{"report_id":"a16a3b0a-1a52-484b-a8a3-80cfa83ed13b","version":6,"status":"done","tags":[],"date":"2025-12-21T21:02:28Z","url":{"schema":"http","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":0,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"title":"mous.xyz","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":0,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-25T21:02:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"tq2tmylv9quqkoe"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"ww38.mous.xyz","ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"domain_registered":"2024-10-02","domain_rank":0,"first_seen":"2025-12-21T21:01:54.750057Z","last_seen":"2025-12-21T21:01:54.750057Z","alert_count":10,"request_count":5,"received_data":20625,"sent_data":3070,"comment":"","tags":null,"fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}]},{"fqdn":"d38psrni17bvxu.cloudfront.net","ip":{"addr":"18.239.102.108","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2022-09-22T18:48:38Z","last_seen":"2025-12-17T04:14:31.673132Z","alert_count":0,"request_count":1,"received_data":11835,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-12-14T22:21:29.619834Z","alert_count":0,"request_count":1,"received_data":134744,"sent_data":442,"comment":"","tags":null,"fingerprints":null},{"fqdn":"afs.googleusercontent.com","ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":65181,"first_seen":"2013-05-06T19:11:00Z","last_seen":"2025-12-14T22:36:21.107248Z","alert_count":0,"request_count":2,"received_data":2236,"sent_data":1005,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ep1.adtrafficquality.google","ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3093,"first_seen":"2024-07-24T04:17:49Z","last_seen":"2025-12-14T22:44:27.710821Z","alert_count":0,"request_count":1,"received_data":11442,"sent_data":527,"comment":"","tags":null,"fingerprints":null},{"fqdn":"obseu.youstarsbuilding.com","ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2022-08-01","domain_rank":1721811,"first_seen":"2023-11-07T16:47:12Z","last_seen":"2025-12-19T14:59:53.663758Z","alert_count":0,"request_count":7,"received_data":5525,"sent_data":9906,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ep2.adtrafficquality.google","ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3229,"first_seen":"2024-08-13T12:56:28Z","last_seen":"2025-12-15T00:14:30.531009Z","alert_count":0,"request_count":2,"received_data":34546,"sent_data":984,"comment":"","tags":null,"fingerprints":null},{"fqdn":"euob.youstarsbuilding.com","ip":{"addr":"65.9.46.116","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2022-08-01","domain_rank":2095641,"first_seen":"2023-10-25T16:14:24Z","last_seen":"2025-12-19T14:59:53.810804Z","alert_count":0,"request_count":1,"received_data":120394,"sent_data":453,"comment":"","tags":null,"fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"syndicatedsearch.goog","ip":{"addr":"216.58.207.206","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":5365,"first_seen":"2023-09-25T09:30:59Z","last_seen":"2025-12-14T22:30:59.059099Z","alert_count":0,"request_count":4,"received_data":153346,"sent_data":3862,"comment":"","tags":null,"fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"c77554570ae0fa8e4fb31747dc213058","sha1":"e989fbde07e6a68975c7a31e1d4df76afd90b96f","sha256":"c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77","sha512":"130189a67dea3f0d7ba0591ffbff46f37993ae8b07409e84dfb571f6d31f1b20f97cf76b7cd0751450eec5f294906f95fd35f3dfa37d58bc80433f4c9b4064a9","ssdeep":"","tlshash":"171148b58c9b942f6b37592fa69a72816c41a1179c013a18b14cc7302fdc71d6470bf6","size":968,"data":"","first_seen":"2023-03-08T02:24:08Z","last_seen":"2026-01-15T16:13:58.011798Z","times_seen":181951,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"e5d8c139688b25ef77b263d88ea99150","sha1":"7abc9c61c4966543f66d150c0155bfac575f86a7","sha256":"53e5f34ac520035c7f124076d1e68c70a85c83cf68a339fa713b872b54126148","sha512":"1cd4eb192d987ea1b21f3b553eea3881c807f8bf4a5299982675d57314a0eaa084db1722c38d02eb73178660ecb1ca3667a795a512527f843f2526dc0a99dc20","ssdeep":"","tlshash":"7440000000003000033c0000000000c0000c00000000000000000c00030000000c0000","size":7,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-04-03T22:31:06.789202Z","times_seen":331493,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026adsdeli=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"226d8b922a47d1d01896328ac5f29080","sha1":"228b48495e20d50326164178f4e05c1df4c8e630","sha256":"f95fea007424808c54a06a6bd7a7e0297f46d00d9bdf134afa78245f7e3903fc","sha512":"da97c330d247dab15073920cde860a1491c147eb2ce02a1e917a6ffc6e7b5bbab681395d3a3e394685091a2956ca62a15b2704d32cc5a1d0caae25036c86149c","ssdeep":"1536:MzL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:XuydkXiR5zzTq+bxpD3ZV4T","tlshash":"9bd33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","size":134027,"data":"","first_seen":"2025-12-11T16:42:36.25698Z","last_seen":"2026-01-07T19:22:29.46074Z","times_seen":14588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.206","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6cb2ae5fef74172bd46fac2076465814","sha1":"8a69280b6ae834ae875865e26a83c782c303f509","sha256":"2b0280579e3a031edcdd4a833827f74797b72ada721b69f148823c048cc3ad56","sha512":"bcbb70e3f933a33bb19e773efe9d4cd7c32e61aafdbc119ae2728c7d8206fe4e420e1d9687cfb9148824d8a3f1f7e79c8a8e17c71dd512b4a6a7d387f296e509","ssdeep":"1536:/zL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:SuydkXiR5zzTq+bxpD3ZV4T","tlshash":"a2d33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","size":134034,"data":"","first_seen":"2025-12-11T16:43:36.5228Z","last_seen":"2026-01-07T19:29:49.170183Z","times_seen":11621,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b71ce8b23e99a5181aaa53a1b292fdf4","sha1":"0349d099a912c7e3a478bbbfb920aa41c76d5a14","sha256":"c543f776a841573bc24e32665a235767922a0121e3eec616c08630e0e54d36ec","sha512":"8381c5ffeece6ef7f1dbc74fd8a698d4f23c5a5540dbe85b3a1e3dadcf3537c1f22b1daca3f8012986315571ccdd62fb7dff1ae943be4122109a62961aa38e87","ssdeep":"192:+kKea8/OkXKP88h9CV2V/Hi3DVcqTrIZ9eKD5edIyDJTkea8/2tjea8/23pig:Aj0KEM9A2V/HeDVcqTEZ9eKD5qb9Tkjl","tlshash":"1b12e7e269c359335ddf610edab7951df4aee66b983a64327026c3502381a0ec1317fe","size":9309,"data":"","first_seen":"2025-12-21T21:02:30.541431Z","last_seen":"2025-12-21T21:02:30.541431Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"b326b5062b2f0e69046810717534cb09","sha1":"5ffe533b830f08a0326348a9160afafc8ada44db","sha256":"b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b","sha512":"9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de","ssdeep":"","tlshash":"5430000000000000000000000000300c00000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:44Z","last_seen":"2026-04-03T22:31:06.788599Z","times_seen":352022,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"21edc4e66aa6a54a9aa20d01ff601593","sha1":"e830064164a70ef47743328223ab4ee927bf4336","sha256":"340726d3508df346319d9b548a928cd14735e4de03ca8ccee22962c08c99a21d","sha512":"031de881e6fbe77d22c091953a882470eebefb2ea2f872f42c2afd156aa098c6d8254df5d0515eb6cf32489605fbef72450b676fb59e379892ae02b2534f3a5d","ssdeep":"","tlshash":"e321f09a08f240165bb720ed4f0b8449b531585f71c9db06be0c16903f64e66e6babd9","size":1258,"data":"","first_seen":"2025-12-21T21:02:30.543449Z","last_seen":"2025-12-21T21:02:30.543449Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"65c8369b3607f59089ddd9f23b11f98c","sha1":"5a305680d67d825d8186fe1a52cb65e530301204","sha256":"e2508bc8b6eda959a5e887150cd18744f2aacb6eb98042b690f26443fc5b6d15","sha512":"7ce30bc944e8afd9c817174107ac9345a01537d5c76144f50040acc7d65a47d68276f7e9afe458e478cd1d088d19f0713c5d0f8196c04eb475cfbf82b4e0421b","ssdeep":"","tlshash":"c69004501411035735471404dc0d10c5cc14d1571350413d0353cc740141435fc01405","size":40,"data":"","first_seen":"2025-02-04T20:34:58.349606Z","last_seen":"2026-01-15T16:13:58.019084Z","times_seen":146939,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"18f2edc58d8a7b9e6b82454e8658c157","sha1":"e5dfdd0fa61b3a5ef68dab382a0ba93e9e7b67fb","sha256":"2d9b07a0704d92dda4deae88bc582aeb659923c8d44d0e7362e13cb28d88d250","sha512":"21505594429d2550843f79a1b5aa1555f5f9cac9ae8c281ab5cf48bb5831e39075e826ce61837ad3d6a7ad9a1fb227963eae6e2186b388c9af611e35a0f46f92","ssdeep":"","tlshash":"88f0659805f622d326aa60584df6eb0375a09023a20555c4fa7ca3119f5bc5702ddb8a","size":483,"data":"","first_seen":"2024-01-04T10:26:15Z","last_seen":"2026-01-15T16:13:58.022487Z","times_seen":185093,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"6559111e4eae643ce013ce0821e91a02","sha1":"fa1086c9aa2cb2d14f5c13bceefe21511bcdae5a","sha256":"d72255f7e5ea4dfdf9821df800356367d0bc7df07ecd103bb660018cb1e4f400","sha512":"a6e3e096076dc152b69e95709dad8925c9c2799c23ad226b9ce7b6ee78936bea7300b66c92821ea0728ce7433d4f53787f27f5e7101f97e4d882be0a461fc051","ssdeep":"","tlshash":"407000000380020020c80233a200882af228003c00030200c008888800a808002080c2","size":25,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-04-03T22:31:06.785717Z","times_seen":331393,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","size":19990,"data":"","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"euob.youstarsbuilding.com/sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js","fqdn":"euob.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"65.9.46.116","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8029362628da964c8180dcd7ce5dee64","sha1":"c106143b645314d2ac38480568d6396f921aabcb","sha256":"4413059d59ca7cca178af3bbbc46eefc5a1e9f6f79fb54d475c308be87309d60","sha512":"215441c90181b9f91c827e1ce2c6eba4fbca697e409e9c0333a97ddca78a309e5eec907c8b357a7b6e0d7611a4b55dc55c8d9e5a4390ddc1edb0bd6de9ce0b02","ssdeep":"1536:Qu5y/b5E0bwM7sIo8L0SUs8LonlEzsjxM96nhXxwcTkYtsdlBnFIUtY0PVEWm/5c:QuQb7O8hzjnhGdhtNP8/kLP/VVZF","tlshash":"3cc3d79db2e27025439334a5157f410ae27b5e503c4b8294d27ee9d4ac7ce8e817bfac","size":119868,"data":"","first_seen":"2025-11-17T13:15:00.257414Z","last_seen":"2026-01-07T13:44:42.282578Z","times_seen":17041,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"889ca9e2c79a3ce7aaadbcdfd0ce4ef5","sha1":"b05c2c051bae71f80cb8c289e5a42d4f96d323fa","sha256":"6477acf082d26199b6ce8346b93149b1b999233d9fe76b0340ebf43317cf98f8","sha512":"122a494d50a5e8077cdda40e8d6edb442bb9d89fff078852aad7f84fe24f1c58fe693f0388ca6c9453d1b33036da0b9c4e9fb394a18268e254d306ffc2ca57a3","ssdeep":"","tlshash":"46a002d4b4ed8125564583390104d91cf936c934c0d5701873f0466ca6e700a53610b2","size":62,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-04-03T22:31:06.789908Z","times_seen":331439,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?sjk=7%2FgR8W1BTZ6z7tdUFVg5mw%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011%2Cbucket077\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww38.mous.xyz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.d1rdkcCeoY4meTYqwYzO_3p8nNKSkKYHlmNJNc9KJU-jdpJmONBjrg.SD6kDIKQtOdOtdfUiOWOXA.UaFAOM9herv75MDv6-5_g4LlvJYvJ1PKSBX2oW8xVn-0mHUoB7WaB0sbZO0N7cJ1b8SkgVYl80CTTC6ZDlsAQXWZ-GfRFAqvrJ-L3VcFZyWcPYlisuBh59Zooq3KMZfRQmVckYryGNYpTK4JNDvI0-PAm44-Wn0gnq45bKYZm60v2ei1j_P7a88wyaWOrt6lsY8fTwQfapRF9oT20B_dRSOjW2q5PkNNUxleU4lqwgrrc9hVaPrHsqVdPoBsJbB2QksDjqKcBUb3TKjJ08dpWLSRxKbXhHR2kZWSZE6wnMNIzpffVcIsemWXGFPQ3dOo1HcwoKFplXEGaW9RL1JX-qZ5xlHR6BtnCH24s8J12rseyZ4tIHIog8AZievjA_kWI0fL3bieXHKZ0xAjRBpZEd4He4GBtBvHgz7zonZweis2TklC_LuxGDF-S_3oognKEi-fCedHdYhNBSLwETd5xiVn_VVTEicSQCCcnj8zGkP1I-y95Kz8TrkNusMBSD_SwvV-DQHJTVhnzDafU759t8nBxDnfZ_t48jQMSaaNQG4cnmkjDL1pwHCfJ9wDLfc8krgSCrAo2lynY0Xiqoxf1DnGSYdw1xFSDKULL2GkPsomHNmlwDp5KME4bxad_zO-.9Q2i8MbLZ3lvm8R_lvRWpQ\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=5031766350926416\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.mous.xyz\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1766350926417\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=https%3A%2F%2Fww38.mous.xyz%2Famznanos30%2F","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.206","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d7754caf6089edf7f15b9e46680a6257","sha1":"75e641fd3189eba3150776faf7fc3ee091941d26","sha256":"86aadc46a157b60356aa0999f8584c305ed70c3b6ba7ff94c3eadf39c5b4f279","sha512":"9374121a24f50a0d0cc4ba128c6854e4f16311e08b114c117742806d4ec7cdd833e7f4d5cce82db32381c2f862bfe00b6f9a8ef76fa4426bc1f19cc04d843fef","ssdeep":"","tlshash":"c6012f420c2a4332c1735465191f3f802859083212cbb980946ea28f20f8fede43c1eb","size":842,"data":"","first_seen":"2025-12-21T21:02:30.547023Z","last_seen":"2025-12-21T21:02:30.547023Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"1b334e0123cf0cb113092022fb726782","sha1":"45abb42a6680499daa10d83d2859329de1843de2","sha256":"42591f96b9a41a7e2e5ecd0240dd7fecdcf03ef8454b57c68f08697474a4b579","sha512":"867e061d0f593815a87259d55d960e2000b776954b080157deabbf46850d7530b770d3d31abf6b901aee50bed5fa395be2ce4a6a075b703d07ff7c7c7b7d5cf6","ssdeep":"","tlshash":"6290040115134057505d05134375c101d5504c3f5005d531751c07435f1045f170075c","size":50,"data":"","first_seen":"2024-01-04T10:26:15Z","last_seen":"2026-01-15T16:13:58.023216Z","times_seen":184974,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/ct?id=80705\u0026url=https%3A%2F%2Fww38.mous.xyz%2Famznanos30%2F\u0026sf=0\u0026tpi=\u0026ch=AdsDeli%20-%20domain%20-%20landingpage\u0026uvid=f2c4d9e5c726b28400aef3e05ae101ee7cb38470\u0026tsf=0\u0026tsfmi=\u0026tsfu=\u0026cb=1766350926410\u0026hl=2\u0026op=0\u0026ag=2881387774\u0026rand=640212619251821958028782659010020289272118212821160127962696096121791058655260469075051181\u0026fs=1280x1024\u0026fst=1280x1024\u0026np=win32\u0026nv=\u0026ref=\u0026ss=1280x1024\u0026nc=0\u0026at=\u0026di=W1siZWYiLDQxNDddLFsiYWJuY2giLDZdLFstMzEsImZhbHNlIl0sWy0zOCwiaSwtMSwtMSwxMSwwLDAsMCwwLDEyMCw2MiwtMSwwLCwzNjEsMzk5LDM5OCJdLFstNSwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwiMVwiIl0sWy0xNywiMzIiXSxbLTQwLCIzNyJdLFstNDQsIjAsNSwwLDUiXSxbLTE1LCItIl0sWy0yMSwiLSJdLFstMjQsIltdIl0sWy0zMiwiMCJdLFstMzUsIlsxNzY2MzUwOTI2MjU0LDBdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2VdIl0sWy02MCwiLSJdLFstNjYsIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTI2LCItIl0sWy00OSwiLSJdLFstNTksIi0iXSxbLTY1LCItIl0sWy03MCwiLSJdLFstNCwiLSJdLFstNywiLSJdLFstMTAsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTU1LCIwIl0sWy02MiwiNTgiXSxbLTYzLCItIl0sWy02NCwiLSJdLFstNzQsIi0iXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcIm1lc2FcIixcInJcIjpcImxsdm1waXBlXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjBcIixcImd2ZW5cIjpcIm1vemlsbGFcIixcImJlblwiOjI0LFwid2dsXCI6MSxcImdyZW5cIjpcImxsdm1waXBlXCIsXCJzZWZcIjo0OTQxOTUwNDMsXCJzZWNcIjpcIlwifSJdLFstMiwiMyxJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy0xNCwiLSJdLFstMjAsIi0iXSxbLTI1LCItIl0sWy0yNywiLSJdLFstMjksIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTUyLCItIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCwxMDI0LDAsMCwwLDAsXCItXCIsXCItXCIsMTI4MCwxMDI0LG51bGxdIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstNDEsIi0iXSxbLTcyLCJFeFU9Il0sWy03MywiRWhRPSJdLFstMjMsIisiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNTcsIlMzbFJUVTFKU2dNV0ZseE1WbHNYUUZaTVNrMVlTMHBiVEZCVlhWQlhYaGRhVmxRV1NrRkpGbEFXQ3dzTlh3RU1DZ2tMV0ZnTFd3OWNXZ29KV0ZoYUFGZ0JERjFZQzFwYlh3QVhVMG9EQ0FNQkR3c0tDaFVPQ0FBV1RSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWmNURlpiRjBCV1RFcE5XRXRLVzB4UVZWMVFWMTRYV2xaVUZrcEJTUlpRRmdzTERWOEJEQW9KQzFoWUMxc1BYRm9LQ1ZoWVdnQllBUXhkV0F0YVcxOEFGMU5LQXdnREFROE5DZ2dWU2x4TmJWQlVYRlpNVFJsUldGZGRWVnhMRXc0SUFCWk5GMXhCU1ZaTFRVb1dCWGxSVFUxSlNnTVdGbHhNVmxzWFFGWk1TazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTZz09Il0sWy02NywiLSJdLFstMSwiTGludXggeDg2XzY0Il0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwidGNibG9ja1wiLFwic2VhcmNoYm94QmxvY2tcIixcImdldFhNTGh0dHBcIixcImZhbGxiYWNrUmVkaXJlY3RcIixcImFqYXhRdWVyeVwiLFwiYWpheEJhY2tmaWxsXCIsXCJsb2FkRmVlZFwiLFwieG1sSHR0cFwiLFwiZ2V0TG9hZEZlZWRBcmd1bWVudHNcIixcIl9fY3RjZ19jdF84MDcwNV9leGVjXCIsXCJOb3RpZnlQYWludEV2ZW50XCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstOSwiLSJdLFstMTMsIi0iXSxbLTM0LCItIl0sWy0zNywiLSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwMDAwMSJdLFstNTAsIi0iXSxbLTU0LCJ7XCJoXCI6W1wiMzI5OTcyODQ1MlwiLFwiODIyODIzMTE5XCIsXCJfM1wiLFwiMjYzOTIyMjQ2OFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMFwiLFwiMjY0NjAzODgyXCJdLFwic1wiOjF9Il0sWy01OCwiLSJdLFstNjEsIi0iXSxbLTY5LCJXaW4zMnx8fDMyfC18LSJdLFstMTgsIlsxLDAsMCwwXSJdLFstMjgsImVuLVVTLGVuIl0sWy0zMywiLSJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCJbXCItXCIsXCItXCIsXCItXCIsXCItXCIsXCItXCJdIl0sWy01MywiMDAxIl0sWyJibmNoIiwxOTRdLFstOCwiLSJdLFstMTYsIjAiXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstNDYsIjAiXSxbLTUxLCItIl0sWy02OCwiLSJdLFstNzEsImEwMTAwMTAxMTAwMTAwMTAxMDAwMTAxMDAxMTAxMTAwMDAwMDEwIl0sWyJkZGIiLCIwLDMsMCwxLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwxLDAsMCwwLDAsMCwyLDIsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMTAsMCw1LDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwIl0sWyJjYiIsIjEsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDI2LDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCJdXQ%3D%3D\u0026dep=0\u0026pre=0\u0026sdd=\u0026cri=SgddTnQs0o\u0026pto=572\u0026ver=65\u0026gac=-\u0026mei=\u0026ap=\u0026fe=1\u0026duid=1.1766350926.0elmto5HF2KqJBlI\u0026suid=1.1766350926.18LoEalReMUUGG0H\u0026tuid=1.1766350926.m1W3Nwq6ADycKz7T\u0026fbc=-\u0026gtm=-\u0026it=7%2C285%2C66\u0026fbcl=-\u0026gacl=-\u0026gacsd=-\u0026rtic=-\u0026rtict=-\u0026bgc=-\u0026spa=1\u0026urid=0\u0026ab=\u0026sck=-\u0026io=aGA2Og%3D%3D","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae016a9d6a38b825adc4554f40664388","sha1":"f161d7e4632d489ec79e16bb328c40c2e5b0119a","sha256":"83ac7346ec65838028da44b0b17c8d599229f9d386ff04f8e9133072ed72c6e6","sha512":"071d4675fe2aa641ad46ee591b59ebb8f12523ccc4fe2507e8120da32872d49396d10cc40b9f1149700e566604e8f8ba893ef56ddbedd7cc4c2b736cf68672b0","ssdeep":"","tlshash":"3c612a7c21187db4891586bae357be779b9249772e8f819e0473e30b0d2ab4ee711484","size":3401,"data":"","first_seen":"2025-12-21T21:02:30.528747Z","last_seen":"2025-12-21T21:02:30.528747Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/mon","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:16.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1755\r\nOrigin: https://ww38.mous.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nCookie: cg_uuid=498b02f33ed1d1f4b81a4e5ea0b51e6b\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1755,"data":"e=37dfbd8ee84e00126ce8c430ea4e889b9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674d8b8bdb072e6918fd2d2305d33a8966950c315427c657550e35565ac7eb6d1d77be26bb25cb43e29232f54c69a8132c7b19c452e944ec8bc59a7ee46a56a82b9eec47679c796e092818c5871d61eb72bffeb1ba131be20ecca7478c31db6bda508e1547f77303fd1f564c2acf423ee499b6f564eb63ed1fcc64a61d2a2ca6d537783b7a58856499eb40b25163a7dbae234e7e3cd6943232c9d51d0c2056770208f5dd78347554f1f34f7fd8afa47bc5e45f714e2baca1f1c29c24bb8e8848f744c20d2c68ceef9bb6fe288299a03785391c89bd8d6c5b1ce87e28ef931c7ab387be37914eb60cadd54588119a9120873b35898b3bca31c5c0e2f293fda14c7bb570e8a9f0285134bcd37f82e750b957387ec54148d7c2db988fbc9233887286d0f5987fea7b6b2483686bccd4d10067d1e233f341c4955cb070a176000416ca3bb00ed7cbec30fa893bcb1aec83d9c9648b5e0423bd521747754c7dd1a76eb8058c8c8b64ebde60feb122d185e5e85689f0bf1f293ec6a95a44fab9025d0ee2c7e474ae2887f840fda272a076cb309553d414cba93cc7182ff8af92663c3f7c022a0b5f11b6e29071d300bf59534021ffa852dc9e1c10e3bfdebba071c5ece0e09bfeaff026532eaf02dfe24b6491427b1ad0655b7269f672ad7007c2be9d3ece3fd25dfda9578cc27fc5021d3d3241394ac8d2eec93d65549d1e4396d6d9b2b2cc4d0496cce208c793112ea5b7774b1ef9e9cb4a33f362dc0b8d10f13e8513dcce15fbbf32eb998eccc54605ec9e7c228407d2c4e3d05c9b08260a17d6281542bbc83293fe568ec089c254d195d3624a663be16efa41f30aece33cc16b1c7f53307f63f30edbc3215fb86fc0a7f529cb8f10dd6679ae0d6e6cc2bd931850ef71f58e10c615715d08ae312c9ebd882b98062c90850fb3809eacd500c857482317fa6b370ddfc34e4eb03de7fec12a8fcffe570b29b0602114169e5442ec9cee1b11947e6391d3de07dbdee48a057ef7\u0026cri=SgddTnQs0o\u0026sf=0\u0026dc=\u0026cp=10\u0026gtm=-\u0026gac=-\u0026uvid=f2c4d9e5c726b28400aef3e05ae101ee7cb38470\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=10006\u0026mo=0\u0026pn=10753\u0026spn=746\u0026fp=361\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://ww38.mous.xyz\r\ncontent-type: application/json\r\ndate: Sun, 21 Dec 2025 21:02:16 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/ct?id=80705\u0026url=https%3A%2F%2Fww38.mous.xyz%2Famznanos30%2F\u0026sf=0\u0026tpi=\u0026ch=AdsDeli%20-%20domain%20-%20landingpage\u0026uvid=f2c4d9e5c726b28400aef3e05ae101ee7cb38470\u0026tsf=0\u0026tsfmi=\u0026tsfu=\u0026cb=1766350926410\u0026hl=2\u0026op=0\u0026ag=2881387774\u0026rand=640212619251821958028782659010020289272118212821160127962696096121791058655260469075051181\u0026fs=1280x1024\u0026fst=1280x1024\u0026np=win32\u0026nv=\u0026ref=\u0026ss=1280x1024\u0026nc=0\u0026at=\u0026di=W1siZWYiLDQxNDddLFsiYWJuY2giLDZdLFstMzEsImZhbHNlIl0sWy0zOCwiaSwtMSwtMSwxMSwwLDAsMCwwLDEyMCw2MiwtMSwwLCwzNjEsMzk5LDM5OCJdLFstNSwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwiMVwiIl0sWy0xNywiMzIiXSxbLTQwLCIzNyJdLFstNDQsIjAsNSwwLDUiXSxbLTE1LCItIl0sWy0yMSwiLSJdLFstMjQsIltdIl0sWy0zMiwiMCJdLFstMzUsIlsxNzY2MzUwOTI2MjU0LDBdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2VdIl0sWy02MCwiLSJdLFstNjYsIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTI2LCItIl0sWy00OSwiLSJdLFstNTksIi0iXSxbLTY1LCItIl0sWy03MCwiLSJdLFstNCwiLSJdLFstNywiLSJdLFstMTAsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTU1LCIwIl0sWy02MiwiNTgiXSxbLTYzLCItIl0sWy02NCwiLSJdLFstNzQsIi0iXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcIm1lc2FcIixcInJcIjpcImxsdm1waXBlXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjBcIixcImd2ZW5cIjpcIm1vemlsbGFcIixcImJlblwiOjI0LFwid2dsXCI6MSxcImdyZW5cIjpcImxsdm1waXBlXCIsXCJzZWZcIjo0OTQxOTUwNDMsXCJzZWNcIjpcIlwifSJdLFstMiwiMyxJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy0xNCwiLSJdLFstMjAsIi0iXSxbLTI1LCItIl0sWy0yNywiLSJdLFstMjksIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTUyLCItIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCwxMDI0LDAsMCwwLDAsXCItXCIsXCItXCIsMTI4MCwxMDI0LG51bGxdIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstNDEsIi0iXSxbLTcyLCJFeFU9Il0sWy03MywiRWhRPSJdLFstMjMsIisiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNTcsIlMzbFJUVTFKU2dNV0ZseE1WbHNYUUZaTVNrMVlTMHBiVEZCVlhWQlhYaGRhVmxRV1NrRkpGbEFXQ3dzTlh3RU1DZ2tMV0ZnTFd3OWNXZ29KV0ZoYUFGZ0JERjFZQzFwYlh3QVhVMG9EQ0FNQkR3c0tDaFVPQ0FBV1RSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWmNURlpiRjBCV1RFcE5XRXRLVzB4UVZWMVFWMTRYV2xaVUZrcEJTUlpRRmdzTERWOEJEQW9KQzFoWUMxc1BYRm9LQ1ZoWVdnQllBUXhkV0F0YVcxOEFGMU5LQXdnREFROE5DZ2dWU2x4TmJWQlVYRlpNVFJsUldGZGRWVnhMRXc0SUFCWk5GMXhCU1ZaTFRVb1dCWGxSVFUxSlNnTVdGbHhNVmxzWFFGWk1TazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTZz09Il0sWy02NywiLSJdLFstMSwiTGludXggeDg2XzY0Il0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwidGNibG9ja1wiLFwic2VhcmNoYm94QmxvY2tcIixcImdldFhNTGh0dHBcIixcImZhbGxiYWNrUmVkaXJlY3RcIixcImFqYXhRdWVyeVwiLFwiYWpheEJhY2tmaWxsXCIsXCJsb2FkRmVlZFwiLFwieG1sSHR0cFwiLFwiZ2V0TG9hZEZlZWRBcmd1bWVudHNcIixcIl9fY3RjZ19jdF84MDcwNV9leGVjXCIsXCJOb3RpZnlQYWludEV2ZW50XCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstOSwiLSJdLFstMTMsIi0iXSxbLTM0LCItIl0sWy0zNywiLSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwMDAwMSJdLFstNTAsIi0iXSxbLTU0LCJ7XCJoXCI6W1wiMzI5OTcyODQ1MlwiLFwiODIyODIzMTE5XCIsXCJfM1wiLFwiMjYzOTIyMjQ2OFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMFwiLFwiMjY0NjAzODgyXCJdLFwic1wiOjF9Il0sWy01OCwiLSJdLFstNjEsIi0iXSxbLTY5LCJXaW4zMnx8fDMyfC18LSJdLFstMTgsIlsxLDAsMCwwXSJdLFstMjgsImVuLVVTLGVuIl0sWy0zMywiLSJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCJbXCItXCIsXCItXCIsXCItXCIsXCItXCIsXCItXCJdIl0sWy01MywiMDAxIl0sWyJibmNoIiwxOTRdLFstOCwiLSJdLFstMTYsIjAiXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstNDYsIjAiXSxbLTUxLCItIl0sWy02OCwiLSJdLFstNzEsImEwMTAwMTAxMTAwMTAwMTAxMDAwMTAxMDAxMTAxMTAwMDAwMDEwIl0sWyJkZGIiLCIwLDMsMCwxLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwxLDAsMCwwLDAsMCwyLDIsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMTAsMCw1LDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwIl0sWyJjYiIsIjEsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDI2LDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCJdXQ%3D%3D\u0026dep=0\u0026pre=0\u0026sdd=\u0026cri=SgddTnQs0o\u0026pto=572\u0026ver=65\u0026gac=-\u0026mei=\u0026ap=\u0026fe=1\u0026duid=1.1766350926.0elmto5HF2KqJBlI\u0026suid=1.1766350926.18LoEalReMUUGG0H\u0026tuid=1.1766350926.m1W3Nwq6ADycKz7T\u0026fbc=-\u0026gtm=-\u0026it=7%2C285%2C66\u0026fbcl=-\u0026gacl=-\u0026gacsd=-\u0026rtic=-\u0026rtict=-\u0026bgc=-\u0026spa=1\u0026urid=0\u0026ab=\u0026sck=-\u0026io=aGA2Og%3D%3D","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"GET /ct?id=80705\u0026url=https%3A%2F%2Fww38.mous.xyz%2Famznanos30%2F\u0026sf=0\u0026tpi=\u0026ch=AdsDeli%20-%20domain%20-%20landingpage\u0026uvid=f2c4d9e5c726b28400aef3e05ae101ee7cb38470\u0026tsf=0\u0026tsfmi=\u0026tsfu=\u0026cb=1766350926410\u0026hl=2\u0026op=0\u0026ag=2881387774\u0026rand=640212619251821958028782659010020289272118212821160127962696096121791058655260469075051181\u0026fs=1280x1024\u0026fst=1280x1024\u0026np=win32\u0026nv=\u0026ref=\u0026ss=1280x1024\u0026nc=0\u0026at=\u0026di=W1siZWYiLDQxNDddLFsiYWJuY2giLDZdLFstMzEsImZhbHNlIl0sWy0zOCwiaSwtMSwtMSwxMSwwLDAsMCwwLDEyMCw2MiwtMSwwLCwzNjEsMzk5LDM5OCJdLFstNSwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwiMVwiIl0sWy0xNywiMzIiXSxbLTQwLCIzNyJdLFstNDQsIjAsNSwwLDUiXSxbLTE1LCItIl0sWy0yMSwiLSJdLFstMjQsIltdIl0sWy0zMiwiMCJdLFstMzUsIlsxNzY2MzUwOTI2MjU0LDBdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2VdIl0sWy02MCwiLSJdLFstNjYsIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTI2LCItIl0sWy00OSwiLSJdLFstNTksIi0iXSxbLTY1LCItIl0sWy03MCwiLSJdLFstNCwiLSJdLFstNywiLSJdLFstMTAsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTU1LCIwIl0sWy02MiwiNTgiXSxbLTYzLCItIl0sWy02NCwiLSJdLFstNzQsIi0iXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcIm1lc2FcIixcInJcIjpcImxsdm1waXBlXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjBcIixcImd2ZW5cIjpcIm1vemlsbGFcIixcImJlblwiOjI0LFwid2dsXCI6MSxcImdyZW5cIjpcImxsdm1waXBlXCIsXCJzZWZcIjo0OTQxOTUwNDMsXCJzZWNcIjpcIlwifSJdLFstMiwiMyxJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy0xNCwiLSJdLFstMjAsIi0iXSxbLTI1LCItIl0sWy0yNywiLSJdLFstMjksIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTUyLCItIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCwxMDI0LDAsMCwwLDAsXCItXCIsXCItXCIsMTI4MCwxMDI0LG51bGxdIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstNDEsIi0iXSxbLTcyLCJFeFU9Il0sWy03MywiRWhRPSJdLFstMjMsIisiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNTcsIlMzbFJUVTFKU2dNV0ZseE1WbHNYUUZaTVNrMVlTMHBiVEZCVlhWQlhYaGRhVmxRV1NrRkpGbEFXQ3dzTlh3RU1DZ2tMV0ZnTFd3OWNXZ29KV0ZoYUFGZ0JERjFZQzFwYlh3QVhVMG9EQ0FNQkR3c0tDaFVPQ0FBV1RSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWmNURlpiRjBCV1RFcE5XRXRLVzB4UVZWMVFWMTRYV2xaVUZrcEJTUlpRRmdzTERWOEJEQW9KQzFoWUMxc1BYRm9LQ1ZoWVdnQllBUXhkV0F0YVcxOEFGMU5LQXdnREFROE5DZ2dWU2x4TmJWQlVYRlpNVFJsUldGZGRWVnhMRXc0SUFCWk5GMXhCU1ZaTFRVb1dCWGxSVFUxSlNnTVdGbHhNVmxzWFFGWk1TazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTZz09Il0sWy02NywiLSJdLFstMSwiTGludXggeDg2XzY0Il0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwidGNibG9ja1wiLFwic2VhcmNoYm94QmxvY2tcIixcImdldFhNTGh0dHBcIixcImZhbGxiYWNrUmVkaXJlY3RcIixcImFqYXhRdWVyeVwiLFwiYWpheEJhY2tmaWxsXCIsXCJsb2FkRmVlZFwiLFwieG1sSHR0cFwiLFwiZ2V0TG9hZEZlZWRBcmd1bWVudHNcIixcIl9fY3RjZ19jdF84MDcwNV9leGVjXCIsXCJOb3RpZnlQYWludEV2ZW50XCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstOSwiLSJdLFstMTMsIi0iXSxbLTM0LCItIl0sWy0zNywiLSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwMDAwMSJdLFstNTAsIi0iXSxbLTU0LCJ7XCJoXCI6W1wiMzI5OTcyODQ1MlwiLFwiODIyODIzMTE5XCIsXCJfM1wiLFwiMjYzOTIyMjQ2OFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMFwiLFwiMjY0NjAzODgyXCJdLFwic1wiOjF9Il0sWy01OCwiLSJdLFstNjEsIi0iXSxbLTY5LCJXaW4zMnx8fDMyfC18LSJdLFstMTgsIlsxLDAsMCwwXSJdLFstMjgsImVuLVVTLGVuIl0sWy0zMywiLSJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCJbXCItXCIsXCItXCIsXCItXCIsXCItXCIsXCItXCJdIl0sWy01MywiMDAxIl0sWyJibmNoIiwxOTRdLFstOCwiLSJdLFstMTYsIjAiXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstNDYsIjAiXSxbLTUxLCItIl0sWy02OCwiLSJdLFstNzEsImEwMTAwMTAxMTAwMTAwMTAxMDAwMTAxMDAxMTAxMTAwMDAwMDEwIl0sWyJkZGIiLCIwLDMsMCwxLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwxLDAsMCwwLDAsMCwyLDIsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMTAsMCw1LDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwIl0sWyJjYiIsIjEsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDI2LDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCJdXQ%3D%3D\u0026dep=0\u0026pre=0\u0026sdd=\u0026cri=SgddTnQs0o\u0026pto=572\u0026ver=65\u0026gac=-\u0026mei=\u0026ap=\u0026fe=1\u0026duid=1.1766350926.0elmto5HF2KqJBlI\u0026suid=1.1766350926.18LoEalReMUUGG0H\u0026tuid=1.1766350926.m1W3Nwq6ADycKz7T\u0026fbc=-\u0026gtm=-\u0026it=7%2C285%2C66\u0026fbcl=-\u0026gacl=-\u0026gacsd=-\u0026rtic=-\u0026rtict=-\u0026bgc=-\u0026spa=1\u0026urid=0\u0026ab=\u0026sck=-\u0026io=aGA2Og%3D%3D HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\nset-cookie: cg_uuid=498b02f33ed1d1f4b81a4e5ea0b51e6b; Max-Age=29030400; Path=/; Expires=Sun, 22 Nov 2026 21:02:06 GMT; HttpOnly; Secure; SameSite=None\r\ntiming-allow-origin: https://ww38.mous.xyz\r\ncontent-length: 1163\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3401,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3401), with no line terminators","md5":"ae016a9d6a38b825adc4554f40664388","sha1":"f161d7e4632d489ec79e16bb328c40c2e5b0119a","sha256":"83ac7346ec65838028da44b0b17c8d599229f9d386ff04f8e9133072ed72c6e6","sha512":"071d4675fe2aa641ad46ee591b59ebb8f12523ccc4fe2507e8120da32872d49396d10cc40b9f1149700e566604e8f8ba893ef56ddbedd7cc4c2b736cf68672b0","ssdeep":"","tlshash":"3c612a7c21187db4891586bae357be779b9249772e8f819e0473e30b0d2ab4ee711484","first_seen":"2025-12-21T21:02:30.528747Z","last_seen":"2025-12-21T21:02:30.528747Z","times_seen":1,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":103,"dns":2,"connect":34,"send":0,"wait":64,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:52 GMT","end":"Wed, 25 Feb 2026 15:59:51 GMT"},"fingerprint":{"sha1":"E4:25:76:F6:C4:FB:46:FE:7A:37:E5:D8:E5:14:75:A2:B3:75:D2:9B","sha256":"34:44:B0:C8:96:F4:D4:42:DB:58:BD:4B:C9:72:0A:E2:31:20:B1:87:B3:2A:DD:E7:6B:62:AA:AB:58:B6:92:89"}}},"request":{"raw":"GET /sodar/sodar2.js HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 7188\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nexpires: Sun, 21 Dec 2025 21:02:06 GMT\r\ncache-control: private, max-age=3000\r\netag: \"1747411493688989\"\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19990,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1398)","md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":28,"dns":1,"connect":8,"send":0,"wait":18,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/mon","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:09.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1752\r\nOrigin: https://ww38.mous.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nCookie: cg_uuid=498b02f33ed1d1f4b81a4e5ea0b51e6b\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1752,"data":"e=37dfbd8ee84e00126ce8c430ea4e889b9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674d8b8bdb072e6918fd2d2305d33a8966950c315427c657550e35565ac7eb6d1d77be26bb25cb43e29232f54c69a8132c7b19c452e944ec8bc59a7ee46a56a82b9eec47679c796e092818c5871d61eb72bffeb1ba131be20ecca7478c31db6bda508e1547f77303fd1f564c2acf423ee499b6f564eb63ed1fcc64a61d2a2ca6d537783b7a58856499eb40b25163a7dbae234e7e3cd6943232c9d51d0c2056770208f5dd78347554f1f34f7fd8afa47bc5e45f714e2baca1f1c29c24bb8e8848f744c20d2c68ceef9bb6fe288299a03785391c89bd8d6c5b1ce87e28ef931c7ab387be37914eb60cadd54588119a9120873b35898b3bca31c5c0e2f293fda14c7bb570e8a9f0285134bcd37f82e750b957387ec54148d7c2db988fbc9233887286d0f5987fea7b6b2483686bccd4d10067d1e233f341c4955cb070a176000416ca3bb00ed7cbec30fa893bcb1aec83d9c9648b5e0423bd521747754c7dd1a76eb8058c8c8b64ebde60feb122d185e5e85689f0bf1f293ec6a95a44fab9025d0ee2c7e474ae2887f840fda272a076cb309553d414cba93cc7182ff8af92663c3f7c022a0b5f11b6e29071d300bf59534021ffa852dc9e1c10e3bfdebba071c5ece0e09bfeaff026532eaf02dfe24b6491427b1ad0655b7269f672ad7007c2be9d3ece3fd25dfda9578cc27fc5021d3d3241394ac8d2eec93d65549d1e4396d6d9b2b2cc4d0496cce208c793112ea5b7774b1ef9e9cb4a33f362dc0b8d10f13e8513dcce15fbbf32eb998eccc54605ec9e7c228407d2c4e3d05c9b08260a17d6281542bbc83293fe568ec089c254d195d3624a663be16efa41f30aece33cc16b1c7f53307f63f30edbc3215fb86fc0a7f529cb8f10dd6679ae0d6e6cc2bd931850ef71f58e10c615715d08ae312c9ebd882b98062c90850fb3809eacd500c857482317fa6b370ddfc34e4eb03de7fec12a8fcffe570b29b0602114169e5442ec9cee1b11947e6391d3de07dbdee48a057ef7\u0026cri=SgddTnQs0o\u0026sf=0\u0026dc=\u0026cp=3\u0026gtm=-\u0026gac=-\u0026uvid=f2c4d9e5c726b28400aef3e05ae101ee7cb38470\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=3002\u0026mo=0\u0026pn=3749\u0026spn=746\u0026fp=361\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://ww38.mous.xyz\r\ncontent-type: application/json\r\ndate: Sun, 21 Dec 2025 21:02:09 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/mon","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:21.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1755\r\nOrigin: https://ww38.mous.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nCookie: cg_uuid=498b02f33ed1d1f4b81a4e5ea0b51e6b\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1755,"data":"e=37dfbd8ee84e00126ce8c430ea4e889b9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674d8b8bdb072e6918fd2d2305d33a8966950c315427c657550e35565ac7eb6d1d77be26bb25cb43e29232f54c69a8132c7b19c452e944ec8bc59a7ee46a56a82b9eec47679c796e092818c5871d61eb72bffeb1ba131be20ecca7478c31db6bda508e1547f77303fd1f564c2acf423ee499b6f564eb63ed1fcc64a61d2a2ca6d537783b7a58856499eb40b25163a7dbae234e7e3cd6943232c9d51d0c2056770208f5dd78347554f1f34f7fd8afa47bc5e45f714e2baca1f1c29c24bb8e8848f744c20d2c68ceef9bb6fe288299a03785391c89bd8d6c5b1ce87e28ef931c7ab387be37914eb60cadd54588119a9120873b35898b3bca31c5c0e2f293fda14c7bb570e8a9f0285134bcd37f82e750b957387ec54148d7c2db988fbc9233887286d0f5987fea7b6b2483686bccd4d10067d1e233f341c4955cb070a176000416ca3bb00ed7cbec30fa893bcb1aec83d9c9648b5e0423bd521747754c7dd1a76eb8058c8c8b64ebde60feb122d185e5e85689f0bf1f293ec6a95a44fab9025d0ee2c7e474ae2887f840fda272a076cb309553d414cba93cc7182ff8af92663c3f7c022a0b5f11b6e29071d300bf59534021ffa852dc9e1c10e3bfdebba071c5ece0e09bfeaff026532eaf02dfe24b6491427b1ad0655b7269f672ad7007c2be9d3ece3fd25dfda9578cc27fc5021d3d3241394ac8d2eec93d65549d1e4396d6d9b2b2cc4d0496cce208c793112ea5b7774b1ef9e9cb4a33f362dc0b8d10f13e8513dcce15fbbf32eb998eccc54605ec9e7c228407d2c4e3d05c9b08260a17d6281542bbc83293fe568ec089c254d195d3624a663be16efa41f30aece33cc16b1c7f53307f63f30edbc3215fb86fc0a7f529cb8f10dd6679ae0d6e6cc2bd931850ef71f58e10c615715d08ae312c9ebd882b98062c90850fb3809eacd500c857482317fa6b370ddfc34e4eb03de7fec12a8fcffe570b29b0602114169e5442ec9cee1b11947e6391d3de07dbdee48a057ef7\u0026cri=SgddTnQs0o\u0026sf=0\u0026dc=\u0026cp=15\u0026gtm=-\u0026gac=-\u0026uvid=f2c4d9e5c726b28400aef3e05ae101ee7cb38470\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=15009\u0026mo=0\u0026pn=15756\u0026spn=746\u0026fp=361\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://ww38.mous.xyz\r\ncontent-type: application/json\r\ndate: Sun, 21 Dec 2025 21:02:21 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"euob.youstarsbuilding.com/sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js","fqdn":"euob.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"65.9.46.116","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 18 May 2025 00:00:00 GMT","end":"Tue, 16 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EA:29:53:45:CD:1F:37:FB:0A:5B:EE:BA:2B:10:20:63:7D:EE:AB:EB","sha256":"2F:1E:65:36:AB:FD:A7:A0:E2:EF:4F:B3:C2:81:B9:D4:40:D5:97:BE:7F:28:61:2C:32:1D:24:77:4B:21:66:37"}}},"request":{"raw":"GET /sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js HTTP/1.1\r\nHost: euob.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 44280\r\ncontent-encoding: gzip\r\nserver: Caddy\r\ndate: Sun, 21 Dec 2025 13:56:54 GMT\r\ncache-control: max-age=43200\r\nexpires: Mon, 22 Dec 2025 01:56:51 GMT\r\netag: \"1d43c-wQYUO2RTFNKsOEgFaNY5b5Iaq8s\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 48238c381b3e8aba2677f8bc0bda423c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: VDXDlwTQbVD3JI8swA0LF9BXcKMShhUbHEPFVh6hExH7Xia8ZTIpJQ==\r\nage: 25515\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":119868,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"data","md5":"8029362628da964c8180dcd7ce5dee64","sha1":"c106143b645314d2ac38480568d6396f921aabcb","sha256":"4413059d59ca7cca178af3bbbc46eefc5a1e9f6f79fb54d475c308be87309d60","sha512":"215441c90181b9f91c827e1ce2c6eba4fbca697e409e9c0333a97ddca78a309e5eec907c8b357a7b6e0d7611a4b55dc55c8d9e5a4390ddc1edb0bd6de9ce0b02","ssdeep":"1536:Qu5y/b5E0bwM7sIo8L0SUs8LonlEzsjxM96nhXxwcTkYtsdlBnFIUtY0PVEWm/5c:QuQb7O8hzjnhGdhtNP8/kLP/VVZF","tlshash":"3cc3d79db2e27025439334a5157f410ae27b5e503c4b8294d27ee9d4ac7ce8e817bfac","first_seen":"2025-11-17T13:15:00.257414Z","last_seen":"2026-01-07T13:44:42.282578Z","times_seen":17041,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":26,"dns":0,"connect":10,"send":0,"wait":12,"receive":9,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026adsdeli=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:20 GMT","end":"Wed, 25 Feb 2026 15:57:19 GMT"},"fingerprint":{"sha1":"13:5B:80:5A:23:15:61:AE:98:37:1B:0A:3C:F6:E2:BD:63:8E:3B:D6","sha256":"22:03:24:94:F7:E3:5F:66:1B:39:CE:18:75:20:3D:01:AC:FE:93:AA:1A:73:8C:D5:34:98:AB:2B:E5:19:37:12"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026adsdeli=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nexpires: Sun, 21 Dec 2025 21:02:06 GMT\r\ncache-control: private, max-age=3600\r\netag: \"12987528940678181325\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":134027,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2840)","md5":"226d8b922a47d1d01896328ac5f29080","sha1":"228b48495e20d50326164178f4e05c1df4c8e630","sha256":"f95fea007424808c54a06a6bd7a7e0297f46d00d9bdf134afa78245f7e3903fc","sha512":"da97c330d247dab15073920cde860a1491c147eb2ce02a1e917a6ffc6e7b5bbab681395d3a3e394685091a2956ca62a15b2704d32cc5a1d0caae25036c86149c","ssdeep":"1536:MzL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:XuydkXiR5zzTq+bxpD3ZV4T","tlshash":"9bd33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","first_seen":"2025-12-11T16:42:36.25698Z","last_seen":"2026-01-07T19:22:29.46074Z","times_seen":14588,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":58,"dns":1,"connect":8,"send":0,"wait":19,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.206","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=7%2FgR8W1BTZ6z7tdUFVg5mw%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011%2Cbucket077\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww38.mous.xyz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.d1rdkcCeoY4meTYqwYzO_3p8nNKSkKYHlmNJNc9KJU-jdpJmONBjrg.SD6kDIKQtOdOtdfUiOWOXA.UaFAOM9herv75MDv6-5_g4LlvJYvJ1PKSBX2oW8xVn-0mHUoB7WaB0sbZO0N7cJ1b8SkgVYl80CTTC6ZDlsAQXWZ-GfRFAqvrJ-L3VcFZyWcPYlisuBh59Zooq3KMZfRQmVckYryGNYpTK4JNDvI0-PAm44-Wn0gnq45bKYZm60v2ei1j_P7a88wyaWOrt6lsY8fTwQfapRF9oT20B_dRSOjW2q5PkNNUxleU4lqwgrrc9hVaPrHsqVdPoBsJbB2QksDjqKcBUb3TKjJ08dpWLSRxKbXhHR2kZWSZE6wnMNIzpffVcIsemWXGFPQ3dOo1HcwoKFplXEGaW9RL1JX-qZ5xlHR6BtnCH24s8J12rseyZ4tIHIog8AZievjA_kWI0fL3bieXHKZ0xAjRBpZEd4He4GBtBvHgz7zonZweis2TklC_LuxGDF-S_3oognKEi-fCedHdYhNBSLwETd5xiVn_VVTEicSQCCcnj8zGkP1I-y95Kz8TrkNusMBSD_SwvV-DQHJTVhnzDafU759t8nBxDnfZ_t48jQMSaaNQG4cnmkjDL1pwHCfJ9wDLfc8krgSCrAo2lynY0Xiqoxf1DnGSYdw1xFSDKULL2GkPsomHNmlwDp5KME4bxad_zO-.9Q2i8MbLZ3lvm8R_lvRWpQ\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=5031766350926416\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.mous.xyz\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1766350926417\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=https%3A%2F%2Fww38.mous.xyz%2Famznanos30%2F","date":"2025-12-21T21:02:06.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:55 GMT","end":"Wed, 25 Feb 2026 15:59:54 GMT"},"fingerprint":{"sha1":"E1:2F:78:B9:70:56:82:55:8F:41:90:B0:9A:C0:C3:0F:E6:89:5E:9A","sha256":"65:E4:E5:2E:71:67:66:D0:0B:50:31:80:5A:C3:63:4C:C6:F8:8D:BF:5C:0C:3A:82:A6:17:4B:BB:C8:ED:DA:8D"}}},"request":{"raw":"GET /adsense/domains/caf.js HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nexpires: Sun, 21 Dec 2025 21:02:06 GMT\r\ncache-control: private, max-age=3600\r\netag: \"16356897480330983528\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":134034,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2840)","md5":"6cb2ae5fef74172bd46fac2076465814","sha1":"8a69280b6ae834ae875865e26a83c782c303f509","sha256":"2b0280579e3a031edcdd4a833827f74797b72ada721b69f148823c048cc3ad56","sha512":"bcbb70e3f933a33bb19e773efe9d4cd7c32e61aafdbc119ae2728c7d8206fe4e420e1d9687cfb9148824d8a3f1f7e79c8a8e17c71dd512b4a6a7d387f296e509","ssdeep":"1536:/zL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:SuydkXiR5zzTq+bxpD3ZV4T","tlshash":"a2d33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","first_seen":"2025-12-11T16:43:36.5228Z","last_seen":"2026-01-07T19:29:49.170183Z","times_seen":11621,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=7%2FgR8W1BTZ6z7tdUFVg5mw%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011%2Cbucket077\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww38.mous.xyz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.d1rdkcCeoY4meTYqwYzO_3p8nNKSkKYHlmNJNc9KJU-jdpJmONBjrg.SD6kDIKQtOdOtdfUiOWOXA.UaFAOM9herv75MDv6-5_g4LlvJYvJ1PKSBX2oW8xVn-0mHUoB7WaB0sbZO0N7cJ1b8SkgVYl80CTTC6ZDlsAQXWZ-GfRFAqvrJ-L3VcFZyWcPYlisuBh59Zooq3KMZfRQmVckYryGNYpTK4JNDvI0-PAm44-Wn0gnq45bKYZm60v2ei1j_P7a88wyaWOrt6lsY8fTwQfapRF9oT20B_dRSOjW2q5PkNNUxleU4lqwgrrc9hVaPrHsqVdPoBsJbB2QksDjqKcBUb3TKjJ08dpWLSRxKbXhHR2kZWSZE6wnMNIzpffVcIsemWXGFPQ3dOo1HcwoKFplXEGaW9RL1JX-qZ5xlHR6BtnCH24s8J12rseyZ4tIHIog8AZievjA_kWI0fL3bieXHKZ0xAjRBpZEd4He4GBtBvHgz7zonZweis2TklC_LuxGDF-S_3oognKEi-fCedHdYhNBSLwETd5xiVn_VVTEicSQCCcnj8zGkP1I-y95Kz8TrkNusMBSD_SwvV-DQHJTVhnzDafU759t8nBxDnfZ_t48jQMSaaNQG4cnmkjDL1pwHCfJ9wDLfc8krgSCrAo2lynY0Xiqoxf1DnGSYdw1xFSDKULL2GkPsomHNmlwDp5KME4bxad_zO-.9Q2i8MbLZ3lvm8R_lvRWpQ\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=5031766350926416\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.mous.xyz\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1766350926417\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=https%3A%2F%2Fww38.mous.xyz%2Famznanos30%2F","date":"2025-12-21T21:02:06.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:52:44 GMT","end":"Wed, 25 Feb 2026 15:52:43 GMT"},"fingerprint":{"sha1":"6A:F0:34:52:EF:16:19:7F:E7:B8:2A:C3:D8:EC:36:27:5F:48:61:31","sha256":"15:AF:19:35:54:71:85:51:A2:01:3A:93:C7:2E:1A:DF:0B:24:9A:C4:A8:2A:59:2F:4B:82:64:81:BB:74:37:D8"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 21 Dec 2025 03:35:53 GMT\r\nexpires: Mon, 22 Dec 2025 02:35:53 GMT\r\ncache-control: public, max-age=82800\r\nage: 62773\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"11b3089d616633ca6b73b57aa877eeb4","sha1":"07632f63e06b30d9b63c97177d3a8122629bda9b","sha256":"809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1","sha512":"079b0e35b479dfdbe64a987661000f4a034b10688e26f2a5fe6aaa807e81ccc5593d40609b731ab3340e687d83dd08de4b8b1e01cdac9d4523a9f6bb3acfcba0","ssdeep":"","tlshash":"d9d02291c2182d28441e82e0c37c312600fab0a2634c00dcfa80e300b20c9abb861669","first_seen":"2023-04-06T23:53:06Z","last_seen":"2026-04-01T02:57:50.32115Z","times_seen":412182,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":51,"dns":1,"connect":8,"send":0,"wait":10,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=7%2FgR8W1BTZ6z7tdUFVg5mw%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011%2Cbucket077\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww38.mous.xyz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.d1rdkcCeoY4meTYqwYzO_3p8nNKSkKYHlmNJNc9KJU-jdpJmONBjrg.SD6kDIKQtOdOtdfUiOWOXA.UaFAOM9herv75MDv6-5_g4LlvJYvJ1PKSBX2oW8xVn-0mHUoB7WaB0sbZO0N7cJ1b8SkgVYl80CTTC6ZDlsAQXWZ-GfRFAqvrJ-L3VcFZyWcPYlisuBh59Zooq3KMZfRQmVckYryGNYpTK4JNDvI0-PAm44-Wn0gnq45bKYZm60v2ei1j_P7a88wyaWOrt6lsY8fTwQfapRF9oT20B_dRSOjW2q5PkNNUxleU4lqwgrrc9hVaPrHsqVdPoBsJbB2QksDjqKcBUb3TKjJ08dpWLSRxKbXhHR2kZWSZE6wnMNIzpffVcIsemWXGFPQ3dOo1HcwoKFplXEGaW9RL1JX-qZ5xlHR6BtnCH24s8J12rseyZ4tIHIog8AZievjA_kWI0fL3bieXHKZ0xAjRBpZEd4He4GBtBvHgz7zonZweis2TklC_LuxGDF-S_3oognKEi-fCedHdYhNBSLwETd5xiVn_VVTEicSQCCcnj8zGkP1I-y95Kz8TrkNusMBSD_SwvV-DQHJTVhnzDafU759t8nBxDnfZ_t48jQMSaaNQG4cnmkjDL1pwHCfJ9wDLfc8krgSCrAo2lynY0Xiqoxf1DnGSYdw1xFSDKULL2GkPsomHNmlwDp5KME4bxad_zO-.9Q2i8MbLZ3lvm8R_lvRWpQ\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=5031766350926416\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.mous.xyz\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1766350926417\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=https%3A%2F%2Fww38.mous.xyz%2Famznanos30%2F","date":"2025-12-21T21:02:06.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:52:44 GMT","end":"Wed, 25 Feb 2026 15:52:43 GMT"},"fingerprint":{"sha1":"6A:F0:34:52:EF:16:19:7F:E7:B8:2A:C3:D8:EC:36:27:5F:48:61:31","sha256":"15:AF:19:35:54:71:85:51:A2:01:3A:93:C7:2E:1A:DF:0B:24:9A:C4:A8:2A:59:2F:4B:82:64:81:BB:74:37:D8"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 270\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 21 Dec 2025 19:34:51 GMT\r\nexpires: Mon, 22 Dec 2025 18:34:51 GMT\r\ncache-control: public, max-age=82800\r\nage: 5235\r\nlast-modified: Thu, 20 Jul 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":391,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8959ddcd9712196961d93f58064ed655","sha1":"62ab1e38e7e9fbf58a04381b76c2d96a9c829f24","sha256":"17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7","sha512":"5e9effa313c30b351345db963238b4afd0728ca302fd79a853c80c89f042266d44cc1d29492520fb0fa80b47135e54e6963dfc21972f6b236b84c1da2fad809d","ssdeep":"","tlshash":"2ae068fa82846d044a8543b0ee09a7a442fff076535d90bbc1e4e6fcb0489eaacd2745","first_seen":"2023-04-08T10:54:48Z","last_seen":"2026-01-21T15:14:27.461955Z","times_seen":243741,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":60,"dns":1,"connect":8,"send":0,"wait":9,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:52 GMT","end":"Wed, 25 Feb 2026 15:59:51 GMT"},"fingerprint":{"sha1":"E4:25:76:F6:C4:FB:46:FE:7A:37:E5:D8:E5:14:75:A2:B3:75:D2:9B","sha256":"34:44:B0:C8:96:F4:D4:42:DB:58:BD:4B:C9:72:0A:E2:31:20:B1:87:B3:2A:DD:E7:6B:62:AA:AB:58:B6:92:89"}}},"request":{"raw":"GET /sodar/sodar2/237/runner.html HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 5044\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 21 Dec 2025 20:57:40 GMT\r\nexpires: Sun, 21 Dec 2025 21:47:40 GMT\r\ncache-control: public, max-age=3000\r\nage: 266\r\nlast-modified: Tue, 13 May 2025 23:17:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2024)","md5":"0120a1d624ff8fc3ec792d93a7133947","sha1":"1e3bd23df78ff2c60b187b40a0c6505be9ab889f","sha256":"14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966","sha512":"84286e299ebc6690ee904b5581cd6aaf6b59d06200b61156923301484d1b75fa517894167c4f4777553ba09c840a2d74a723e3ff112448f00514d910dfd172c5","ssdeep":"192:pl/6xS2OASROqI3wgh5MXDc9EAOaK3qzfaGDCiMgIcTa1mx:rz2NQJIVsTiMH3qzfcOIr1mx","tlshash":"4842a7ccbad2b0210353b4f1a13f400ff13ea8aae44c9954b181e8e17cb56a94667f7d","first_seen":"2025-05-19T23:59:48.478548Z","last_seen":"2026-02-26T18:27:55.136579Z","times_seen":169945,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/mon","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:07.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 2510\r\nOrigin: https://ww38.mous.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nCookie: cg_uuid=498b02f33ed1d1f4b81a4e5ea0b51e6b\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2510,"data":"e=37dfbd8ee84e00126ce8c430ea4e889b9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674d8b8bdb072e6918fd2d2305d33a8966950c315427c657550e35565ac7eb6d1d77be26bb25cb43e29232f54c69a8132c7b19c452e944ec8bc59a7ee46a56a82b9eec47679c796e092818c5871d61eb72bffeb1ba131be20ecca7478c31db6bda508e1547f77303fd1f564c2acf423ee499b6f564eb63ed1fcc64a61d2a2ca6d537783b7a58856499eb40b25163a7dbae234e7e3cd6943232c9d51d0c2056770208f5dd78347554f1f34f7fd8afa47bc5e45f714e2baca1f1c29c24bb8e8848f744c20d2c68ceef9bb6fe288299a03785391c89bd8d6c5b1ce87e28ef931c7ab387be37914eb60cadd54588119a9120873b35898b3bca31c5c0e2f293fda14c7bb570e8a9f0285134bcd37f82e750b957387ec54148d7c2db988fbc9233887286d0f5987fea7b6b2483686bccd4d10067d1e233f341c4955cb070a176000416ca3bb00ed7cbec30fa893bcb1aec83d9c9648b5e0423bd521747754c7dd1a76eb8058c8c8b64ebde60feb122d185e5e85689f0bf1f293ec6a95a44fab9025d0ee2c7e474ae2887f840fda272a076cb309553d414cba93cc7182ff8af92663c3f7c022a0b5f11b6e29071d300bf59534021ffa852dc9e1c10e3bfdebba071c5ece0e09bfeaff026532eaf02dfe24b6491427b1ad0655b7269f672ad7007c2be9d3ece3fd25dfda9578cc27fc5021d3d3241394ac8d2eec93d65549d1e4396d6d9b2b2cc4d0496cce208c793112ea5b7774b1ef9e9cb4a33f362dc0b8d10f13e8513dcce15fbbf32eb998eccc54605ec9e7c228407d2c4e3d05c9b08260a17d6281542bbc83293fe568ec089c254d195d3624a663be16efa41f30aece33cc16b1c7f53307f63f30edbc3215fb86fc0a7f529cb8f10dd6679ae0d6e6cc2bd931850ef71f58e10c615715d08ae312c9ebd882b98062c90850fb3809eacd500c857482317fa6b370ddfc34e4eb03de7fec12a8fcffe570b29b0602114169e5442ec9cee1b11947e6391d3de07dbdee48a057ef7\u0026cri=SgddTnQs0o\u0026sf=0\u0026dc=HBQQCBhvCB8fRR8IHx8IH25DWEFBCB9uHBsUCB9uHhkdHAgfbhscHQgfbhsaGggfbhgaGAgfbhsaGwgfbhgaHAgfbh0IH24eCB9uGhkdCB9uGhkdCBhpCx4cEAgabwgfH1oIHx8IHmwcGh8IH24IHx9FCB8fCB5sGR8IH24IHx9PcggfHwgebBkIGmkLGhwQCBpvCB8fXggfHwgebB0IH24IHx9ACB8fCB5sHQgfbggfH1oIHx8IHmwdCB9uCB8fT3IIHx8IHmwbCBppCxwZHBAIGm8IHx9eCB8fCB5sHAgfbggfH09yCB8fCB5sHQgaaQscGBQQCBpvCB8fSB0IHx8IHmwIHx9eA0pIWW9MWVlIX1QIHx1EXggfHUNCWQgfHUwIHx1LWENOWURCQwgfHwgfbggfH09yCB8fCB5sHAgaaQseHxsQCBhvCBpvCB8fTwgfHwgebB0IH24IHx9eCB8fCB5sCB8fHAgfHwgaaQgfbggabwgfH08IHx8IHmwdCB9uCB8fXggfHwgebAgfHxwIHx8IGmkIGGkLGB8dEAgabwgfH10IHx8IHmwIHx96REMeHwgfHwgfbggfH0EIHx8IHmwIGG8IHx9IQwB4fggfHwgfbggfH0hDCB8fCBhpCB9uCB8fRU4IHx8IHmweHwgfbggfH09yCB8fCB5sGAgaaQsVGhkQCBpvCB8fXggfHwgebB4IH24IHx9YW11MCB8fCB5sHQgfbggfH09yCB8fCB5sHQgaaQ%3D%3D\u0026cp=1\u0026gtm=-\u0026gac=-\u0026uvid=f2c4d9e5c726b28400aef3e05ae101ee7cb38470\u0026tb=1\u0026ich=1\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=1000\u0026mo=0\u0026pn=1748\u0026spn=746\u0026fp=361"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://ww38.mous.xyz\r\ncontent-type: application/json\r\ndate: Sun, 21 Dec 2025 21:02:07 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/amznanos30/","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-21T21:02:05.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww38.mous.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 06:55:00 GMT","end":"Thu, 19 Mar 2026 06:54:59 GMT"},"fingerprint":{"sha1":"5F:EB:58:CE:27:E9:E4:8B:5D:DA:84:22:E8:55:EA:F5:E6:85:EC:AD","sha256":"CC:6B:EE:2E:32:1A:EC:6F:32:CD:9A:99:78:77:B9:13:0C:7A:74:04:4F:B0:21:E4:E6:84:D4:BE:73:56:A2:25"}}},"request":{"raw":"GET /amznanos30/ HTTP/1.1\r\nHost: ww38.mous.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile\r\naccept-ch-lifetime: 30\r\nalt-svc: h3=\":8443\"; ma=2592000\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy, 0.0 Caddy\r\nx-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_KvM7Bu9QTu4pOQK3yPxM5YesAZXgjtoCtISOvncruGS1eahi+mBKqfTcha9Fs0yMkFo3KkMmutBI5ZxmBvbXEA==\r\nx-buckets: bucket011,bucket077\r\nx-domain: mous.xyz\r\nx-language: norwegian\r\nx-pcrew-blocked-reason: \r\nx-pcrew-ip-organization: Blix Solutions\r\nx-subdomain: ww38\r\nx-template: tpl_CleanPeppermintBlack_twoclick\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18430,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9349)","md5":"ec12d373ae529a673f67eed6955fe7e6","sha1":"d9947599e65b640d9b66ea60a786a9b4cdda38f2","sha256":"fd64a589b349bbc25ce20dd1bad591e3f9541a67ed7ca5a41a2524fcf7cd9d6e","sha512":"5f3b65f6ec1fad2c93be0f7b2289e7aecf52dcc3402936041c472dd858573379f7948c871ff401c5c241ff4b8c014d97c1984c5c6e3131bb82244c90d60d668e","ssdeep":"384:Ti9YoHMfOKLjWpTj0KEM9A2V/HeDVcqTEZ9eKD5qb9TkjzjXpim/Y6:TibMfRiTYa9B/HSVcqTEZ9eKD5SJknjd","tlshash":"bf8229a21dd324272ddb501ecbb7e209f46de117891ad875b49d83602f84a4c8532bfc","first_seen":"2025-12-21T21:02:30.534685Z","last_seen":"2025-12-21T21:02:30.534685Z","times_seen":1,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":120,"dns":0,"connect":32,"send":0,"wait":62,"receive":0,"ssl":86},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/munin/a/tr/browserjs?domain=mous.xyz\u0026toggle=browserjs\u0026uid=MTc2NjM1MDkyNS45OTc0OjgzZjMwNDc4Y2Q2MDRmMWUwNGRlMWRhZjk2M2ZjNjk4YWM0M2YxMTQwZDA2NjIxYjg0M2IwNWYzODM1MmFlMWE6Njk0ODYwNGRmMzgzMw%3D%3D","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww38.mous.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 06:55:00 GMT","end":"Thu, 19 Mar 2026 06:54:59 GMT"},"fingerprint":{"sha1":"5F:EB:58:CE:27:E9:E4:8B:5D:DA:84:22:E8:55:EA:F5:E6:85:EC:AD","sha256":"CC:6B:EE:2E:32:1A:EC:6F:32:CD:9A:99:78:77:B9:13:0C:7A:74:04:4F:B0:21:E4:E6:84:D4:BE:73:56:A2:25"}}},"request":{"raw":"GET /munin/a/tr/browserjs?domain=mous.xyz\u0026toggle=browserjs\u0026uid=MTc2NjM1MDkyNS45OTc0OjgzZjMwNDc4Y2Q2MDRmMWUwNGRlMWRhZjk2M2ZjNjk4YWM0M2YxMTQwZDA2NjIxYjg0M2IwNWYzODM1MmFlMWE6Njk0ODYwNGRmMzgzMw%3D%3D HTTP/1.1\r\nHost: ww38.mous.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/amznanos30/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile\r\naccept-ch-lifetime: 30\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":8443\"; ma=2592000\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nvia: 1.1 Caddy, 0.0 Caddy\r\nx-custom-track: browserjs\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126ce8c430ea4e889b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674d8b8bdb072e6918fd2d2305d33a8966950c315427c657550e35565ac7eb6d1d77be26bb25cb43e29232f54c69a8132c7b19c452e944ec8bc59a7ee46a56a82b9eec47679c796e092818c5871d61eb72bffeb1ba131be20ecca7478c31db6bda508e1547f77303fd1f564c2acf423ee499b6f564eb63ed1fcc64a61d2a2ca6d537783b7a58856499eb40b25163a7dbae234e7e3cd6943232c9d51d0c2056770208f5dd78347554f1f34f7fd8afa47bc5e45f714e2baca1f1c29c24bb8e8848f744c20d2c68ceef9bb6fe288299a03785391c89bd8d6c5b1ce87e28ef931c7ab387be37914eb60cadd54588119a9120873b35898b3bca31c5c0e2f293fda14c7bb570e8a9f0285134bcd37f82e750b957387ec54148d7c2db988fbc9233887286d0f5987fea7b6b2483686bccd4d10067d1e233f341c4955cb070a176000416ca3bb00ed7cbec30fa893bcb1aec83d9c9648b5e0423bd521747754c7dd1a76eb8058c8c8b64ebde60feb122d185e5e85689f0bf1f293ec6a95a44fab9025d0ee2c7e474ae2887f840fda272a076cb309553d414cba93cc7182ff8af92663c3f7c022a0b5f11b6e29071d300bf59534021ffa852dc9e1c10e3bfdebba071c5ece0e09bfeaff026532eaf02dfe24b6491427b1ad0655b7269f672ad7007c2be9d3ece3fd25dfda9578cc27fc5021d3d3241394ac8d2eec93d65549d1e4396d6d9b2b2cc4d0496cce208c793112ea5b7774b1ef9e9cb4a33f362dc0b8d10f13e8513dcce15fbbf32eb998eccc54605ec9e7c228407d2c4e3d05c9b08260a17d6281542bbc83293fe568ec089c254d195d3624a663be16efa41f30aece33cc16b1c7f53307f63f30edbc3215fb86fc0a7f529cb8f10dd6679ae0d6e6cc2bd931850ef71f58e10c615715d08ae312c9ebd882b98062c90850fb3809eacd500c857482317fa6b370ddfc34e4eb03de7fec12a8fcffe570b29b0602114169e5442ec9cee1b11947e6391d3de07dbdee48a057ea622e2441316be127c2c8e895a1699dcb587bef146ac\u0026cri=SgddTnQs0o\u0026ts=177\u0026cb=1766350926588","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126ce8c430ea4e889b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674d8b8bdb072e6918fd2d2305d33a8966950c315427c657550e35565ac7eb6d1d77be26bb25cb43e29232f54c69a8132c7b19c452e944ec8bc59a7ee46a56a82b9eec47679c796e092818c5871d61eb72bffeb1ba131be20ecca7478c31db6bda508e1547f77303fd1f564c2acf423ee499b6f564eb63ed1fcc64a61d2a2ca6d537783b7a58856499eb40b25163a7dbae234e7e3cd6943232c9d51d0c2056770208f5dd78347554f1f34f7fd8afa47bc5e45f714e2baca1f1c29c24bb8e8848f744c20d2c68ceef9bb6fe288299a03785391c89bd8d6c5b1ce87e28ef931c7ab387be37914eb60cadd54588119a9120873b35898b3bca31c5c0e2f293fda14c7bb570e8a9f0285134bcd37f82e750b957387ec54148d7c2db988fbc9233887286d0f5987fea7b6b2483686bccd4d10067d1e233f341c4955cb070a176000416ca3bb00ed7cbec30fa893bcb1aec83d9c9648b5e0423bd521747754c7dd1a76eb8058c8c8b64ebde60feb122d185e5e85689f0bf1f293ec6a95a44fab9025d0ee2c7e474ae2887f840fda272a076cb309553d414cba93cc7182ff8af92663c3f7c022a0b5f11b6e29071d300bf59534021ffa852dc9e1c10e3bfdebba071c5ece0e09bfeaff026532eaf02dfe24b6491427b1ad0655b7269f672ad7007c2be9d3ece3fd25dfda9578cc27fc5021d3d3241394ac8d2eec93d65549d1e4396d6d9b2b2cc4d0496cce208c793112ea5b7774b1ef9e9cb4a33f362dc0b8d10f13e8513dcce15fbbf32eb998eccc54605ec9e7c228407d2c4e3d05c9b08260a17d6281542bbc83293fe568ec089c254d195d3624a663be16efa41f30aece33cc16b1c7f53307f63f30edbc3215fb86fc0a7f529cb8f10dd6679ae0d6e6cc2bd931850ef71f58e10c615715d08ae312c9ebd882b98062c90850fb3809eacd500c857482317fa6b370ddfc34e4eb03de7fec12a8fcffe570b29b0602114169e5442ec9cee1b11947e6391d3de07dbdee48a057ea622e2441316be127c2c8e895a1699dcb587bef146ac\u0026cri=SgddTnQs0o\u0026ts=177\u0026cb=1766350926588 HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nCookie: cg_uuid=498b02f33ed1d1f4b81a4e5ea0b51e6b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncontent-length: 43\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"db04c7b378cb2db912c3ba8a5a774ee3","sha1":"dee34bd86c3484d31002182aa2b7caa4699126b8","sha256":"98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a","sha512":"826225fc21717d8861a05b9d2f959539aad2d2b131b2afed75d88fbca535e1b0d5a0da8ac69713a0876a0d467848a37a0a7f926aeafad8cf28201382d16466ab","ssdeep":"","tlshash":"6490000bca888002caa2c0302b8883022b88b0320228832e80bc30a8ee3b3a20c02000","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-03T22:31:06.785063Z","times_seen":355063,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/munin/a/tr/answercheck/yes?domain=mous.xyz\u0026caf=1\u0026toggle=answercheck\u0026answer=yes\u0026uid=MTc2NjM1MDkyNS45OTc0OjgzZjMwNDc4Y2Q2MDRmMWUwNGRlMWRhZjk2M2ZjNjk4YWM0M2YxMTQwZDA2NjIxYjg0M2IwNWYzODM1MmFlMWE6Njk0ODYwNGRmMzgzMw%3D%3D","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww38.mous.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 06:55:00 GMT","end":"Thu, 19 Mar 2026 06:54:59 GMT"},"fingerprint":{"sha1":"5F:EB:58:CE:27:E9:E4:8B:5D:DA:84:22:E8:55:EA:F5:E6:85:EC:AD","sha256":"CC:6B:EE:2E:32:1A:EC:6F:32:CD:9A:99:78:77:B9:13:0C:7A:74:04:4F:B0:21:E4:E6:84:D4:BE:73:56:A2:25"}}},"request":{"raw":"GET /munin/a/tr/answercheck/yes?domain=mous.xyz\u0026caf=1\u0026toggle=answercheck\u0026answer=yes\u0026uid=MTc2NjM1MDkyNS45OTc0OjgzZjMwNDc4Y2Q2MDRmMWUwNGRlMWRhZjk2M2ZjNjk4YWM0M2YxMTQwZDA2NjIxYjg0M2IwNWYzODM1MmFlMWE6Njk0ODYwNGRmMzgzMw%3D%3D HTTP/1.1\r\nHost: ww38.mous.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/amznanos30/\r\nCookie: _cq_duid=1.1766350926.0elmto5HF2KqJBlI; _cq_suid=1.1766350926.18LoEalReMUUGG0H\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile\r\naccept-ch-lifetime: 30\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":8443\"; ma=2592000\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nvia: 1.1 Caddy, 0.0 Caddy\r\nx-custom-track: answercheck\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ep1.adtrafficquality.google/getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=7/gR8W1BTZ6z7tdUFVg5mw==\u0026sde=1","fqdn":"ep1.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:52 GMT","end":"Wed, 25 Feb 2026 15:59:51 GMT"},"fingerprint":{"sha1":"E4:25:76:F6:C4:FB:46:FE:7A:37:E5:D8:E5:14:75:A2:B3:75:D2:9B","sha256":"34:44:B0:C8:96:F4:D4:42:DB:58:BD:4B:C9:72:0A:E2:31:20:B1:87:B3:2A:DD:E7:6B:62:AA:AB:58:B6:92:89"}}},"request":{"raw":"GET /getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=7/gR8W1BTZ6z7tdUFVg5mw==\u0026sde=1 HTTP/1.1\r\nHost: ep1.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ww38.mous.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=UTF-8\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nserver: cafe\r\ncontent-length: 8222\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10885,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"ea19f71183015035a87c07987f5f8284","sha1":"c3629a12342bbb5d5c65ceb9c6f1387f2ecc46ae","sha256":"bfa8d99729bfa1b043d5dbebe390beaf7a75d8ec8f0483288d373d1389ac7654","sha512":"721c8bbe22972d451c7ad7ff45c95cca178844b1afe53f1d55f12d63fc9304969d15edf1b3a7d96b1c5d578b9461268edb9bd08ec8d69b6cb2534c15bb0c0580","ssdeep":"192:ESYL36VXQ3Ch2yT2Pa862LB2toCpchFdc5YfSOvhNAoUtX1OfiQgvz:Er6VJ2yUnVdKJaylUcz","tlshash":"0e22cf3d8f7109ffa62f52c1a24d615444579db744388da469b3fdab7c42d48d0f8e80","first_seen":"2025-12-21T21:02:30.537164Z","last_seen":"2025-12-21T21:02:30.537164Z","times_seen":1,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":49,"dns":3,"connect":8,"send":0,"wait":26,"receive":1,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet09_3ph\u0026output=uds_ads_only\u0026zx=b0qxyamql45o\u0026cd_fexp=72717108\u0026aqid=TmBIacfZIMGkjuwP88Oh2AI\u0026psid=5837883959\u0026pbt=bs\u0026adbx=375\u0026adby=185\u0026adbh=507\u0026adbw=530\u0026adbah=160%2C160%2C160\u0026adbn=master-1\u0026eawp=partner-dp-teaminternet09_3ph\u0026errv=842209568\u0026csala=2%7C0%7C265%7C38%7C60\u0026lle=0\u0026ifv=1\u0026hpt=1","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.206","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:08.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:55 GMT","end":"Wed, 25 Feb 2026 15:59:54 GMT"},"fingerprint":{"sha1":"E1:2F:78:B9:70:56:82:55:8F:41:90:B0:9A:C0:C3:0F:E6:89:5E:9A","sha256":"65:E4:E5:2E:71:67:66:D0:0B:50:31:80:5A:C3:63:4C:C6:F8:8D:BF:5C:0C:3A:82:A6:17:4B:BB:C8:ED:DA:8D"}}},"request":{"raw":"GET /afs/gen_204?client=dp-teaminternet09_3ph\u0026output=uds_ads_only\u0026zx=b0qxyamql45o\u0026cd_fexp=72717108\u0026aqid=TmBIacfZIMGkjuwP88Oh2AI\u0026psid=5837883959\u0026pbt=bs\u0026adbx=375\u0026adby=185\u0026adbh=507\u0026adbw=530\u0026adbah=160%2C160%2C160\u0026adbn=master-1\u0026eawp=partner-dp-teaminternet09_3ph\u0026errv=842209568\u0026csala=2%7C0%7C265%7C38%7C60\u0026lle=0\u0026ifv=1\u0026hpt=1 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-P1utT2Nil9JEnLbLON4kyw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Sun, 21 Dec 2025 21:02:08 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.youstarsbuilding.com/mon","fqdn":"obseu.youstarsbuilding.com","domain":"youstarsbuilding.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:11.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.youstarsbuilding.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Wed, 03 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1D:E0:7A:77:9E:39:3D:B5:85:C1:3D:30:3E:E7:35:C5:FE:D1:7E:38","sha256":"3D:73:19:D6:DC:8A:75:98:72:2D:32:C1:65:DF:5C:3A:0D:71:99:BA:F5:6D:C8:11:D9:E4:02:85:DC:8D:75:25"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.youstarsbuilding.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1752\r\nOrigin: https://ww38.mous.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nCookie: cg_uuid=498b02f33ed1d1f4b81a4e5ea0b51e6b\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1752,"data":"e=37dfbd8ee84e00126ce8c430ea4e889b9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674d8b8bdb072e6918fd2d2305d33a8966950c315427c657550e35565ac7eb6d1d77be26bb25cb43e29232f54c69a8132c7b19c452e944ec8bc59a7ee46a56a82b9eec47679c796e092818c5871d61eb72bffeb1ba131be20ecca7478c31db6bda508e1547f77303fd1f564c2acf423ee499b6f564eb63ed1fcc64a61d2a2ca6d537783b7a58856499eb40b25163a7dbae234e7e3cd6943232c9d51d0c2056770208f5dd78347554f1f34f7fd8afa47bc5e45f714e2baca1f1c29c24bb8e8848f744c20d2c68ceef9bb6fe288299a03785391c89bd8d6c5b1ce87e28ef931c7ab387be37914eb60cadd54588119a9120873b35898b3bca31c5c0e2f293fda14c7bb570e8a9f0285134bcd37f82e750b957387ec54148d7c2db988fbc9233887286d0f5987fea7b6b2483686bccd4d10067d1e233f341c4955cb070a176000416ca3bb00ed7cbec30fa893bcb1aec83d9c9648b5e0423bd521747754c7dd1a76eb8058c8c8b64ebde60feb122d185e5e85689f0bf1f293ec6a95a44fab9025d0ee2c7e474ae2887f840fda272a076cb309553d414cba93cc7182ff8af92663c3f7c022a0b5f11b6e29071d300bf59534021ffa852dc9e1c10e3bfdebba071c5ece0e09bfeaff026532eaf02dfe24b6491427b1ad0655b7269f672ad7007c2be9d3ece3fd25dfda9578cc27fc5021d3d3241394ac8d2eec93d65549d1e4396d6d9b2b2cc4d0496cce208c793112ea5b7774b1ef9e9cb4a33f362dc0b8d10f13e8513dcce15fbbf32eb998eccc54605ec9e7c228407d2c4e3d05c9b08260a17d6281542bbc83293fe568ec089c254d195d3624a663be16efa41f30aece33cc16b1c7f53307f63f30edbc3215fb86fc0a7f529cb8f10dd6679ae0d6e6cc2bd931850ef71f58e10c615715d08ae312c9ebd882b98062c90850fb3809eacd500c857482317fa6b370ddfc34e4eb03de7fec12a8fcffe570b29b0602114169e5442ec9cee1b11947e6391d3de07dbdee48a057ef7\u0026cri=SgddTnQs0o\u0026sf=0\u0026dc=\u0026cp=5\u0026gtm=-\u0026gac=-\u0026uvid=f2c4d9e5c726b28400aef3e05ae101ee7cb38470\u0026tb=1\u0026ich=0\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=5003\u0026mo=0\u0026pn=5750\u0026spn=746\u0026fp=361\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://ww38.mous.xyz\r\ncontent-type: application/json\r\ndate: Sun, 21 Dec 2025 21:02:11 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/chronos?dune=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.GA2EsNS7wES4Q8ZOCO1Aremf8YEFXPO1qJYgW8JirItCIJ_7AEHjiw._kPmCpYqrZQfFXC-A_px3Q.1HLqupuq1K1CqTSvrEpqyxSI-SqPlzspqiRwBck8totAmgktaUL4aiicCvyVMOao_-A4fIsJJnNaD2A1MpdYEp_aAyVQ0SdrDNRgqv26jnYxBo-hVlug-vvS3vKvtikqIF-FzUhvk1-Fy24HHM2UhVZGTVEzKyIpgW5xi-S7OG2lSxawARcNgjGC1kkBpY6u.mqNvVu-lK5MeRbmbIqlgVA\u0026t=6948604e\u0026token=f2c4d9e5c726b28400aef3e05ae101ee7cb38470","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww38.mous.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 06:55:00 GMT","end":"Thu, 19 Mar 2026 06:54:59 GMT"},"fingerprint":{"sha1":"5F:EB:58:CE:27:E9:E4:8B:5D:DA:84:22:E8:55:EA:F5:E6:85:EC:AD","sha256":"CC:6B:EE:2E:32:1A:EC:6F:32:CD:9A:99:78:77:B9:13:0C:7A:74:04:4F:B0:21:E4:E6:84:D4:BE:73:56:A2:25"}}},"request":{"raw":"GET /chronos?dune=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.GA2EsNS7wES4Q8ZOCO1Aremf8YEFXPO1qJYgW8JirItCIJ_7AEHjiw._kPmCpYqrZQfFXC-A_px3Q.1HLqupuq1K1CqTSvrEpqyxSI-SqPlzspqiRwBck8totAmgktaUL4aiicCvyVMOao_-A4fIsJJnNaD2A1MpdYEp_aAyVQ0SdrDNRgqv26jnYxBo-hVlug-vvS3vKvtikqIF-FzUhvk1-Fy24HHM2UhVZGTVEzKyIpgW5xi-S7OG2lSxawARcNgjGC1kkBpY6u.mqNvVu-lK5MeRbmbIqlgVA\u0026t=6948604e\u0026token=f2c4d9e5c726b28400aef3e05ae101ee7cb38470 HTTP/1.1\r\nHost: ww38.mous.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ww38.mous.xyz/amznanos30/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\nalt-svc: h3=\":8443\"; ma=2592000\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nserver: Caddy\r\nvia: 1.1 Caddy\r\nx-log-success: 6948604e0027dfad65b8faac\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":233,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww38.mous.xyz/favicon.ico","fqdn":"ww38.mous.xyz","domain":"mous.xyz","tld":"xyz"},"ip":{"addr":"185.53.179.200","port":443,"asn":61969,"as":"Team Internet AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww38.mous.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 06:55:00 GMT","end":"Thu, 19 Mar 2026 06:54:59 GMT"},"fingerprint":{"sha1":"5F:EB:58:CE:27:E9:E4:8B:5D:DA:84:22:E8:55:EA:F5:E6:85:EC:AD","sha256":"CC:6B:EE:2E:32:1A:EC:6F:32:CD:9A:99:78:77:B9:13:0C:7A:74:04:4F:B0:21:E4:E6:84:D4:BE:73:56:A2:25"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ww38.mous.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/amznanos30/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nalt-svc: h3=\":8443\"; ma=2592000\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\netag: \"dce8vhp7bqsy0\"\r\nlast-modified: Thu, 28 Aug 2025 17:42:07 GMT\r\nserver: Caddy\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ww38.mous.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png","fqdn":"d38psrni17bvxu.cloudfront.net","domain":"d38psrni17bvxu.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"18.239.102.108","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1\r\nHost: d38psrni17bvxu.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 11375\r\nserver: nginx\r\naccept-ranges: bytes\r\nlast-modified: Thu, 28 Aug 2025 17:42:07 GMT\r\ndate: Sun, 21 Dec 2025 17:44:56 GMT\r\netag: \"dce8vhowlwqm8rz\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 eda2686dad6c190a4b0f18db47e39f0a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: AMS1-P3\r\nx-amz-cf-id: 940PISBiA7VbQXWutnpXQTMa6j6B8ZCrFrCGplpzY9EqWd9mpDY4iA==\r\nage: 11830\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":11375,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 600, 8-bit colormap, non-interlaced","md5":"0cb2e5165dc9324eb462199f04e1ffa9","sha1":"9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8","sha256":"67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865","sha512":"7a285c4a87b9f9093b7ba720d8fe08e0ad7e2ebde9ef8c8d11b70afa08245af8f8a7281c7b3fbe8bad21c3afde4f32634d3bd416822892aa47ba82c12f4b8191","ssdeep":"192:Wg3JLNIdFb540f7mqTiLHrBjcCTN1MbaJD/RBse6ogkORdLv2Ha/:vD4N54IsHVjdN1tD7lODL/","tlshash":"94329f86e207c9addc119cb16bd8e9384c673cc3c66925b748987669e4bb80475f049f","first_seen":"2023-04-05T14:20:44Z","last_seen":"2026-04-02T01:33:43.563834Z","times_seen":205145,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":44,"dns":2,"connect":20,"send":0,"wait":23,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?sjk=7%2FgR8W1BTZ6z7tdUFVg5mw%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011%2Cbucket077\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww38.mous.xyz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.d1rdkcCeoY4meTYqwYzO_3p8nNKSkKYHlmNJNc9KJU-jdpJmONBjrg.SD6kDIKQtOdOtdfUiOWOXA.UaFAOM9herv75MDv6-5_g4LlvJYvJ1PKSBX2oW8xVn-0mHUoB7WaB0sbZO0N7cJ1b8SkgVYl80CTTC6ZDlsAQXWZ-GfRFAqvrJ-L3VcFZyWcPYlisuBh59Zooq3KMZfRQmVckYryGNYpTK4JNDvI0-PAm44-Wn0gnq45bKYZm60v2ei1j_P7a88wyaWOrt6lsY8fTwQfapRF9oT20B_dRSOjW2q5PkNNUxleU4lqwgrrc9hVaPrHsqVdPoBsJbB2QksDjqKcBUb3TKjJ08dpWLSRxKbXhHR2kZWSZE6wnMNIzpffVcIsemWXGFPQ3dOo1HcwoKFplXEGaW9RL1JX-qZ5xlHR6BtnCH24s8J12rseyZ4tIHIog8AZievjA_kWI0fL3bieXHKZ0xAjRBpZEd4He4GBtBvHgz7zonZweis2TklC_LuxGDF-S_3oognKEi-fCedHdYhNBSLwETd5xiVn_VVTEicSQCCcnj8zGkP1I-y95Kz8TrkNusMBSD_SwvV-DQHJTVhnzDafU759t8nBxDnfZ_t48jQMSaaNQG4cnmkjDL1pwHCfJ9wDLfc8krgSCrAo2lynY0Xiqoxf1DnGSYdw1xFSDKULL2GkPsomHNmlwDp5KME4bxad_zO-.9Q2i8MbLZ3lvm8R_lvRWpQ\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=5031766350926416\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.mous.xyz\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1766350926417\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=https%3A%2F%2Fww38.mous.xyz%2Famznanos30%2F","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.206","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:06.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:55 GMT","end":"Wed, 25 Feb 2026 15:59:54 GMT"},"fingerprint":{"sha1":"E1:2F:78:B9:70:56:82:55:8F:41:90:B0:9A:C0:C3:0F:E6:89:5E:9A","sha256":"65:E4:E5:2E:71:67:66:D0:0B:50:31:80:5A:C3:63:4C:C6:F8:8D:BF:5C:0C:3A:82:A6:17:4B:BB:C8:ED:DA:8D"}}},"request":{"raw":"GET /afs/ads?sjk=7%2FgR8W1BTZ6z7tdUFVg5mw%3D%3D\u0026adtest=off\u0026psid=5837883959\u0026pcsa=false\u0026channel=000001%2Cbucket011%2Cbucket077\u0026client=dp-teaminternet09_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww38.mous.xyz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.d1rdkcCeoY4meTYqwYzO_3p8nNKSkKYHlmNJNc9KJU-jdpJmONBjrg.SD6kDIKQtOdOtdfUiOWOXA.UaFAOM9herv75MDv6-5_g4LlvJYvJ1PKSBX2oW8xVn-0mHUoB7WaB0sbZO0N7cJ1b8SkgVYl80CTTC6ZDlsAQXWZ-GfRFAqvrJ-L3VcFZyWcPYlisuBh59Zooq3KMZfRQmVckYryGNYpTK4JNDvI0-PAm44-Wn0gnq45bKYZm60v2ei1j_P7a88wyaWOrt6lsY8fTwQfapRF9oT20B_dRSOjW2q5PkNNUxleU4lqwgrrc9hVaPrHsqVdPoBsJbB2QksDjqKcBUb3TKjJ08dpWLSRxKbXhHR2kZWSZE6wnMNIzpffVcIsemWXGFPQ3dOo1HcwoKFplXEGaW9RL1JX-qZ5xlHR6BtnCH24s8J12rseyZ4tIHIog8AZievjA_kWI0fL3bieXHKZ0xAjRBpZEd4He4GBtBvHgz7zonZweis2TklC_LuxGDF-S_3oognKEi-fCedHdYhNBSLwETd5xiVn_VVTEicSQCCcnj8zGkP1I-y95Kz8TrkNusMBSD_SwvV-DQHJTVhnzDafU759t8nBxDnfZ_t48jQMSaaNQG4cnmkjDL1pwHCfJ9wDLfc8krgSCrAo2lynY0Xiqoxf1DnGSYdw1xFSDKULL2GkPsomHNmlwDp5KME4bxad_zO-.9Q2i8MbLZ3lvm8R_lvRWpQ\u0026type=3\u0026swp=as-drid-2986208149972408\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=5031766350926416\u0026num=0\u0026output=afd_ads\u0026domain_name=ww38.mous.xyz\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1766350926417\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=813\u0026frm=0\u0026uio=--\u0026cont=tc\u0026drt=0\u0026jsid=caf\u0026jsv=842209568\u0026rurl=https%3A%2F%2Fww38.mous.xyz%2Famznanos30%2F HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-disposition: inline\r\ndate: Sun, 21 Dec 2025 21:02:06 GMT\r\nexpires: Sun, 21 Dec 2025 21:02:06 GMT\r\ncache-control: private, max-age=3600\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce--W3aDLfHfkwxwj9IYJzQaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 3727\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":16451,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (15664)","md5":"0bc878fbc639ab875e5e2f5bbc5fe412","sha1":"7871509ddb89634b9050fa0ab45e9cc77c3f409f","sha256":"006e1e3718908033972d30858efd56242c0249bbc134b7b8535bdab3c9d242fc","sha512":"a169a3e25f80a3fee7f7641f06963efb05a8c6bf5ba53dc6889582ad289f3b8784f35be9191beffdf7c1090d5401f20000a2e16d54646fa60df8c1c63d5e5bac","ssdeep":"192:GE12iMpgb4LghA+4Wr6ea8/8Xea8/Sea8/LI6FWvoko:Gni02AJjjpjXjO7FWwko","tlshash":"9272823761a6672915039c541b6a6f6dd181c43ac86b35e508f35b31c7ebf828bf228e","first_seen":"2025-12-21T21:02:30.539033Z","last_seen":"2025-12-21T21:02:30.539033Z","times_seen":1,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":48,"dns":2,"connect":8,"send":0,"wait":173,"receive":1,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet09_3ph\u0026output=uds_ads_only\u0026zx=70n8o94mdk5p\u0026cd_fexp=72717108\u0026aqid=TmBIacfZIMGkjuwP88Oh2AI\u0026psid=5837883959\u0026pbt=bv\u0026adbx=375\u0026adby=185\u0026adbh=507\u0026adbw=530\u0026adbah=160%2C160%2C160\u0026adbn=master-1\u0026eawp=partner-dp-teaminternet09_3ph\u0026errv=842209568\u0026csala=2%7C0%7C265%7C38%7C60\u0026lle=0\u0026ifv=1\u0026hpt=1","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.206","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww38.mous.xyz/amznanos30/","date":"2025-12-21T21:02:08.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:55 GMT","end":"Wed, 25 Feb 2026 15:59:54 GMT"},"fingerprint":{"sha1":"E1:2F:78:B9:70:56:82:55:8F:41:90:B0:9A:C0:C3:0F:E6:89:5E:9A","sha256":"65:E4:E5:2E:71:67:66:D0:0B:50:31:80:5A:C3:63:4C:C6:F8:8D:BF:5C:0C:3A:82:A6:17:4B:BB:C8:ED:DA:8D"}}},"request":{"raw":"GET /afs/gen_204?client=dp-teaminternet09_3ph\u0026output=uds_ads_only\u0026zx=70n8o94mdk5p\u0026cd_fexp=72717108\u0026aqid=TmBIacfZIMGkjuwP88Oh2AI\u0026psid=5837883959\u0026pbt=bv\u0026adbx=375\u0026adby=185\u0026adbh=507\u0026adbw=530\u0026adbah=160%2C160%2C160\u0026adbn=master-1\u0026eawp=partner-dp-teaminternet09_3ph\u0026errv=842209568\u0026csala=2%7C0%7C265%7C38%7C60\u0026lle=0\u0026ifv=1\u0026hpt=1 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww38.mous.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-LlVfXP_ybAK7XgRxEtblrQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Sun, 21 Dec 2025 21:02:08 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}