Report - fwiwk.biz/ykg

Report Overview

Submitted URL
fwiwk.biz/ykg
IP
199.59.243.223
ASN
#16509 AMAZON-02
Submitted
2023-06-03 15:58:08
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10	2023-06-02	1.8 kB	59 kB	142.250.74.164
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2023-06-02	981 B	2.1 kB	142.250.74.97
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-02	330 B	964 B	104.18.15.101
parking3.parklogic.com	unknown	2007-02-28	2023-05-10	2023-06-02	884 B	50 kB	45.79.244.209
fwiwk.biz	unknown	2022-04-29	2022-04-29	2023-05-29	2.1 kB	4.0 kB	199.59.243.223
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-02	1.7 kB	3.5 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-03 15:57:48	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-06-03 15:57:48	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator
2023-06-03	medium	fwiwk.biz
2023-06-03	medium	fwiwk.biz
2023-06-03	medium	fwiwk.biz
2023-06-03	medium	fwiwk.biz

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-03	medium	fwiwk.biz
2023-06-03	medium	fwiwk.biz
2023-06-03	medium	fwiwk.biz
2023-06-03	medium	fwiwk.biz

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	www.google.com/adsense/domains/caf.js	148 kB	2023-06-02	2023-06-07
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 09:18:20 Last Seen2023-06-07 04:52:28 Times Seen49 Hash 1c27ce1f5c707f9c1874da976a1fee1f dd36027f8f050f43c301a8ea97fee32158b0e956 04d94dde3bd504446c50507a3a6a0f4e0336fe883f6bb13628b9eb54a6e7beb2 Loading...

	www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol315%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol463&client=dp-bodis30_3ph&r=m&hl=en&rpbu=https%3A%2F%2Ffwiwk.biz%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2442788251544177&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301100%2C17301182%2C17301185&format=r3&nocache=8751685807870197&num=0&output=afd_ads&domain_name=fwiwk.biz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685807870199&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=271&frm=0&cl=536423577&uio=-&cont=rs&jsid=caf&jsv=536423577&rurl=https%3A%2F%2Ffwiwk.biz%2Fykg&adbw=master-1%3A1264	6.2 kB	2023-06-03	2023-06-03
Pretty URL www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol315%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol463&client=dp-bodis30_3ph&r=m&hl=en&rpbu=https%3A%2F%2Ffwiwk.biz%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2442788251544177&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301100%2C17301182%2C17301185&format=r3&nocache=8751685807870197&num=0&output=afd_ads&domain_name=fwiwk.biz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685807870199&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=271&frm=0&cl=536423577&uio=-&cont=rs&jsid=caf&jsv=536423577&rurl=https%3A%2F%2Ffwiwk.biz%2Fykg&adbw=master-1%3A1264 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 17:58:08 Last Seen2023-06-03 17:58:08 Times Seen1 Hash c50786ea336b7abc679f78661678425a 75d3416ba3544e57349a8a0e90fb9515584668bc 49323f46be57e2df46536824f79de6cd3ef38b7681d645abcd9d3b975a54baca Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-06-01	2023-06-07
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 20:59:00 Last Seen2023-06-07 14:48:02 Times Seen373 Hash ad339a3899f3639c08af311536e1338b c93f98908ab15448437fd453d993135c0723dfd8 ea9f3cca9585ab7907db23208c0955ba9b3a787a5baef2898a3873564ae4fb14 Loading...

	parking3.parklogic.com/page/enhance.js?pcId=7&pId=1129&domain=Fwiwk.biz	989 B	2023-05-18	2023-06-08
Pretty URL parking3.parklogic.com/page/enhance.js?pcId=7&pId=1129&domain=Fwiwk.biz IP 45.79.244.209 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 01:16:22 Last Seen2023-06-08 20:02:33 Times Seen26 Hash b2c9eae935227c85c37d7f21d347d09a 44b73bb3b5e96bd0307bcc6fd2726b663ce71f3e f48fbc9ee31bb9c4877768ad0a4992a60df42720886385e21fcdc14b8d15ab47 Loading...

	fwiwk.biz/ykg	291 B	2023-06-03	2023-06-03
Pretty URL fwiwk.biz/ykg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 17:58:08 Last Seen2023-06-03 17:58:08 Times Seen1 Hash 7e36c8e135ee91a95394711bdd43e8ff 1ca2cf281bc1607aab52552861f6a4048d2b3ac6 a34d94a56614f0eefb9e9d0d9c8e177bfd2d9069771b8fd9a0b105daf8a4e634 Loading...

	fwiwk.biz/js/parking.2.105.5.js	67 kB	2023-06-01	2023-06-28
Pretty URL fwiwk.biz/js/parking.2.105.5.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 19:07:09 Last Seen2023-06-28 15:56:05 Times Seen4630 Hash 3e1864d0725b87f7aa6af91212e93ede 07ba27733921329fe0dbad86419fdaf08ff23573 4c0831bbff079ac28d7851a6e15469845cb70f8f7de0005adcac65c5922205e5 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 340dfa29ee1bbfb063a9f14778432402	362 B	2023-05-13	2024-03-27
Pretty Observations First Seen2023-05-13 03:23:16 Last Seen2024-03-27 05:02:01 Times Seen1529 Hash 340dfa29ee1bbfb063a9f14778432402 653a15a286fd1d4c1ba7f97b3aaf347b84f89d28 9769bb66909b580b9ae5f6b8f5a89e9644d5154ccaab7856dfb9847849ab76c3 Loading...

		Size	First Seen	Last Seen
	#1 Write - 295f75efd84004ac584db2a81ca50a04	179 B	2023-05-14	2023-07-22
Pretty Observations First Seen2023-05-14 06:17:14 Last Seen2023-07-22 17:07:49 Times Seen36 Hash 295f75efd84004ac584db2a81ca50a04 ef45a2b4767eacaffceda1f5964bd56ca524be75 4db9c7fdfb6af624d6414a806c16adf0a149859fcb3d39c1970670b875821048 Loading...

HTTP Transactions (17)

URL IP Response Size

fwiwk.biz/px.gif?ch=1&rn=5.840998636500852

199.59.243.223

42 B

URL
fwiwk.biz/px.gif?ch=1&rn=5.840998636500852
IP
199.59.243.223:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /px.gif?ch=1&rn=5.840998636500852 HTTP/1.1
Host: fwiwk.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fwiwk.biz/ykg
Cookie: parking_session=2e0d60b4-2e7a-47a9-42fc-f698fd20736e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 03 Jun 2023 15:57:50 GMT
content-type: image/gif
content-length: 42
last-modified: Wed, 15 Sep 2021 19:38:30 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2

fwiwk.biz/px.gif?ch=2&rn=5.840998636500852

199.59.243.223

42 B

URL
fwiwk.biz/px.gif?ch=2&rn=5.840998636500852
IP
199.59.243.223:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /px.gif?ch=2&rn=5.840998636500852 HTTP/1.1
Host: fwiwk.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fwiwk.biz/ykg
Cookie: parking_session=2e0d60b4-2e7a-47a9-42fc-f698fd20736e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 03 Jun 2023 15:57:50 GMT
content-type: image/gif
content-length: 42
last-modified: Wed, 15 Sep 2021 19:38:30 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
89cf78789180bd118e9b97dad5ed4053
820d2363f5e826f226de0eb9ad170cb135e1b1fd
3effb60c74b1b0e55a5bddd1aa2d3daae71e18e14f273e38cc57db481cc7d04c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fwiwk.biz/_fd

199.59.243.223

2.4 kB

URL
fwiwk.biz/_fd
IP
199.59.243.223:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4629), with no line terminators
Size
2.4 kB (2359 bytes)
Hash
d2c4989680cb3c4c00082d01313cc375
a9ffe5f7f91e34c83035359b6348a57378a31bf7
79f66a0baf5133e9d301b0fbc55864e76b70142b0164a625b85c28bbc3025862

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

POST /_fd HTTP/1.1
Host: fwiwk.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fwiwk.biz/ykg
Content-Type: application/json
Origin: https://fwiwk.biz
DNT: 1
Connection: keep-alive
Cookie: parking_session=2e0d60b4-2e7a-47a9-42fc-f698fd20736e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: openresty
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 15:57:50 GMT
x-version: 2.105.5
set-cookie: parking_session=2e0d60b4-2e7a-47a9-42fc-f698fd20736e; expires=Sat, 03-Jun-2023 16:12:50 GMT; Max-Age=900; path=/; httponly
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
37666b9ccb9ec1632df818aa5b9c30ce
73a1cc9b50fa59f3262e6b0577d70514ae639adf
d62cc75cd09bd1a62debedc6273aec0e8206c45fc993553253627a3464f46d57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/adsense/domains/caf.js

142.250.74.164

200 OK

56 kB

URL GET HTTP/3
www.google.com/adsense/domains/caf.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol315%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol463&client=dp-bodis30_3ph&r=m&hl=en&rpbu=https%3A%2F%2Ffwiwk.biz%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2442788251544177&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301100%2C17301182%2C17301185&format=r3&nocache=8751685807870197&num=0&output=afd_ads&domain_name=fwiwk.biz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685807870199&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=271&frm=0&cl=536423577&uio=-&cont=rs&jsid=caf&jsv=536423577&rurl=https%3A%2F%2Ffwiwk.biz%2Fykg&adbw=master-1%3A1264
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type
gzip compressed data, max compression\012- data
Size
56 kB (56071 bytes)
Hash
39333a7c05b2fc149480c09137755485
1f0a2f55e6bfc62e91a215e504aa70d0e56194af
eea245fc38f675ef5217f4afce9818dfac7f636b3f7483597d9699a109261699

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fwiwk.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 03 Jun 2023 15:57:50 GMT
expires: Sat, 03 Jun 2023 15:57:50 GMT
cache-control: private, max-age=3600
etag: "10554597642915104364"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6c586b727959dc365a7d70c617fcbe05
8b4f5b5854b15ecbc1d1d8dc0579b7fbb19e0bf8
90aca14ebb20794c4e8f18f48e58c6c17b9795fbca4c18b65fad31616178bf4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b

142.250.74.97

174 B

URL
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
174 B (174 bytes)
Hash
d47125b2ba92be53dcff07ba322ce1de
e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 01:02:57 GMT
expires: Sun, 04 Jun 2023 00:02:57 GMT
cache-control: public, max-age=82800
age: 53694
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6c586b727959dc365a7d70c617fcbe05
8b4f5b5854b15ecbc1d1d8dc0579b7fbb19e0bf8
90aca14ebb20794c4e8f18f48e58c6c17b9795fbca4c18b65fad31616178bf4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff

142.250.74.97

278 B

URL
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306)
Size
278 B (278 bytes)
Hash
fe7dd8c3c629cc6e9cd6d3e4d3cbe905
59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 02 Jun 2023 22:32:04 GMT
expires: Sat, 03 Jun 2023 21:32:04 GMT
cache-control: public, max-age=82800
age: 62747
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6c586b727959dc365a7d70c617fcbe05
8b4f5b5854b15ecbc1d1d8dc0579b7fbb19e0bf8
90aca14ebb20794c4e8f18f48e58c6c17b9795fbca4c18b65fad31616178bf4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
bbdc54c3c59762b7010fc2e8437bc1ca
d9925ff758a28b2d6a245121b8425dd6b99c3188
f456b1db7483e9f0d4330b30f600b3cc8523ca07631b9fd25e1bfebbf0840fbf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 15:57:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Jun 2023 02:37:00 GMT
Expires: Fri, 09 Jun 2023 02:36:59 GMT
Etag: "d9925ff758a28b2d6a245121b8425dd6b99c3188"
Cache-Control: max-age=471322,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d19225d0f09b4ed-OSL

parking3.parklogic.com/page/enhance.js?pcId=7&pId=1129&domain=Fwiwk.biz

45.79.244.209

989 B

URL
parking3.parklogic.com/page/enhance.js?pcId=7&pId=1129&domain=Fwiwk.biz
IP
45.79.244.209:0
ASN
#63949 Linode, LLC

File type
HTML document, ASCII text, with very long lines (718)
Size
989 B (989 bytes)
Hash
b2c9eae935227c85c37d7f21d347d09a
44b73bb3b5e96bd0307bcc6fd2726b663ce71f3e
f48fbc9ee31bb9c4877768ad0a4992a60df42720886385e21fcdc14b8d15ab47

HTTP Headers

GET /page/enhance.js?pcId=7&pId=1129&domain=Fwiwk.biz HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fwiwk.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Sat, 03 Jun 2023 15:57:51 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
x-powered-by: PHP/5.5.38
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8
connection: close

parking3.parklogic.com/page/images/pe262/hero_nc.svg

45.79.244.209

200 OK

48 kB

URL GET HTTP/1.1
parking3.parklogic.com/page/images/pe262/hero_nc.svg
IP
45.79.244.209:443
ASN
#63949 Linode, LLC

Requested by
https://fwiwk.biz/ykg
Certificate
IssuerSectigo Limited
Subject*.parklogic.com
FingerprintD2:96:70:5E:83:A7:30:EF:05:87:20:AD:05:88:37:B5:E5:2E:0B:2F
ValidityMon, 19 Dec 2022 00:00:00 GMT - Fri, 19 Jan 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1738)
Size
48 kB (48097 bytes)
Hash
5a2c392e7acdf6e9de6e00129500503c
c8d0f80381e4ce180b5eb3c4c98539907292a7bb
878da09a057ec8f1775cdc522e5f7ec44966df547a87a9c29826ba114833c24b

HTTP Headers

GET /page/images/pe262/hero_nc.svg HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fwiwk.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Sat, 03 Jun 2023 15:57:51 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
last-modified: Mon, 08 Mar 2021 23:04:00 GMT
etag: "bbe1-5bd0e72fe1800"
accept-ranges: bytes
content-length: 48097
content-type: image/svg+xml
connection: close

www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=i4l8wfryqlwq&aqid=_mJ7ZMLQKpSsywWw3IKoDQ&psid=3113057640&pbt=bs&adbx=290&adby=323&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=536423577&csala=10%7C0%7C279%7C66%7C246&lle=0&ifv=1&usr=1

142.250.74.164

0 B

URL
www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=i4l8wfryqlwq&aqid=_mJ7ZMLQKpSsywWw3IKoDQ&psid=3113057640&pbt=bs&adbx=290&adby=323&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=536423577&csala=10%7C0%7C279%7C66%7C246&lle=0&ifv=1&usr=1
IP
142.250.74.164:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=i4l8wfryqlwq&aqid=_mJ7ZMLQKpSsywWw3IKoDQ&psid=3113057640&pbt=bs&adbx=290&adby=323&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=536423577&csala=10%7C0%7C279%7C66%7C246&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fwiwk.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zmBS7oVYFQrp1EaNIMS5IA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sat, 03 Jun 2023 15:57:52 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=av2VWTYCkIWrGYpdafvgx4YEIOGaZ6K0_sVo7tKYJkkIBF-29ryNvsxX8PHXgXBC2TnTNscIhcZjsj4Sh7N1tyu6wWK-zZOOPnokRvaM0OafynICgL_AiQnq9ZrgRsuVAyIzDWz09atlU5xVpwnc7RRAp-3pBoCtQ4K3LABqye4; expires=Sun, 03-Dec-2023 15:57:52 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+292; expires=Mon, 02-Jun-2025 15:57:52 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=ekdsxxkyv26&aqid=_mJ7ZMLQKpSsywWw3IKoDQ&psid=3113057640&pbt=bv&adbx=290&adby=323&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=536423577&csala=10%7C0%7C279%7C66%7C246&lle=0&ifv=1&usr=1

142.250.74.164

0 B

URL
www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=ekdsxxkyv26&aqid=_mJ7ZMLQKpSsywWw3IKoDQ&psid=3113057640&pbt=bv&adbx=290&adby=323&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=536423577&csala=10%7C0%7C279%7C66%7C246&lle=0&ifv=1&usr=1
IP
142.250.74.164:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=ekdsxxkyv26&aqid=_mJ7ZMLQKpSsywWw3IKoDQ&psid=3113057640&pbt=bv&adbx=290&adby=323&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=536423577&csala=10%7C0%7C279%7C66%7C246&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fwiwk.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ganxhkE9pK__1eVeEumcyQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sat, 03 Jun 2023 15:57:53 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=mnRns8khX_tRLdfq-G8KqriTD_RbKOutH7mfVKVWdI7NVGWMtiJ9wQ7VRfcwecvlumAXVT5b7eba8InwvTlC7kjGMpIiZuv9Xz27Q3jdktxVO0m13y3-P5RGCicanK_KU_IyUnh1AsxY7jtkJyfn4CWeppabMogFSCjj0XOb5CE; expires=Sun, 03-Dec-2023 15:57:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+967; expires=Mon, 02-Jun-2025 15:57:53 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fwiwk.biz/_tr

199.59.243.223

200 OK

2 B

URL POST HTTP/2
fwiwk.biz/_tr
IP
199.59.243.223:443
ASN
#16509 AMAZON-02

Requested by
https://fwiwk.biz/ykg
Certificate
IssuerLet's Encrypt
Subjectfwiwk.biz
Fingerprint1C:A2:51:CB:6F:FA:64:07:B8:8B:A1:FF:48:28:BA:08:0B:FC:2E:36
ValidityThu, 11 May 2023 16:55:20 GMT - Wed, 09 Aug 2023 16:55:19 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

POST /_tr HTTP/1.1
Host: fwiwk.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fwiwk.biz/ykg
Content-Type: application/json
Content-Length: 1549
Origin: https://fwiwk.biz
DNT: 1
Connection: keep-alive
Cookie: parking_session=2e0d60b4-2e7a-47a9-42fc-f698fd20736e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 15:57:51 GMT
x-version: 2.105.5
set-cookie: parking_session=2e0d60b4-2e7a-47a9-42fc-f698fd20736e; expires=Sat, 03-Jun-2023 16:12:51 GMT; Max-Age=900; path=/; httponly
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (17)

URL

IP

ASN

File type

Size

Hash

Detections