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=704712957&csala=5%7C0%7C355%7C81%7C84&lle=0&ifv=1&hpt=1 IP 172.217.21.174:443 ASN #15169 GOOGLE Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint58:3D:9C:C1:AD:FF:DB:76:C6:A2:47:40:3C:B0:40:4D:0E:9E:28:A8 ValidityMon, 04 Nov 2024 08:40:55 GMT - Mon, 27 Jan 2025 08:40:54 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=3vzd7ygcr394&aqid=meljZ_eIKYqvxdwPm7jQyAo&psid=7840396037&pbt=bv&adbx=375&adby=170.1999969482422&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=704712957&csala=5%7C0%7C355%7C81%7C84&lle=0&ifv=1&hpt=1 HTTP/1.1 Host: syndicatedsearch.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-gs4TyxB9GoSJAHmQ0GG29Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Thu, 19 Dec 2024 09:38:35 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	obseu.netgreencolumn.com/mon	54.75.69.192	200 OK	0 B
URL POST HTTP/2 obseu.netgreencolumn.com/mon IP 54.75.69.192:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerZeroSSL Subject.netgreencolumn.com FingerprintA9:B5:E3:B5:6F:A5:EB:77:45:F5:40:42:76:3A:DF:E2:AF:62:7C:1B ValidityTue, 17 Dec 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /mon HTTP/1.1 Host: obseu.netgreencolumn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 1614 Origin: https://ww12.axg2ywjul.xyz DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Cookie: cg_uuid=521df612d80ae3351adac5ac1c950c6d Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK access-control-allow-credentials: true access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin: https://ww12.axg2ywjul.xyz content-type: application/json date: Thu, 19 Dec 2024 09:38:37 GMT content-length: 0 X-Firefox-Spdy: h2`

	obseu.netgreencolumn.com/mon	54.75.69.192	200 OK	0 B
URL POST HTTP/2 obseu.netgreencolumn.com/mon IP 54.75.69.192:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerZeroSSL Subject.netgreencolumn.com FingerprintA9:B5:E3:B5:6F:A5:EB:77:45:F5:40:42:76:3A:DF:E2:AF:62:7C:1B ValidityTue, 17 Dec 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /mon HTTP/1.1 Host: obseu.netgreencolumn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 1614 Origin: https://ww12.axg2ywjul.xyz DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Cookie: cg_uuid=521df612d80ae3351adac5ac1c950c6d Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK access-control-allow-credentials: true access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin: https://ww12.axg2ywjul.xyz content-type: application/json date: Thu, 19 Dec 2024 09:38:39 GMT content-length: 0 X-Firefox-Spdy: h2`

	obseu.netgreencolumn.com/mon	54.75.69.192	200 OK	0 B
URL POST HTTP/2 obseu.netgreencolumn.com/mon IP 54.75.69.192:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerZeroSSL Subject.netgreencolumn.com FingerprintA9:B5:E3:B5:6F:A5:EB:77:45:F5:40:42:76:3A:DF:E2:AF:62:7C:1B ValidityTue, 17 Dec 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /mon HTTP/1.1 Host: obseu.netgreencolumn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 1617 Origin: https://ww12.axg2ywjul.xyz DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Cookie: cg_uuid=521df612d80ae3351adac5ac1c950c6d Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK access-control-allow-credentials: true access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin: https://ww12.axg2ywjul.xyz content-type: application/json date: Thu, 19 Dec 2024 09:38:44 GMT content-length: 0 X-Firefox-Spdy: h2`

	obseu.netgreencolumn.com/mon	54.75.69.192	200 OK	0 B
URL POST HTTP/2 obseu.netgreencolumn.com/mon IP 54.75.69.192:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerZeroSSL Subject.netgreencolumn.com FingerprintA9:B5:E3:B5:6F:A5:EB:77:45:F5:40:42:76:3A:DF:E2:AF:62:7C:1B ValidityTue, 17 Dec 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /mon HTTP/1.1 Host: obseu.netgreencolumn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 1617 Origin: https://ww12.axg2ywjul.xyz DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Cookie: cg_uuid=521df612d80ae3351adac5ac1c950c6d Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK access-control-allow-credentials: true access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin: https://ww12.axg2ywjul.xyz content-type: application/json date: Thu, 19 Dec 2024 09:38:49 GMT content-length: 0 X-Firefox-Spdy: h2`

	d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png	108.157.217.21	200 OK	11 kB
URL GET HTTP/2 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png IP 108.157.217.21:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerAmazon Subject.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced Size 11 kB (11375 bytes) Hash 0cb2e5165dc9324eb462199f04e1ffa9 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865 HTTP Headers `GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/png content-length: 11375 server: nginx date: Wed, 18 Dec 2024 11:04:57 GMT last-modified: Thu, 21 Mar 2024 11:48:11 GMT accept-ranges: bytes etag: "65fc1e7b-2c6f" x-cache: Hit from cloudfront via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P1 x-amz-cf-id: 3W2KS7H2HSEMYBSvlQB0JkEufFQrHr8_f5xnJkNT84mRZfGpRN_6Tw== age: 81216 X-Firefox-Spdy: h2`

	ww12.axg2ywjul.xyz/track.php?domain=axg2ywjul.xyz&caf=1&toggle=answercheck&answer=yes&uid=MTczNDYwMTExMi4zNDE5Ojc2YTQ1YWI2MjNkYzJmNmRjYjI0MWQ2OTY5NTc3ZGY2MjhiNmZmN2EzMTVmZDhmYTA5OTYwNWUxMjY3OTk1ODg6Njc2M2U5OTg1Mzc3MQ%3D%3D	76.223.26.96	200 OK	0 B
URL GET HTTP/2 ww12.axg2ywjul.xyz/track.php?domain=axg2ywjul.xyz&caf=1&toggle=answercheck&answer=yes&uid=MTczNDYwMTExMi4zNDE5Ojc2YTQ1YWI2MjNkYzJmNmRjYjI0MWQ2OTY5NTc3ZGY2MjhiNmZmN2EzMTVmZDhmYTA5OTYwNWUxMjY3OTk1ODg6Njc2M2U5OTg1Mzc3MQ%3D%3D IP 76.223.26.96:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerLet's Encrypt Subjectww12.axg2ywjul.xyz Fingerprint32:38:50:C2:1E:75:09:D3:5A:FF:13:19:42:A0:38:4B:BB:24:3F:84 ValidityThu, 28 Nov 2024 07:47:16 GMT - Wed, 26 Feb 2025 07:47:15 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /track.php?domain=axg2ywjul.xyz&caf=1&toggle=answercheck&answer=yes&uid=MTczNDYwMTExMi4zNDE5Ojc2YTQ1YWI2MjNkYzJmNmRjYjI0MWQ2OTY5NTc3ZGY2MjhiNmZmN2EzMTVmZDhmYTA5OTYwNWUxMjY3OTk1ODg6Njc2M2U5OTg1Mzc3MQ%3D%3D HTTP/1.1 Host: ww12.axg2ywjul.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Cookie: _cq_duid=1.1734601113.xwkvNUMttOrgKKLT; _cq_suid=1.1734601113.nzflbs0anKwloQqR; _cq_pxg=3\|c396839026192194 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile accept-ch-lifetime: 30 access-control-allow-origin: * alt-svc: h3=":50944"; ma=2592000 content-encoding: gzip content-type: text/html; charset=UTF-8 date: Thu, 19 Dec 2024 09:38:34 GMT server: Caddy, nginx vary: Accept-Encoding x-custom-track: answercheck X-Firefox-Spdy: h2`

	ww12.axg2ywjul.xyz/?usid=20&utid=13658182141	76.223.26.96	200 OK	16 kB
URL User Request GET HTTP/2 ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 IP 76.223.26.96:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subjectww12.axg2ywjul.xyz Fingerprint32:38:50:C2:1E:75:09:D3:5A:FF:13:19:42:A0:38:4B:BB:24:3F:84 ValidityThu, 28 Nov 2024 07:47:16 GMT - Wed, 26 Feb 2025 07:47:15 GMT File type HTML document, ASCII text, with very long lines (7910) Size 16 kB (15697 bytes) Hash 68ea9d35d3cbfa434eea3a08443d97f9 1419b7f5309c057c8e0f628a3f35800ac09b7d85 39abbbae121db3ea8babbcdc9405f214c49204589828bb1f81287279ec4adf7e HTTP Headers `GET /?usid=20&utid=13658182141 HTTP/1.1 Host: ww12.axg2ywjul.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile accept-ch-lifetime: 30 alt-svc: h3=":50944"; ma=2592000 content-encoding: gzip content-type: text/html; charset=UTF-8 date: Thu, 19 Dec 2024 09:38:32 GMT server: Caddy, nginx vary: Accept-Encoding x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_hN3RBjJlDM74Id70F+/zhsO+4gbQ61JH3Eqdt3KY8tIOkgRNO+g73UFIjydiKAXh4HlQENKiX/BFv7Wy9v9omA== x-buckets: bucket003,bucket077 x-domain: axg2ywjul.xyz x-language: norwegian x-pcrew-blocked-reason: hosting network x-pcrew-ip-organization: Blix Solutions x-subdomain: ww12 x-template: tpl_CleanPeppermintBlack_twoclick X-Firefox-Spdy: h2

	parking3.parklogic.com/page/enhance.js?pcId=12&domain=axg2ywjul.xyz	170.187.143.93	200 OK	2.3 kB
URL GET HTTP/2 parking3.parklogic.com/page/enhance.js?pcId=12&domain=axg2ywjul.xyz IP 170.187.143.93:443 ASN #63949 Akamai Connected Cloud Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerSectigo Limited Subject.parklogic.com FingerprintA5:25:E3:1A:B4:C8:32:BD:0D:BA:C8:B4:19:22:F9:75:D4:D3:88:3F ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (2407), with no line terminators Size 2.3 kB (2337 bytes) Hash dcd4078026aa7516040e909928d67445 10c9f5d9417237e4008b40e6f3e0ca42fc25976f 8ddc7d5742502d9d6061bd2476f960990a211d62ebdaca3bf69ee1e27f900864 HTTP Headers `GET /page/enhance.js?pcId=12&domain=axg2ywjul.xyz HTTP/1.1 Host: parking3.parklogic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Thu, 19 Dec 2024 09:38:32 GMT content-type: text/javascript;charset=UTF-8 access-control-allow-origin: * X-Firefox-Spdy: h2`

	ww12.axg2ywjul.xyz/ls.php?t=6763e998&token=2e049223fc4bc04678419247860fae84fcd44bf2	76.223.26.96	201 Created	16 B
URL GET HTTP/2 ww12.axg2ywjul.xyz/ls.php?t=6763e998&token=2e049223fc4bc04678419247860fae84fcd44bf2 IP 76.223.26.96:443 ASN #16509 AMAZON-02 Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerLet's Encrypt Subjectww12.axg2ywjul.xyz Fingerprint32:38:50:C2:1E:75:09:D3:5A:FF:13:19:42:A0:38:4B:BB:24:3F:84 ValidityThu, 28 Nov 2024 07:47:16 GMT - Wed, 26 Feb 2025 07:47:15 GMT File type troff or preprocessor input, ASCII text, with no line terminators Size 16 B (16 bytes) Hash dac3510b7572d5d0a91c5cabcfffb808 8f3fde801270c1046ce441e8a9df9a01d5142102 4f32d280a95889bb861167e00c1b95a773707eb98dfe2cc1736bf8884a2259f5 HTTP Headers `GET /ls.php?t=6763e998&token=2e049223fc4bc04678419247860fae84fcd44bf2 HTTP/1.1 Host: ww12.axg2ywjul.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 201 Created accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile accept-ch-lifetime: 30 access-control-allow-methods: POST, OPTIONS access-control-allow-origin: access-control-max-age: 86400 alt-svc: h3=":50944"; ma=2592000 charset: utf-8 content-type: text/javascript;charset=UTF-8 date: Thu, 19 Dec 2024 09:38:33 GMT server: Caddy, nginx x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ovkpL1J2MCq8YtmuQ+OLlJmrQhzQW69HszYWJs9S1z29zg4J20Khv6hvN4wAiVJ3s85nzW+0LbBA/uCJvQ6Jyw== x-log-success: 6763e9996974f0e482036067 X-Firefox-Spdy: h2

	www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true	142.250.74.100	200 OK	147 kB
URL GET HTTP/2 www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true IP 142.250.74.100:443 ASN #15169 GOOGLE Requested by https://ww12.axg2ywjul.xyz/?usid=20&utid=13658182141 Certificate IssuerGoogle Trust Services Subjectwww.google.com FingerprintC1:EF:1D:9F:32:BB:31:2D:F3:08:D9:D6:97:9C:21:A1:A2:67:F9:C5 ValidityMon, 04 Nov 2024 08:39:37 GMT - Mon, 27 Jan 2025 08:39:36 GMT File type JavaScript source, ASCII text, with very long lines (1932) Size 147 kB (146827 bytes) Hash a6382fcb85727be00d4a36a4e4ad29eb 5e4ed17a42f9ff390c9e9bd70332ec8736d0c848 c2d3bbd3a63731a11fce565c3eccade1d7527bb29391102b7742daa71ce86009 HTTP Headers `GET /adsense/domains/caf.js?abp=1&adsdeli=true HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.axg2ywjul.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Thu, 19 Dec 2024 09:38:33 GMT expires: Thu, 19 Dec 2024 09:38:33 GMT cache-control: private, max-age=3600 etag: "16031625567588832472" x-content-type-options: nosniff link: <https://syndicatedsearch.goog>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML