Report - domclickext.xyz

Report Overview

Submitted URL
domclickext.xyz
IP
185.53.177.54
ASN
#61969 Team Internet AG
Submitted
2023-06-01 14:44:58
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
domclickext.xyz	751915	2022-01-10	2018-12-13	2023-05-27	2.6 kB	8.3 kB	185.53.177.54
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-31	1.7 kB	3.5 kB	142.250.74.131
d38psrni17bvxu.cloudfront.net	unknown	2008-04-25	2022-09-22	2023-05-31	478 B	12 kB	54.230.245.130
www.google.com	7	1997-09-15	2015-05-10	2023-05-29	3.8 kB	209 kB	216.58.211.4
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2023-05-31	969 B	2.2 kB	142.250.74.129

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	domclickext.xyz/	968 B	2023-03-08	2024-04-26
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:24:08 Last Seen2024-04-26 07:02:14 Times Seen27732 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	domclickext.xyz/	679 B	2023-06-01	2023-06-01
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 16:44:58 Last Seen2023-06-01 16:44:58 Times Seen1 Hash f4a4440e48bc421cc8c8289b443278b6 e8eaf56c691a0bf26d05cebc1cb942c0c3e30e65 14c3318e6cfd355090c3cbaa91f8a9fcf8ef6fc280c67de97391bfb24371209b Loading...

	domclickext.xyz/	246 B	2023-06-01	2023-06-01
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 16:44:59 Last Seen2023-06-01 16:44:59 Times Seen1 Hash e4e55eb94d6e19c2a6a0493db9ed2263 faef222e16aa88ccbb855522708ffbc40a803ba4 f04d32ede6b8e6e78f0dcdc736e075cea70cb5207b95f3d89be3d85789f71fa1 Loading...

	domclickext.xyz/	7.0 kB	2023-03-13	2024-01-03
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:10:31 Last Seen2024-01-03 14:22:39 Times Seen25920 Hash 04b2b624f94797c26d17a57f399d9356 3143986e839c47a5c1eff03bd9df63ecc54dca9c 233b1cbfb295a0629bcf68a2a4198a62132f02ee1f061ada2ce7143bd5d2dabb Loading...

	domclickext.xyz/	1.2 kB	2023-06-01	2023-06-01
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 16:44:59 Last Seen2023-06-01 16:44:59 Times Seen1 Hash 96f6ccaa2344eee41ef41229076f08ac ce471e72d45de5a33a72e28f3bca1c8b2421c20a 1d6033eb7e06dde729a294e0013acc8cc851f292b11c69cb094e95b67c49e32a Loading...

	www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket103%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fdomclickext.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDMsYnVja2V0MDc3fHx8fHx8NjQ3OGFlZDg2ZmIwNnx8fDE2ODU2MzA2ODAuNDYyM3xiZjVjYTQ1NzhmYWIwN2NjMWJhMTU4MjUyMWEzNmM5YmJhZTQ0ZmI4fHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxleUpvYkNJNkltVnVJbjA9fHwxfFcxMD18ZmFmYWY1YWMyZTcwY2Y0NDMxYTBlZjI1NDc2OGFkODFlYjMzMmQzNXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2337252774316403&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301182%2C17301185&format=r3%7Cs&nocache=4641685630680912&num=0&output=afd_ads&domain_name=domclickext.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685630680913&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=534159633&uio=--&cont=tc&jsid=caf&jsv=534159633&rurl=https%3A%2F%2Fdomclickext.xyz%2F&adbw=master-1%3A530	7.1 kB	2023-06-01	2023-06-01
Pretty URL www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket103%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fdomclickext.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDMsYnVja2V0MDc3fHx8fHx8NjQ3OGFlZDg2ZmIwNnx8fDE2ODU2MzA2ODAuNDYyM3xiZjVjYTQ1NzhmYWIwN2NjMWJhMTU4MjUyMWEzNmM5YmJhZTQ0ZmI4fHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxleUpvYkNJNkltVnVJbjA9fHwxfFcxMD18ZmFmYWY1YWMyZTcwY2Y0NDMxYTBlZjI1NDc2OGFkODFlYjMzMmQzNXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2337252774316403&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301182%2C17301185&format=r3%7Cs&nocache=4641685630680912&num=0&output=afd_ads&domain_name=domclickext.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685630680913&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=534159633&uio=--&cont=tc&jsid=caf&jsv=534159633&rurl=https%3A%2F%2Fdomclickext.xyz%2F&adbw=master-1%3A530 IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 16:44:59 Last Seen2023-06-01 16:44:59 Times Seen1 Hash 03aa675073854e4bb15b107847e0b1a0 43f9e045382af0c87b252319ee29651a5a0c37ac 4f83a7a07b007c7b2abd090027107d97643021701726e82604c7edc660cd93fe Loading...

	www.google.com/adsense/domains/caf.js?abp=1	148 kB	2023-05-25	2023-06-01
Pretty URL www.google.com/adsense/domains/caf.js?abp=1 IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 23:29:18 Last Seen2023-06-01 18:38:20 Times Seen440 Hash 61873e64d042d0896e387dad7f17a4c3 d439cde5ce8324da10c502c239b3808bf949e285 8943ed90326cbfb6ff8b3c76260dd0f814f7091c2d6323384da675db9cf2aed8 Loading...

	domclickext.xyz/	29 B	2023-03-12	2024-01-03
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 12:56:36 Last Seen2024-01-03 12:53:29 Times Seen10974 Hash 5405126a58d646a09ad6d154c5d3a335 9e64f2a4ee55fef112fbd9654e76e8eabb751e28 76229fdaf8e9553878811c30cf5305bd2dab82248d0054d3fb2e760b35f32154 Loading...

	domclickext.xyz/	65 B	2023-03-12	2023-12-04
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 18:04:11 Last Seen2023-12-04 07:34:25 Times Seen15 Hash 78616392631ea944213a1e44b9f4c893 6c770dd4f09b16de902f5496731dbafab91edf14 ef004bdad235a321273101456ad738901076637b89c8076a7263fb2ee7675325 Loading...

	domclickext.xyz/	472 B	2023-03-13	2024-01-03
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:13:46 Last Seen2024-01-03 14:22:39 Times Seen25251 Hash d31eefc1e54bdae9204297e4ae5b9cce fc49bf319586a623670a81c01d43bbd93b477fbb 2683a6247a15433dd269eaefbc7131b1326c7bc0146361913ea10ad8fa23bb14 Loading...

	domclickext.xyz/	669 B	2023-06-01	2023-06-01
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 16:44:59 Last Seen2023-06-01 16:44:59 Times Seen1 Hash a29a5923b9429367f1545ac835168546 f7da9bf03d73c0dcd3ab1007448b756ccd8e9e3d 1b7c47dede69d3c2c0538925e8571a337e687c04252906ac3dd6ebfb876ccad9 Loading...

	domclickext.xyz/	40 B	2023-04-18	2023-06-27
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 09:10:37 Last Seen2023-06-27 14:44:07 Times Seen10821 Hash bcdb5f35f5da29644017c63a72a72921 5bd1c81154b546c01c88b02fdb29b687f0c9cef3 a71d2bc0274b66fc2cb2c8daf1bf8b8a6a4cbfd5bd1e30574e9abb61aa9c3983 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-05-26	2023-06-01
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 00:09:39 Last Seen2023-06-01 16:44:59 Times Seen29 Hash 54a06b07f16d28e8940b783e63e98e17 e7e1497809fdb2a583aab7112823b91882e67192 47eeb4c1e17c2d1a916c6a2e5f186aab38e14d5ec1467fd9dba9885b61a38962 Loading...

	domclickext.xyz/	71 B	2023-03-08	2024-01-04
Pretty URL domclickext.xyz/ IP 185.53.177.54 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:23:53 Last Seen2024-01-04 08:38:22 Times Seen25410 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

HTTP Transactions (18)

	URL	IP	Response	Size
	domclickext.xyz/	185.53.177.54	200 OK	5.8 kB
URL User Request GET HTTP/1.1 domclickext.xyz/ IP 185.53.177.54:443 ASN #61969 Team Internet AG Certificate IssuerLet's Encrypt Subjectdomclickext.xyz FingerprintA8:7F:27:3D:F8:FF:90:CE:58:B2:DE:BB:80:B9:2B:5B:BD:CB:5F:81 ValiditySat, 13 May 2023 22:56:34 GMT - Fri, 11 Aug 2023 22:56:33 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1226) Size 5.8 kB (5774 bytes) Hash ceeb63daa4faf65b687c6ee09c8753e8 05460f9ae4b3c94da4430396ac0214120cdb8478 373dd326c78b7842c4bda230f5fbfd913be1dd0b1dea20d60b4d168a38fab0e0 HTTP Headers `GET / HTTP/1.1 Host: domclickext.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-Ch-Lifetime: 30 Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Date: Thu, 01 Jun 2023 14:44:40 GMT Server: nginx Vary: Accept-Encoding X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Qo9m911a0Nc3IFAX8my9PWDAfq7Hm7gElfZGx/+qi9+LYSprOYggy+fYpiJ8L8AXt4NWcvK5PtpjjyJQqSVYUA== X-Buckets: bucket103,bucket077 X-Domain: domclickext.xyz X-Language: norwegian X-Subdomain: X-Template: tpl_CleanPeppermintBlack_twoclick Transfer-Encoding: chunked

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 2e49fbb441f0fbebc6ce31ee4abd5600 f586dcfb316f20902e5b479d482f91138efafa28 8fda5c8ae8be7dd24164ca2cf2ea3f0b7271c4735a653e972f69dea503bc24ba HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 14:44:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash aaa62c1792576f29afd83c721c769ae2 a91969d4ec40a18844781b9364d60e9ae0cb1b52 3ef969ba686248b09252da03a2effad7d8e09e7192ae1daa6e3b8d0240405c43 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 14:44:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	domclickext.xyz/track.php?domain=domclickext.xyz&toggle=browserjs&uid=MTY4NTYzMDY4MC40NTc1OmI5NjViMjUyMDNmOTI4OGIzOTIwYzE3MTE5YzczNGE2ZjBmMDE5YjNhYjkyMDRmZjViMDIxZmRmZDhjNjFmNDk6NjQ3OGFlZDg2ZmIyMw%3D%3D	185.53.177.54	200 OK	20 B
URL GET HTTP/1.1 domclickext.xyz/track.php?domain=domclickext.xyz&toggle=browserjs&uid=MTY4NTYzMDY4MC40NTc1OmI5NjViMjUyMDNmOTI4OGIzOTIwYzE3MTE5YzczNGE2ZjBmMDE5YjNhYjkyMDRmZjViMDIxZmRmZDhjNjFmNDk6NjQ3OGFlZDg2ZmIyMw%3D%3D IP 185.53.177.54:443 ASN #61969 Team Internet AG Requested by https://domclickext.xyz/ Certificate IssuerLet's Encrypt Subjectdomclickext.xyz FingerprintA8:7F:27:3D:F8:FF:90:CE:58:B2:DE:BB:80:B9:2B:5B:BD:CB:5F:81 ValiditySat, 13 May 2023 22:56:34 GMT - Fri, 11 Aug 2023 22:56:33 GMT File type gzip compressed data, max speed, from Unix\012- data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /track.php?domain=domclickext.xyz&toggle=browserjs&uid=MTY4NTYzMDY4MC40NTc1OmI5NjViMjUyMDNmOTI4OGIzOTIwYzE3MTE5YzczNGE2ZjBmMDE5YjNhYjkyMDRmZjViMDIxZmRmZDhjNjFmNDk6NjQ3OGFlZDg2ZmIyMw%3D%3D HTTP/1.1 Host: domclickext.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://domclickext.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-Ch-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Date: Thu, 01 Jun 2023 14:44:41 GMT Server: nginx Vary: Accept-Encoding X-Custom-Track: browserjs Content-Length: 20`

	domclickext.xyz/ls.php?t=6478aed8&token=fafaf5ac2e70cf4431a0ef254768ad81eb332d35	185.53.177.54	201 Created	16 B
URL GET HTTP/1.1 domclickext.xyz/ls.php?t=6478aed8&token=fafaf5ac2e70cf4431a0ef254768ad81eb332d35 IP 185.53.177.54:443 ASN #61969 Team Internet AG Requested by https://domclickext.xyz/ Certificate IssuerLet's Encrypt Subjectdomclickext.xyz FingerprintA8:7F:27:3D:F8:FF:90:CE:58:B2:DE:BB:80:B9:2B:5B:BD:CB:5F:81 ValiditySat, 13 May 2023 22:56:34 GMT - Fri, 11 Aug 2023 22:56:33 GMT File type JSON data\012- , ASCII text, with no line terminators Size 16 B (16 bytes) Hash 7363e85fe9edee6f053a4b319588c086 a15e2127145548437173fc17f3e980e3f3dee2d0 c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 HTTP Headers `GET /ls.php?t=6478aed8&token=fafaf5ac2e70cf4431a0ef254768ad81eb332d35 HTTP/1.1 Host: domclickext.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://domclickext.xyz/ Cookie: GoogleAdServingTest=Good Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 201 Created Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-Ch-Lifetime: 30 Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Allow-Origin: Access-Control-Max-Age: 86400 Charset: utf-8 Content-Type: text/javascript;charset=UTF-8 Date: Thu, 01 Jun 2023 14:44:41 GMT Server: nginx X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_tNOopvtGbg3Oyn6H8SG08llJWGauVln0e/1olDQ+3j7WwKcoTqrknxch/RTghkBEcDW3IVxcJVyxfRP5BV9iRQ== X-Log-Success: 6478aed915670f2033453a82 Content-Length: 16

	d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png	54.230.245.130	200 OK	11 kB
URL GET HTTP/2 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png IP 54.230.245.130:443 ASN #16509 AMAZON-02 Requested by https://domclickext.xyz/ Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data Size 11 kB (11375 bytes) Hash 0cb2e5165dc9324eb462199f04e1ffa9 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865 HTTP Headers `GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://domclickext.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/png content-length: 11375 server: nginx date: Thu, 01 Jun 2023 01:25:02 GMT last-modified: Thu, 23 Jun 2022 10:44:43 GMT accept-ranges: bytes etag: "62b4441b-2c6f" x-cache: Hit from cloudfront via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: LomVer687MET8DLxd2mtRAwqGvi9h6jpUPHz3Xo-hkpMRAtpSkZsCg== age: 47979 X-Firefox-Spdy: h2`

	domclickext.xyz/favicon.ico	185.53.177.54	200 OK	0 B
URL GET HTTP/1.1 domclickext.xyz/favicon.ico IP 185.53.177.54:443 ASN #61969 Team Internet AG Requested by https://domclickext.xyz/ Certificate IssuerLet's Encrypt Subjectdomclickext.xyz FingerprintA8:7F:27:3D:F8:FF:90:CE:58:B2:DE:BB:80:B9:2B:5B:BD:CB:5F:81 ValiditySat, 13 May 2023 22:56:34 GMT - Fri, 11 Aug 2023 22:56:33 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: domclickext.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://domclickext.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Content-Length: 0 Content-Type: image/x-icon Date: Thu, 01 Jun 2023 14:44:41 GMT Etag: "5ebab1f0-0" Last-Modified: Tue, 12 May 2020 14:25:52 GMT Server: nginx`

	www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket103%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fdomclickext.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDMsYnVja2V0MDc3fHx8fHx8NjQ3OGFlZDg2ZmIwNnx8fDE2ODU2MzA2ODAuNDYyM3xiZjVjYTQ1NzhmYWIwN2NjMWJhMTU4MjUyMWEzNmM5YmJhZTQ0ZmI4fHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxleUpvYkNJNkltVnVJbjA9fHwxfFcxMD18ZmFmYWY1YWMyZTcwY2Y0NDMxYTBlZjI1NDc2OGFkODFlYjMzMmQzNXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2337252774316403&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301182%2C17301185&format=r3%7Cs&nocache=4641685630680912&num=0&output=afd_ads&domain_name=domclickext.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685630680913&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=534159633&uio=--&cont=tc&jsid=caf&jsv=534159633&rurl=https%3A%2F%2Fdomclickext.xyz%2F&adbw=master-1%3A530	216.58.211.4	200 OK	2.5 kB
URL GET HTTP/3 www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket103%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fdomclickext.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDMsYnVja2V0MDc3fHx8fHx8NjQ3OGFlZDg2ZmIwNnx8fDE2ODU2MzA2ODAuNDYyM3xiZjVjYTQ1NzhmYWIwN2NjMWJhMTU4MjUyMWEzNmM5YmJhZTQ0ZmI4fHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxleUpvYkNJNkltVnVJbjA9fHwxfFcxMD18ZmFmYWY1YWMyZTcwY2Y0NDMxYTBlZjI1NDc2OGFkODFlYjMzMmQzNXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2337252774316403&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301182%2C17301185&format=r3%7Cs&nocache=4641685630680912&num=0&output=afd_ads&domain_name=domclickext.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685630680913&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=534159633&uio=--&cont=tc&jsid=caf&jsv=534159633&rurl=https%3A%2F%2Fdomclickext.xyz%2F&adbw=master-1%3A530 IP 216.58.211.4:443 ASN #15169 GOOGLE Requested by https://domclickext.xyz/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6189) Size 2.5 kB (2469 bytes) Hash 9398f7170f8a23bf6bfdbe68c3a1cd80 5fbaf79faba32bd6e385590c9695ee8642171d21 204e7ac627b6c70f0fbf507e0e4377999c445b88e5d3febd1968c83ea41193c1 HTTP Headers GET /afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket103%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fdomclickext.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDMsYnVja2V0MDc3fHx8fHx8NjQ3OGFlZDg2ZmIwNnx8fDE2ODU2MzA2ODAuNDYyM3xiZjVjYTQ1NzhmYWIwN2NjMWJhMTU4MjUyMWEzNmM5YmJhZTQ0ZmI4fHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxleUpvYkNJNkltVnVJbjA9fHwxfFcxMD18ZmFmYWY1YWMyZTcwY2Y0NDMxYTBlZjI1NDc2OGFkODFlYjMzMmQzNXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2337252774316403&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301182%2C17301185&format=r3%7Cs&nocache=4641685630680912&num=0&output=afd_ads&domain_name=domclickext.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685630680913&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=534159633&uio=--&cont=tc&jsid=caf&jsv=534159633&rurl=https%3A%2F%2Fdomclickext.xyz%2F&adbw=master-1%3A530 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://domclickext.xyz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Thu, 01 Jun 2023 14:44:41 GMT expires: Thu, 01 Jun 2023 14:44:41 GMT cache-control: private, max-age=3600 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zOkOGF85MGPN4TX4DzYtbQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-encoding: br server: gws content-length: 2469 x-xss-protection: 0 set-cookie: NID=511=nSndGOiganpbFk3vIQijEqskh8nHbpSneFNq0omPnM6hFp8V95PO23qCnoYrVcpTNhW8gkosCJF8bNQ0z1RSV7qL74uLoqIS91JNVohsrDgbEbEDMdkmAMfzs8VRMfI7e4m2RYPD6QhQ-pDBcmiWk_ATTO3e7TWG852ubpFoaA8; expires=Fri, 01-Dec-2023 14:44:41 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+878; expires=Sat, 31-May-2025 14:44:41 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	domclickext.xyz/track.php?domain=domclickext.xyz&caf=1&toggle=answercheck&answer=yes&uid=MTY4NTYzMDY4MC40NTc1OmI5NjViMjUyMDNmOTI4OGIzOTIwYzE3MTE5YzczNGE2ZjBmMDE5YjNhYjkyMDRmZjViMDIxZmRmZDhjNjFmNDk6NjQ3OGFlZDg2ZmIyMw%3D%3D	185.53.177.54	200 OK	20 B
URL GET HTTP/1.1 domclickext.xyz/track.php?domain=domclickext.xyz&caf=1&toggle=answercheck&answer=yes&uid=MTY4NTYzMDY4MC40NTc1OmI5NjViMjUyMDNmOTI4OGIzOTIwYzE3MTE5YzczNGE2ZjBmMDE5YjNhYjkyMDRmZjViMDIxZmRmZDhjNjFmNDk6NjQ3OGFlZDg2ZmIyMw%3D%3D IP 185.53.177.54:443 ASN #61969 Team Internet AG Requested by https://domclickext.xyz/ Certificate IssuerLet's Encrypt Subjectdomclickext.xyz FingerprintA8:7F:27:3D:F8:FF:90:CE:58:B2:DE:BB:80:B9:2B:5B:BD:CB:5F:81 ValiditySat, 13 May 2023 22:56:34 GMT - Fri, 11 Aug 2023 22:56:33 GMT File type gzip compressed data, max speed, from Unix\012- data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /track.php?domain=domclickext.xyz&caf=1&toggle=answercheck&answer=yes&uid=MTY4NTYzMDY4MC40NTc1OmI5NjViMjUyMDNmOTI4OGIzOTIwYzE3MTE5YzczNGE2ZjBmMDE5YjNhYjkyMDRmZjViMDIxZmRmZDhjNjFmNDk6NjQ3OGFlZDg2ZmIyMw%3D%3D HTTP/1.1 Host: domclickext.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://domclickext.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-Ch-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 Date: Thu, 01 Jun 2023 14:44:41 GMT Server: nginx Vary: Accept-Encoding X-Custom-Track: answercheck Content-Length: 20`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4f25832062da8d4729b5be811b75be0a d6e10effb5d9ce1bf56524ff0bbb3d5891fb522d c526adeedcb442f61f4303bd5a219fb6ef6132d18dfdb4ae5f4f09400852156e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 14:44:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/adsense/domains/caf.js	216.58.211.4	200 OK	54 kB
URL GET HTTP/3 www.google.com/adsense/domains/caf.js IP 216.58.211.4:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket103%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fdomclickext.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDMsYnVja2V0MDc3fHx8fHx8NjQ3OGFlZDg2ZmIwNnx8fDE2ODU2MzA2ODAuNDYyM3xiZjVjYTQ1NzhmYWIwN2NjMWJhMTU4MjUyMWEzNmM5YmJhZTQ0ZmI4fHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxleUpvYkNJNkltVnVJbjA9fHwxfFcxMD18ZmFmYWY1YWMyZTcwY2Y0NDMxYTBlZjI1NDc2OGFkODFlYjMzMmQzNXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2337252774316403&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301182%2C17301185&format=r3%7Cs&nocache=4641685630680912&num=0&output=afd_ads&domain_name=domclickext.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685630680913&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=534159633&uio=--&cont=tc&jsid=caf&jsv=534159633&rurl=https%3A%2F%2Fdomclickext.xyz%2F&adbw=master-1%3A530 Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type ASCII text, with very long lines (2125) Size 54 kB (54059 bytes) Hash 16833e27eef0fbc685f16e2e8787903b c0ad4d63ce8cbde0ee406c6309db2ec9f57fe1a4 d80d877adedf8ceb4654ca2b0128a75e4e1ae1d3dbc6976a39cb404e21a67899 HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Thu, 01 Jun 2023 14:44:41 GMT expires: Thu, 01 Jun 2023 14:44:41 GMT cache-control: private, max-age=3600 etag: "9996313778866948979" x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4f25832062da8d4729b5be811b75be0a d6e10effb5d9ce1bf56524ff0bbb3d5891fb522d c526adeedcb442f61f4303bd5a219fb6ef6132d18dfdb4ae5f4f09400852156e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 14:44:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff	142.250.74.129	200 OK	174 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP 142.250.74.129:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket103%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fdomclickext.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDMsYnVja2V0MDc3fHx8fHx8NjQ3OGFlZDg2ZmIwNnx8fDE2ODU2MzA2ODAuNDYyM3xiZjVjYTQ1NzhmYWIwN2NjMWJhMTU4MjUyMWEzNmM5YmJhZTQ0ZmI4fHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxleUpvYkNJNkltVnVJbjA9fHwxfFcxMD18ZmFmYWY1YWMyZTcwY2Y0NDMxYTBlZjI1NDc2OGFkODFlYjMzMmQzNXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2337252774316403&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301182%2C17301185&format=r3%7Cs&nocache=4641685630680912&num=0&output=afd_ads&domain_name=domclickext.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685630680913&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=534159633&uio=--&cont=tc&jsid=caf&jsv=534159633&rurl=https%3A%2F%2Fdomclickext.xyz%2F&adbw=master-1%3A530 Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com FingerprintE9:43:A2:2D:EB:A2:E1:09:B0:36:19:CF:E3:9C:F0:37:52:4F:DB:7A ValidityMon, 08 May 2023 08:24:36 GMT - Mon, 31 Jul 2023 08:24:35 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 174 B (174 bytes) Hash 11b3089d616633ca6b73b57aa877eeb4 07632f63e06b30d9b63c97177d3a8122629bda9b 809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Thu, 01 Jun 2023 14:41:45 GMT expires: Fri, 02 Jun 2023 13:41:45 GMT cache-control: public, max-age=82800 last-modified: Thu, 22 Oct 2020 21:45:00 GMT content-type: image/svg+xml vary: Accept-Encoding age: 176 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4f25832062da8d4729b5be811b75be0a d6e10effb5d9ce1bf56524ff0bbb3d5891fb522d c526adeedcb442f61f4303bd5a219fb6ef6132d18dfdb4ae5f4f09400852156e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Jun 2023 14:44:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=m2u4mhfvd5d9&aqid=2a54ZMe_F8Sh7APV0rMI&psid=8676772880&pbt=bs&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=534159633&csala=23%7C0%7C328%7C96%7C253&lle=0&ifv=1&usr=1	216.58.211.4	204 No Content	0 B
URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=m2u4mhfvd5d9&aqid=2a54ZMe_F8Sh7APV0rMI&psid=8676772880&pbt=bs&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=534159633&csala=23%7C0%7C328%7C96%7C253&lle=0&ifv=1&usr=1 IP 216.58.211.4:443 ASN #15169 GOOGLE Requested by https://domclickext.xyz/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=m2u4mhfvd5d9&aqid=2a54ZMe_F8Sh7APV0rMI&psid=8676772880&pbt=bs&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=534159633&csala=23%7C0%7C328%7C96%7C253&lle=0&ifv=1&usr=1 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://domclickext.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-NycC-6isgkDLHxEN-94sXA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Thu, 01 Jun 2023 14:44:43 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: NID=511=PSuTgelxW5N0iOaEukS8iNf0S2dWL33j6imyhggO2YZhETaPPxRvZlAblaqWlB8S66yQ0Wvy9VWscBp27VexpsBr-qM9R0PYqWbDw8QK3963ORflFk45QETrWjCtLZLTvuzPz2LecvJJpHKb0zTulf8pJtiq_3b2KnHMIW6-JX0; expires=Fri, 01-Dec-2023 14:44:43 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+285; expires=Sat, 31-May-2025 14:44:43 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=329l3ob8oduw&aqid=2a54ZMe_F8Sh7APV0rMI&psid=8676772880&pbt=bv&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=534159633&csala=23%7C0%7C328%7C96%7C253&lle=0&ifv=1&usr=1	216.58.211.4	204 No Content	0 B
URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=329l3ob8oduw&aqid=2a54ZMe_F8Sh7APV0rMI&psid=8676772880&pbt=bv&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=534159633&csala=23%7C0%7C328%7C96%7C253&lle=0&ifv=1&usr=1 IP 216.58.211.4:443 ASN #15169 GOOGLE Requested by https://domclickext.xyz/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=329l3ob8oduw&aqid=2a54ZMe_F8Sh7APV0rMI&psid=8676772880&pbt=bv&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=534159633&csala=23%7C0%7C328%7C96%7C253&lle=0&ifv=1&usr=1 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://domclickext.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-j6wNmUV0CsEHFVRqCAVVNg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Thu, 01 Jun 2023 14:44:44 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: NID=511=bw8ZRANgiv3Yhedq-kgck_HNxOEz0HCbES28SkKCfpKsgE8HG0KE-YwqJpmEnlyp615yfDdCvhHZnoJ3j34yXMy558K58lxh6kR3hu88baZTscVoKzy2o5cqWnWcOUcCZ6dGK5NHBxFdn9SOmKXJskeUkI6jgTwwYlXGgO_Oifk; expires=Fri, 01-Dec-2023 14:44:44 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+176; expires=Sat, 31-May-2025 14:44:44 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff	142.250.74.129	200 OK	391 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff IP 142.250.74.129:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket103%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fdomclickext.xyz%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDMsYnVja2V0MDc3fHx8fHx8NjQ3OGFlZDg2ZmIwNnx8fDE2ODU2MzA2ODAuNDYyM3xiZjVjYTQ1NzhmYWIwN2NjMWJhMTU4MjUyMWEzNmM5YmJhZTQ0ZmI4fHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxleUpvYkNJNkltVnVJbjA9fHwxfFcxMD18ZmFmYWY1YWMyZTcwY2Y0NDMxYTBlZjI1NDc2OGFkODFlYjMzMmQzNXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2337252774316403&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301182%2C17301185&format=r3%7Cs&nocache=4641685630680912&num=0&output=afd_ads&domain_name=domclickext.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685630680913&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=534159633&uio=--&cont=tc&jsid=caf&jsv=534159633&rurl=https%3A%2F%2Fdomclickext.xyz%2F&adbw=master-1%3A530 Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com FingerprintE9:43:A2:2D:EB:A2:E1:09:B0:36:19:CF:E3:9C:F0:37:52:4F:DB:7A ValidityMon, 08 May 2023 08:24:36 GMT - Mon, 31 Jul 2023 08:24:35 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (406), with no line terminators Size 391 B (391 bytes) Hash 249bb4c6a37dfa60d6ecf838cada5020 4e56099d13b015804f79d1182f66982bc6e4662b a2cebc2af2fd29cbee1ed7860ef5b12088b85259918d8bf2f2aaa99b915fa3f4 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 270 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Thu, 01 Jun 2023 03:48:34 GMT expires: Fri, 02 Jun 2023 02:48:34 GMT cache-control: public, max-age=82800 age: 39367 last-modified: Thu, 19 Dec 2019 14:15:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/adsense/domains/caf.js?abp=1	216.58.211.4	200 OK	148 kB
URL GET HTTP/2 www.google.com/adsense/domains/caf.js?abp=1 IP 216.58.211.4:443 ASN #15169 GOOGLE Requested by https://domclickext.xyz/ Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com Fingerprint48:E3:15:66:FC:EA:15:BF:D2:34:C1:DD:60:D4:23:A3:63:57:89:8D ValidityMon, 08 May 2023 08:25:18 GMT - Mon, 31 Jul 2023 08:25:17 GMT File type ASCII text, with very long lines (2125) Size 148 kB (147913 bytes) Hash 61873e64d042d0896e387dad7f17a4c3 d439cde5ce8324da10c502c239b3808bf949e285 8943ed90326cbfb6ff8b3c76260dd0f814f7091c2d6323384da675db9cf2aed8 HTTP Headers `GET /adsense/domains/caf.js?abp=1 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://domclickext.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Thu, 01 Jun 2023 14:44:41 GMT expires: Thu, 01 Jun 2023 14:44:41 GMT cache-control: private, max-age=3600 etag: "10984868597685931470" x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML