Report - case-234157414135001.com/

Report Overview

Submitted URL
case-234157414135001.com/
IP
103.224.212.221
ASN
#133618 Trellian Pty. Limited
Submitted
2023-06-01 23:57:44
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10	2023-05-29	3.8 kB	115 kB	142.250.74.132
c.parkingcrew.net	70582	2011-01-24	2017-01-29	2023-06-01	346 B	1.0 kB	185.53.178.30
d38psrni17bvxu.cloudfront.net	unknown	2008-04-25	2022-09-22	2023-06-02	411 B	12 kB	54.230.245.22
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-01	1.7 kB	3.5 kB	142.250.74.131
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2023-06-01	969 B	2.1 kB	142.250.74.97
case-234157414135001.com	unknown	2023-05-26	2023-04-11	2023-05-28	481 B	296 B	103.224.212.221
ww38.case-234157414135001.com	unknown	2023-05-26	2023-05-28	2023-05-29	2.3 kB	8.7 kB	13.248.148.254

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	www.google.com/adsense/domains/caf.js?abp=1	148 kB	2023-06-02	2023-06-07
Pretty URL www.google.com/adsense/domains/caf.js?abp=1 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 01:57:49 Last Seen2023-06-07 09:42:37 Times Seen29 Hash 4a9c4808fbdd6fb10c9e4d0a0a8e97a8 87275bf726b8d073096ecb36fe38f06b854d0093 3d0ca4398986dd4e2147406e595995ce8409947d61ce9530a068b406b90fcdc4 Loading...

	c.parkingcrew.net/scripts/sale_form.js	761 B	2023-03-07	2024-04-18
Pretty URL c.parkingcrew.net/scripts/sale_form.js IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:27 Last Seen2024-04-18 15:57:39 Times Seen10830 Hash 64f809e06446647e192fce8d1ec34e09 5b7ced07da42e205067afa88615317a277a4a82c f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3 Loading...

	ww38.case-234157414135001.com/	968 B	2023-03-08	2024-04-18
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:24:08 Last Seen2024-04-18 15:57:39 Times Seen27676 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-06-01	2023-06-06
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 07:30:36 Last Seen2023-06-06 09:41:05 Times Seen15 Hash f642ac80e5930f4802da2180e8394ad2 3241680f1b643a3172715a88847899bbfb4efcbd 4f6dc5354e800f0c3857f469e3611a22db9490b29ed546e05b86231c9377c65f Loading...

	ww38.case-234157414135001.com/	748 B	2023-06-02	2023-06-02
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 01:57:49 Last Seen2023-06-02 01:57:49 Times Seen1 Hash 93702b46c95cc783f39470e8ed731aa3 69713ca197d51c2b7522d7efe0032a53edc992e0 96474ec2ffad2f46b922c26394a012910c6886680d8c9ac340c2c0f94c746d67 Loading...

	ww38.case-234157414135001.com/	246 B	2023-06-02	2023-06-02
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 01:57:49 Last Seen2023-06-02 01:57:49 Times Seen1 Hash 994adbed07e24c5c6489ad86f2e684ec 1f8c2a934db2a88697102a4a6b65e7f1eb13d816 be2f49db03e68f3f562952946521e8fa4be7f920552006a469feff08e7564715 Loading...

	ww38.case-234157414135001.com/	7.0 kB	2023-03-13	2024-01-03
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:10:31 Last Seen2024-01-03 14:22:39 Times Seen25920 Hash 04b2b624f94797c26d17a57f399d9356 3143986e839c47a5c1eff03bd9df63ecc54dca9c 233b1cbfb295a0629bcf68a2a4198a62132f02ee1f061ada2ce7143bd5d2dabb Loading...

	ww38.case-234157414135001.com/	1.3 kB	2023-06-02	2023-06-02
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 01:57:49 Last Seen2023-06-02 01:57:49 Times Seen1 Hash 2185e33e94d000400336d32a949d55a8 c12c2753be17f1223db00ebdab416d102c5da70e d3957e7a65cf4c50999b35fbfe6ecb3a0b8bef2adb9660995f970501346b6e81 Loading...

	ww38.case-234157414135001.com/	20 B	2023-03-12	2024-01-03
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 13:00:05 Last Seen2024-01-03 14:22:39 Times Seen13851 Hash bb9472ed191ad69435d630c50e139a17 4efa10c70dbfe37ec4c8bb5a04b907c549de7e3d eec645c8d410f4d6accc5c4c3326bbff80fdd9d105e423ad50c5c87b22845492 Loading...

	ww38.case-234157414135001.com/	65 B	2023-03-12	2023-12-29
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 13:47:57 Last Seen2023-12-29 06:29:43 Times Seen1543 Hash 827e0a6712d06cf6eb698a260a6fdf7a 0180e00c11b6d8fded4f2bee61edf6c72a701b41 3cfc7cb796be38ff6344ae0dc172de1941f5353b82807d7e49fae81ec2bd106d Loading...

	ww38.case-234157414135001.com/	472 B	2023-03-13	2024-01-03
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:13:46 Last Seen2024-01-03 14:22:39 Times Seen25251 Hash d31eefc1e54bdae9204297e4ae5b9cce fc49bf319586a623670a81c01d43bbd93b477fbb 2683a6247a15433dd269eaefbc7131b1326c7bc0146361913ea10ad8fa23bb14 Loading...

	ww38.case-234157414135001.com/	669 B	2023-06-02	2023-06-02
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 01:57:49 Last Seen2023-06-02 01:57:49 Times Seen1 Hash be60331fcd46f6b059e3bb6f90047e9d ebff6428343395246fd12433321c6787a2f2e9c3 964b8bd37f1e84fd36a864063083885b8e68a50a23cd1198e4f322eb1425e046 Loading...

	ww38.case-234157414135001.com/	40 B	2023-04-18	2023-06-27
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 09:10:37 Last Seen2023-06-27 14:44:07 Times Seen10821 Hash bcdb5f35f5da29644017c63a72a72921 5bd1c81154b546c01c88b02fdb29b687f0c9cef3 a71d2bc0274b66fc2cb2c8daf1bf8b8a6a4cbfd5bd1e30574e9abb61aa9c3983 Loading...

	www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.case-234157414135001.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDc5MzA2N2IxNjlifHx8MTY4NTY2Mzg0Ny43MzIzfGI1NWE5ZTFkM2E1MDQwYzk3OTRiMjlkNTIwMmM3MmM3ZWEyZTljMmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU4YjIzNDk1MDcwMGNjYmU4MzVlMjEwOTRhOGYzZjJlZjgzNDkzYWF8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2986208149972408&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157%2C17301160%2C17301182%2C17301185&format=r3%7Cs&nocache=6261685663847771&num=0&output=afd_ads&domain_name=ww38.case-234157414135001.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685663847773&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww38.case-234157414135001.com%2F&adbw=master-1%3A530	7.2 kB	2023-06-02	2023-06-02
Pretty URL www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.case-234157414135001.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDc5MzA2N2IxNjlifHx8MTY4NTY2Mzg0Ny43MzIzfGI1NWE5ZTFkM2E1MDQwYzk3OTRiMjlkNTIwMmM3MmM3ZWEyZTljMmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU4YjIzNDk1MDcwMGNjYmU4MzVlMjEwOTRhOGYzZjJlZjgzNDkzYWF8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2986208149972408&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157%2C17301160%2C17301182%2C17301185&format=r3%7Cs&nocache=6261685663847771&num=0&output=afd_ads&domain_name=ww38.case-234157414135001.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685663847773&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww38.case-234157414135001.com%2F&adbw=master-1%3A530 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 01:57:49 Last Seen2023-06-02 01:57:49 Times Seen1 Hash 6a3a889e1fb39503033a83bc7dfe90f1 1855e5272e8c6db504e100b705addd46712591c9 7befe3970ef2b58e96691251f51663e385004fa3bb61b984543b24e154967cfe Loading...

	ww38.case-234157414135001.com/	71 B	2023-03-08	2024-01-04
Pretty URL ww38.case-234157414135001.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:23:53 Last Seen2024-01-04 08:38:22 Times Seen25410 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

HTTP Transactions (20)

	URL	IP	Response	Size
	case-234157414135001.com/	103.224.212.221	302 Found	0 B
URL User Request GET HTTP/1.1 case-234157414135001.com/ IP 103.224.212.221:443 ASN #133618 Trellian Pty. Limited Certificate IssuerLet's Encrypt Subjectdigitalcincozero.com Fingerprint24:AE:FF:B5:1F:3B:60:CD:7A:D0:16:C8:3E:D2:2E:7F:3F:D1:94:0D ValiditySat, 27 May 2023 00:55:13 GMT - Fri, 25 Aug 2023 00:55:12 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: case-234157414135001.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found date: Thu, 01 Jun 2023 23:57:27 GMT server: Apache set-cookie: __tad=1685663847.2100070; expires=Sun, 29-May-2033 23:57:27 GMT; Max-Age=315360000 location: http://ww38.case-234157414135001.com/ content-length: 0 content-type: text/html; charset=UTF-8 connection: close`

	ww38.case-234157414135001.com/	13.248.148.254	200 OK	6.0 kB
URL User Request GET HTTP/1.1 ww38.case-234157414135001.com/ IP 13.248.148.254:80 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1354) Size 6.0 kB (5971 bytes) Hash 07d35b8d4e3b37f3f5c390262ad169a5 e8ce04886668fb271f2f3eac787606d49b0b2b89 7d5d19eae3995e07aa7c992f0f3a42cc84b14e27b52c55c6fe61f66d4eeb1231 HTTP Headers `GET / HTTP/1.1 Host: ww38.case-234157414135001.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Thu, 01 Jun 2023 23:57:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Buckets: bucket003 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ICThWFYy1cwjq7lzb90TlO9gNE1MxiBM5HDJGBf+WoFuDXWXDFXwsHmW8cGxKGoMPn6TJzjw76yV0kiRqFDeyA== X-Template: tpl_CleanPeppermintBlack_twoclick X-Language: norwegian Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Domain: case-234157414135001.com X-Subdomain: ww38 Content-Encoding: gzip

	www.google.com/adsense/domains/caf.js?abp=1	142.250.74.132	200 OK	54 kB
URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js?abp=1 IP 142.250.74.132:80 ASN #15169 GOOGLE Requested by http://ww38.case-234157414135001.com/ File type ASCII text, with very long lines (2125) Size 54 kB (53994 bytes) Hash 4a9c4808fbdd6fb10c9e4d0a0a8e97a8 87275bf726b8d073096ecb36fe38f06b854d0093 3d0ca4398986dd4e2147406e595995ce8409947d61ce9530a068b406b90fcdc4 HTTP Headers `GET /adsense/domains/caf.js?abp=1 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.case-234157414135001.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding Content-Type: text/javascript; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui" Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} Date: Thu, 01 Jun 2023 23:57:28 GMT Expires: Thu, 01 Jun 2023 23:57:28 GMT Cache-Control: private, max-age=3600 ETag: "15412781986178383995" X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Server: sffe X-XSS-Protection: 0

	c.parkingcrew.net/scripts/sale_form.js	185.53.178.30	200 OK	761 B
URL GET HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js IP 185.53.178.30:80 ASN #19905 NEUSTAR-AS6 Requested by http://ww38.case-234157414135001.com/ File type ASCII text Size 761 B (761 bytes) Hash 64f809e06446647e192fce8d1ec34e09 5b7ced07da42e205067afa88615317a277a4a82c f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3 HTTP Headers `GET /scripts/sale_form.js HTTP/1.1 Host: c.parkingcrew.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.case-234157414135001.com/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Thu, 01 Jun 2023 23:57:28 GMT Content-Type: application/javascript Content-Length: 761 Connection: keep-alive Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-2f9" Accept-Ranges: bytes`

	ww38.case-234157414135001.com/track.php?domain=case-234157414135001.com&toggle=browserjs&uid=MTY4NTY2Mzg0Ny43MjY3OmMwNmIxNDI3NDA4NjNiNzMwYTA3MjkzN2Q5OTViY2M3NTU5NGY4MzdkMzBkNDUwNDU0MjgwNjg4NDhiOTAyYjU6NjQ3OTMwNjdiMTZiMg%3D%3D	13.248.148.254	200 OK	20 B
URL GET HTTP/1.1 ww38.case-234157414135001.com/track.php?domain=case-234157414135001.com&toggle=browserjs&uid=MTY4NTY2Mzg0Ny43MjY3OmMwNmIxNDI3NDA4NjNiNzMwYTA3MjkzN2Q5OTViY2M3NTU5NGY4MzdkMzBkNDUwNDU0MjgwNjg4NDhiOTAyYjU6NjQ3OTMwNjdiMTZiMg%3D%3D IP 13.248.148.254:80 ASN #16509 AMAZON-02 Requested by http://ww38.case-234157414135001.com/ File type gzip compressed data, max speed, from Unix\012- data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /track.php?domain=case-234157414135001.com&toggle=browserjs&uid=MTY4NTY2Mzg0Ny43MjY3OmMwNmIxNDI3NDA4NjNiNzMwYTA3MjkzN2Q5OTViY2M3NTU5NGY4MzdkMzBkNDUwNDU0MjgwNjg4NDhiOTAyYjU6NjQ3OTMwNjdiMTZiMg%3D%3D HTTP/1.1 Host: ww38.case-234157414135001.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.case-234157414135001.com/ Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Thu, 01 Jun 2023 23:57:28 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: browserjs Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	ww38.case-234157414135001.com/ls.php?t=64793067&token=58b234950700ccbe835e21094a8f3f2ef83493aa	13.248.148.254	201 Created	16 B
URL GET HTTP/1.1 ww38.case-234157414135001.com/ls.php?t=64793067&token=58b234950700ccbe835e21094a8f3f2ef83493aa IP 13.248.148.254:80 ASN #16509 AMAZON-02 Requested by http://ww38.case-234157414135001.com/ File type JSON data\012- , ASCII text, with no line terminators Size 16 B (16 bytes) Hash 7363e85fe9edee6f053a4b319588c086 a15e2127145548437173fc17f3e980e3f3dee2d0 c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 HTTP Headers `GET /ls.php?t=64793067&token=58b234950700ccbe835e21094a8f3f2ef83493aa HTTP/1.1 Host: ww38.case-234157414135001.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.case-234157414135001.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 201 Created Date: Thu, 01 Jun 2023 23:57:28 GMT Content-Type: text/javascript;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Log-Success: 64793068339ff731fc2c8b1d Charset: utf-8 Access-Control-Allow-Origin: Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Max-Age: 86400 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Xi+3jRwFxj7OejAAovnmA1KCZYMCMnnp16KO8DoumfVlJ0LET6/BJl29dr7ZdoiTJoR1+wHkwqVxuAJZH9cI4g==

	d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png	54.230.245.22	200 OK	11 kB
URL GET HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png IP 54.230.245.22:80 ASN #16509 AMAZON-02 Requested by http://ww38.case-234157414135001.com/ File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data Size 11 kB (11375 bytes) Hash 0cb2e5165dc9324eb462199f04e1ffa9 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865 HTTP Headers `GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.case-234157414135001.com/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: image/png Content-Length: 11375 Connection: keep-alive Server: nginx Date: Thu, 01 Jun 2023 01:25:02 GMT Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT Accept-Ranges: bytes ETag: "62b4441b-2c6f" X-Cache: Hit from cloudfront Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: LK9R5BhZsq_8rsSBnDMir-6hNPPPJDsH9iiZtX0CCnLhsj14p9VJTg== Age: 81146`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash e652bad2b09a182c5ecc3fbbe94a3216 c04ac4c3f7ff96d5e7d9830c49568eef3410f923 7cf7221b2d9a88eb9f7e15943c0bf9b9a65c7138763ebf472a56ee96ea6b9d50 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 23:57:28 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ww38.case-234157414135001.com/favicon.ico	13.248.148.254	200 OK	0 B
URL GET HTTP/1.1 ww38.case-234157414135001.com/favicon.ico IP 13.248.148.254:80 ASN #16509 AMAZON-02 Requested by http://ww38.case-234157414135001.com/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: ww38.case-234157414135001.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.case-234157414135001.com/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 01 Jun 2023 23:57:28 GMT Content-Type: image/x-icon Content-Length: 0 Connection: keep-alive Server: nginx Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-0" Accept-Ranges: bytes`

	www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.case-234157414135001.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDc5MzA2N2IxNjlifHx8MTY4NTY2Mzg0Ny43MzIzfGI1NWE5ZTFkM2E1MDQwYzk3OTRiMjlkNTIwMmM3MmM3ZWEyZTljMmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU4YjIzNDk1MDcwMGNjYmU4MzVlMjEwOTRhOGYzZjJlZjgzNDkzYWF8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2986208149972408&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157%2C17301160%2C17301182%2C17301185&format=r3%7Cs&nocache=6261685663847771&num=0&output=afd_ads&domain_name=ww38.case-234157414135001.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685663847773&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww38.case-234157414135001.com%2F&adbw=master-1%3A530	142.250.74.132	200 OK	2.5 kB
URL GET HTTP/2 www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.case-234157414135001.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDc5MzA2N2IxNjlifHx8MTY4NTY2Mzg0Ny43MzIzfGI1NWE5ZTFkM2E1MDQwYzk3OTRiMjlkNTIwMmM3MmM3ZWEyZTljMmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU4YjIzNDk1MDcwMGNjYmU4MzVlMjEwOTRhOGYzZjJlZjgzNDkzYWF8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2986208149972408&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157%2C17301160%2C17301182%2C17301185&format=r3%7Cs&nocache=6261685663847771&num=0&output=afd_ads&domain_name=ww38.case-234157414135001.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685663847773&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww38.case-234157414135001.com%2F&adbw=master-1%3A530 IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by http://ww38.case-234157414135001.com/ Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com Fingerprint48:E3:15:66:FC:EA:15:BF:D2:34:C1:DD:60:D4:23:A3:63:57:89:8D ValidityMon, 08 May 2023 08:25:18 GMT - Mon, 31 Jul 2023 08:25:17 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6381) Size 2.5 kB (2541 bytes) Hash a45072e4bca17733d4965274b52e0345 0a9e8b51b5312f02910d372f1cf423a19a7732ca 9db5b87a3e3d3f97270f94ca90979c4d7601d991e396e069f04abab7d095905d HTTP Headers GET /afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.case-234157414135001.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDc5MzA2N2IxNjlifHx8MTY4NTY2Mzg0Ny43MzIzfGI1NWE5ZTFkM2E1MDQwYzk3OTRiMjlkNTIwMmM3MmM3ZWEyZTljMmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU4YjIzNDk1MDcwMGNjYmU4MzVlMjEwOTRhOGYzZjJlZjgzNDkzYWF8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2986208149972408&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157%2C17301160%2C17301182%2C17301185&format=r3%7Cs&nocache=6261685663847771&num=0&output=afd_ads&domain_name=ww38.case-234157414135001.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685663847773&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww38.case-234157414135001.com%2F&adbw=master-1%3A530 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww38.case-234157414135001.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Thu, 01 Jun 2023 23:57:28 GMT expires: Thu, 01 Jun 2023 23:57:28 GMT cache-control: private, max-age=3600 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-uiz-THP9HT2nIY9fZ81bBA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-encoding: br server: gws content-length: 2541 x-xss-protection: 0 set-cookie: CONSENT=PENDING+570; expires=Sat, 31-May-2025 23:57:28 GMT; path=/; domain=.google.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7e9d63d81a25205bd12ab8b258a264e6 2dfa41d339fd897120f53297f4e0f9fa20c117c1 768ca6e8ca2f678019baeaca289964229311ea185556db48650c297dbe996136 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 23:57:28 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ww38.case-234157414135001.com/track.php?domain=case-234157414135001.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4NTY2Mzg0Ny43MjY3OmMwNmIxNDI3NDA4NjNiNzMwYTA3MjkzN2Q5OTViY2M3NTU5NGY4MzdkMzBkNDUwNDU0MjgwNjg4NDhiOTAyYjU6NjQ3OTMwNjdiMTZiMg%3D%3D	13.248.148.254	200 OK	20 B
URL GET HTTP/1.1 ww38.case-234157414135001.com/track.php?domain=case-234157414135001.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4NTY2Mzg0Ny43MjY3OmMwNmIxNDI3NDA4NjNiNzMwYTA3MjkzN2Q5OTViY2M3NTU5NGY4MzdkMzBkNDUwNDU0MjgwNjg4NDhiOTAyYjU6NjQ3OTMwNjdiMTZiMg%3D%3D IP 13.248.148.254:80 ASN #16509 AMAZON-02 Requested by http://ww38.case-234157414135001.com/ File type gzip compressed data, max speed, from Unix\012- data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /track.php?domain=case-234157414135001.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4NTY2Mzg0Ny43MjY3OmMwNmIxNDI3NDA4NjNiNzMwYTA3MjkzN2Q5OTViY2M3NTU5NGY4MzdkMzBkNDUwNDU0MjgwNjg4NDhiOTAyYjU6NjQ3OTMwNjdiMTZiMg%3D%3D HTTP/1.1 Host: ww38.case-234157414135001.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww38.case-234157414135001.com/ Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Thu, 01 Jun 2023 23:57:28 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: answercheck Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 24c2bc15b7a14120c1199b855d8ae62d 64070a45a26dec0c827733f6d68aa206b27efdaf 975691fc99c004f83b502cf418687ba6d699825fb658115642066639aaf66de7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 23:57:28 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff	142.250.74.97	200 OK	270 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.case-234157414135001.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDc5MzA2N2IxNjlifHx8MTY4NTY2Mzg0Ny43MzIzfGI1NWE5ZTFkM2E1MDQwYzk3OTRiMjlkNTIwMmM3MmM3ZWEyZTljMmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU4YjIzNDk1MDcwMGNjYmU4MzVlMjEwOTRhOGYzZjJlZjgzNDkzYWF8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2986208149972408&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157%2C17301160%2C17301182%2C17301185&format=r3%7Cs&nocache=6261685663847771&num=0&output=afd_ads&domain_name=ww38.case-234157414135001.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685663847773&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww38.case-234157414135001.com%2F&adbw=master-1%3A530 Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com FingerprintE9:43:A2:2D:EB:A2:E1:09:B0:36:19:CF:E3:9C:F0:37:52:4F:DB:7A ValidityMon, 08 May 2023 08:24:36 GMT - Mon, 31 Jul 2023 08:24:35 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size 270 B (270 bytes) Hash 8959ddcd9712196961d93f58064ed655 62ab1e38e7e9fbf58a04381b76c2d96a9c829f24 17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 270 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Thu, 01 Jun 2023 03:48:34 GMT expires: Fri, 02 Jun 2023 02:48:34 GMT cache-control: public, max-age=82800 age: 72534 last-modified: Thu, 19 Dec 2019 14:15:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 24c2bc15b7a14120c1199b855d8ae62d 64070a45a26dec0c827733f6d68aa206b27efdaf 975691fc99c004f83b502cf418687ba6d699825fb658115642066639aaf66de7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 23:57:28 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/adsense/domains/caf.js	142.250.74.132	200 OK	54 kB
URL GET HTTP/3 www.google.com/adsense/domains/caf.js IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.case-234157414135001.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDc5MzA2N2IxNjlifHx8MTY4NTY2Mzg0Ny43MzIzfGI1NWE5ZTFkM2E1MDQwYzk3OTRiMjlkNTIwMmM3MmM3ZWEyZTljMmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU4YjIzNDk1MDcwMGNjYmU4MzVlMjEwOTRhOGYzZjJlZjgzNDkzYWF8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2986208149972408&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157%2C17301160%2C17301182%2C17301185&format=r3%7Cs&nocache=6261685663847771&num=0&output=afd_ads&domain_name=ww38.case-234157414135001.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685663847773&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww38.case-234157414135001.com%2F&adbw=master-1%3A530 Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type ASCII text, with very long lines (2125) Size 54 kB (54164 bytes) Hash 1e03f5525e68d63b88b3df80eec027ed 7587f5c807b01f74f073d8c5c958e6cfe8bd151f ea43205fd1e51f0802ef405193368f0cb71677219729f3e628eab76af96a050f HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Thu, 01 Jun 2023 23:57:28 GMT expires: Thu, 01 Jun 2023 23:57:28 GMT cache-control: private, max-age=3600 etag: "17131057998894966521" x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 24c2bc15b7a14120c1199b855d8ae62d 64070a45a26dec0c827733f6d68aa206b27efdaf 975691fc99c004f83b502cf418687ba6d699825fb658115642066639aaf66de7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 23:57:28 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=zh108wmiu0bj&aqid=aDB5ZJqbE9qWiM0Px_2BmA8&psid=8676772880&pbt=bs&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=536423577&csala=27%7C0%7C218%7C156%7C223&lle=0&ifv=1&usr=1	142.250.74.132	204 No Content	0 B
URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=zh108wmiu0bj&aqid=aDB5ZJqbE9qWiM0Px_2BmA8&psid=8676772880&pbt=bs&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=536423577&csala=27%7C0%7C218%7C156%7C223&lle=0&ifv=1&usr=1 IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by http://ww38.case-234157414135001.com/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=zh108wmiu0bj&aqid=aDB5ZJqbE9qWiM0Px_2BmA8&psid=8676772880&pbt=bs&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=536423577&csala=27%7C0%7C218%7C156%7C223&lle=0&ifv=1&usr=1 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww38.case-234157414135001.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-xtMENeLVwF0sbSw6ZiJ0wQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Thu, 01 Jun 2023 23:57:30 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: NID=511=XXf7lqx3XwciQPifimx0JnalrjkRPVsfCdixjWTguA-sG6vDr9rbcCH_uyg4GdSeLCcDebZja0llC1UnfMaUZ6BWn1MT1yaDKFJKG2NTlAdv_Ug7vceOewornXCUjTq_a9gQZtt-7xI5n96auKH3hZ_xn_eRyLO3ks6mX9Aurg8; expires=Fri, 01-Dec-2023 23:57:30 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+673; expires=Sat, 31-May-2025 23:57:30 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=ta8tlj6um3xd&aqid=aDB5ZJqbE9qWiM0Px_2BmA8&psid=8676772880&pbt=bv&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=536423577&csala=27%7C0%7C218%7C156%7C223&lle=0&ifv=1&usr=1	142.250.74.132	204 No Content	0 B
URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=ta8tlj6um3xd&aqid=aDB5ZJqbE9qWiM0Px_2BmA8&psid=8676772880&pbt=bv&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=536423577&csala=27%7C0%7C218%7C156%7C223&lle=0&ifv=1&usr=1 IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by http://ww38.case-234157414135001.com/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=ta8tlj6um3xd&aqid=aDB5ZJqbE9qWiM0Px_2BmA8&psid=8676772880&pbt=bv&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=536423577&csala=27%7C0%7C218%7C156%7C223&lle=0&ifv=1&usr=1 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww38.case-234157414135001.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-xDzSmMjw9n2A4Ms75TVIFw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Thu, 01 Jun 2023 23:57:30 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: NID=511=Lg6Pv0exVb4YdK3W9HlxgDwfxYuyIOoYoE0LpDZqdyLNEK1XnH-B47YCCMwDLAO823u4-ULtxmb9jIJlCjNuaE9kFiLq4O7MelPKwW1iPkbLrBOBh4CVspH-1NSAHcrpLfQHUaTgFW6YjVsRc15IMpMUUpEBMSCfQ9HveXhRvv4; expires=Fri, 01-Dec-2023 23:57:30 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+575; expires=Sat, 31-May-2025 23:57:30 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff	142.250.74.97	200 OK	200 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.case-234157414135001.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDc5MzA2N2IxNjlifHx8MTY4NTY2Mzg0Ny43MzIzfGI1NWE5ZTFkM2E1MDQwYzk3OTRiMjlkNTIwMmM3MmM3ZWEyZTljMmR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDU4YjIzNDk1MDcwMGNjYmU4MzVlMjEwOTRhOGYzZjJlZjgzNDkzYWF8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2986208149972408&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157%2C17301160%2C17301182%2C17301185&format=r3%7Cs&nocache=6261685663847771&num=0&output=afd_ads&domain_name=ww38.case-234157414135001.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685663847773&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww38.case-234157414135001.com%2F&adbw=master-1%3A530 Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com FingerprintE9:43:A2:2D:EB:A2:E1:09:B0:36:19:CF:E3:9C:F0:37:52:4F:DB:7A ValidityMon, 08 May 2023 08:24:36 GMT - Mon, 31 Jul 2023 08:24:35 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 200 B (200 bytes) Hash 592bbd56abac313ab322bc38f7027496 ecc40e55421cbfc9cc24e256c999a497b84d997f fe3a1073d51df0f353dfa771acde9ea020e215a74edf7b24775e50282b6d6eda HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Thu, 01 Jun 2023 13:43:07 GMT expires: Fri, 02 Jun 2023 12:43:07 GMT cache-control: public, max-age=82800 age: 36861 last-modified: Thu, 22 Oct 2020 21:45:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML