| obseu.astarsbuilding.com/mon |  3.248.162.96 | 200 OK | 0 B |
URL POST obseu.astarsbuilding.com/mon IP3.248.162.96:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerZeroSSL Subject*.astarsbuilding.com FingerprintCD:97:8B:26:8F:44:36:BF:15:6E:E5:CB:05:4C:8D:F5:F1:0C:F2:54 ValidityThu, 27 Mar 2025 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obseu.astarsbuilding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2530
Origin: https://ww12.njkhsirb3t.com
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Cookie: cg_uuid=44d0eaf4140a8ce08859bc8378b2b608
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ww12.njkhsirb3t.com
content-type: application/json
date: Tue, 22 Apr 2025 22:04:00 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| ww12.njkhsirb3t.com/?usid=25&utid=10280164410 |  13.248.148.254 | 200 OK | 17 kB |
URL User Request GET ww12.njkhsirb3t.com/?usid=25&utid=10280164410 IP13.248.148.254:443
CertificateIssuerLet's Encrypt Subjectww12.njkhsirb3t.com Fingerprint83:7F:E9:93:FA:7C:A7:93:84:DD:D5:1A:A7:23:D1:64:EE:45:4A:11 ValidityFri, 18 Apr 2025 09:11:42 GMT - Thu, 17 Jul 2025 09:11:41 GMT
File typeHTML document, ASCII text, with very long lines (9126) Hashdfb4a3d97b88777a46c84b79dd8a8788 e491f132f737e970b570f722c06bd3b6f1f9dfed 560ac55858fe6776cbb497ab36808a7f456ad12e2ac28c3ab439bfab95477dec
GET /?usid=25&utid=10280164410 HTTP/1.1
Host: ww12.njkhsirb3t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
alt-svc: h3=":50944"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 22 Apr 2025 22:03:56 GMT
server: Caddy, nginx
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_lUTGtYoa/JJSMDgRurXHLs7YEw8jPHzC1xZc6Vm6fAjTgGILf/f7r4G00jzLdVCIIfBDkjDnPZLjiQVww6zL/Q==
x-buckets: bucket102,bucket077
x-domain: njkhsirb3t.com
x-language: norwegian
x-pcrew-blocked-reason: hosting network
x-pcrew-ip-organization: Blix Solutions
x-subdomain: ww12
x-template: tpl_CleanPeppermintBlack_twoclick
X-Firefox-Spdy: h2
|
|
| euob.astarsbuilding.com/sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js | 143.204.55.85 | 200 OK | 111 kB |
URL GET euob.astarsbuilding.com/sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js IP143.204.55.85:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerAmazon Subject*.astarsbuilding.com FingerprintDD:1E:42:74:B7:0D:4D:51:5C:C2:3A:AF:0C:79:1A:F5:AA:7C:06:D5 ValidityTue, 18 Jun 2024 00:00:00 GMT - Fri, 18 Jul 2025 23:59:59 GMT
Size111 kB (111247 bytes) Hashafe94535ce21bd3036be4ff3a1ecd46f 1e8dd3d52e3aa19b9da04c6d8bb33050f669bee3 85c3f71659009cce4b4e9564b7631faa7ff2552402e9c2b9365c79be53433f7d
GET /sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js HTTP/1.1
Host: euob.astarsbuilding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 40789
content-encoding: gzip
server: Caddy
date: Tue, 22 Apr 2025 12:14:24 GMT
cache-control: max-age=43200
expires: Wed, 23 Apr 2025 00:14:23 GMT
etag: "1b28f-Ho3T1S46oZudoExti7MwUPZpvuM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8QvXAL2dzeoPLXQhz3ZpYYK5f8rDcqsanpTqQ7_EL8jxVaKrhBNGSg==
age: 35373
X-Firefox-Spdy: h2
|
|
| parking3.parklogic.com/page/scribe.php?pcId=12&domain=njkhsirb3t.com&aId=111&pId=451&usid=25&utid=10280164410&query=null&domainJs=ww12.njkhsirb3t.com&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null | 172.232.7.47 | 200 OK | 0 B |
URL GET parking3.parklogic.com/page/scribe.php?pcId=12&domain=njkhsirb3t.com&aId=111&pId=451&usid=25&utid=10280164410&query=null&domainJs=ww12.njkhsirb3t.com&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null IP172.232.7.47:443 ASN#63949 Akamai Connected Cloud
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerLet's Encrypt Subjectenhance-lb01.parklogic.com FingerprintA9:52:EB:46:72:F6:AB:43:E9:BC:07:14:2E:C8:58:DD:ED:1B:9A:51 ValidityMon, 31 Mar 2025 01:04:57 GMT - Sun, 29 Jun 2025 01:04:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /page/scribe.php?pcId=12&domain=njkhsirb3t.com&aId=111&pId=451&usid=25&utid=10280164410&query=null&domainJs=ww12.njkhsirb3t.com&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww12.njkhsirb3t.com/
Origin: https://ww12.njkhsirb3t.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 22 Apr 2025 22:03:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ww12.njkhsirb3t.com/munin/a/tr/browserjs?domain=njkhsirb3t.com&toggle=browserjs&uid=MTc0NTM1OTQzNS45OTI1OjE2OGNhMGRjNTBkMTBmNWIzZDM4YTUyODc2MDc4OGI4MTJlYmIwNzUzZTlmN2MxODc5NDg2ZDg1M2IxZGNjMDY6NjgwODEyNGJmMjRjZA%3D%3D | 13.248.148.254 | 200 OK | 0 B |
URL GET ww12.njkhsirb3t.com/munin/a/tr/browserjs?domain=njkhsirb3t.com&toggle=browserjs&uid=MTc0NTM1OTQzNS45OTI1OjE2OGNhMGRjNTBkMTBmNWIzZDM4YTUyODc2MDc4OGI4MTJlYmIwNzUzZTlmN2MxODc5NDg2ZDg1M2IxZGNjMDY6NjgwODEyNGJmMjRjZA%3D%3D IP13.248.148.254:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerLet's Encrypt Subjectww12.njkhsirb3t.com Fingerprint83:7F:E9:93:FA:7C:A7:93:84:DD:D5:1A:A7:23:D1:64:EE:45:4A:11 ValidityFri, 18 Apr 2025 09:11:42 GMT - Thu, 17 Jul 2025 09:11:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /munin/a/tr/browserjs?domain=njkhsirb3t.com&toggle=browserjs&uid=MTc0NTM1OTQzNS45OTI1OjE2OGNhMGRjNTBkMTBmNWIzZDM4YTUyODc2MDc4OGI4MTJlYmIwNzUzZTlmN2MxODc5NDg2ZDg1M2IxZGNjMDY6NjgwODEyNGJmMjRjZA%3D%3D HTTP/1.1
Host: ww12.njkhsirb3t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/?usid=25&utid=10280164410
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-origin: *
alt-svc: h3=":50944"; ma=2592000
content-type: text/html; charset=UTF-8
date: Tue, 22 Apr 2025 22:03:57 GMT
server: Caddy, nginx
x-custom-track: browserjs
content-length: 0
X-Firefox-Spdy: h2
|
|
| ww12.njkhsirb3t.com/munin/a/ls?t=6808124c&token=b509acb1993ee1b589464ec0ad12ab32dfdbf667 | 13.248.148.254 | 201 Created | 0 B |
URL GET ww12.njkhsirb3t.com/munin/a/ls?t=6808124c&token=b509acb1993ee1b589464ec0ad12ab32dfdbf667 IP13.248.148.254:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerLet's Encrypt Subjectww12.njkhsirb3t.com Fingerprint83:7F:E9:93:FA:7C:A7:93:84:DD:D5:1A:A7:23:D1:64:EE:45:4A:11 ValidityFri, 18 Apr 2025 09:11:42 GMT - Thu, 17 Jul 2025 09:11:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /munin/a/ls?t=6808124c&token=b509acb1993ee1b589464ec0ad12ab32dfdbf667 HTTP/1.1
Host: ww12.njkhsirb3t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/?usid=25&utid=10280164410
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin:
access-control-max-age: 86400
alt-svc: h3=":50944"; ma=2592000
charset: utf-8
content-type: text/javascript;charset=UTF-8
date: Tue, 22 Apr 2025 22:03:57 GMT
server: Caddy, nginx
status: 201 Created
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_dChB0xPuTyeHcmeQlWMikuctMMz6iZVpo3TqkmU8ia+BhrnAwiIiREHjHbjvXnVUBpNrrY1ZjiiDnBWT9tuKWQ==
x-log-success: 6808124d198e2cf22306f759
content-length: 0
X-Firefox-Spdy: h2
|
|
| ww12.njkhsirb3t.com/munin/a/tr/answercheck/yes?domain=njkhsirb3t.com&caf=1&toggle=answercheck&answer=yes&uid=MTc0NTM1OTQzNS45OTI1OjE2OGNhMGRjNTBkMTBmNWIzZDM4YTUyODc2MDc4OGI4MTJlYmIwNzUzZTlmN2MxODc5NDg2ZDg1M2IxZGNjMDY6NjgwODEyNGJmMjRjZA%3D%3D | 13.248.148.254 | 200 OK | 0 B |
URL GET ww12.njkhsirb3t.com/munin/a/tr/answercheck/yes?domain=njkhsirb3t.com&caf=1&toggle=answercheck&answer=yes&uid=MTc0NTM1OTQzNS45OTI1OjE2OGNhMGRjNTBkMTBmNWIzZDM4YTUyODc2MDc4OGI4MTJlYmIwNzUzZTlmN2MxODc5NDg2ZDg1M2IxZGNjMDY6NjgwODEyNGJmMjRjZA%3D%3D IP13.248.148.254:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerLet's Encrypt Subjectww12.njkhsirb3t.com Fingerprint83:7F:E9:93:FA:7C:A7:93:84:DD:D5:1A:A7:23:D1:64:EE:45:4A:11 ValidityFri, 18 Apr 2025 09:11:42 GMT - Thu, 17 Jul 2025 09:11:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /munin/a/tr/answercheck/yes?domain=njkhsirb3t.com&caf=1&toggle=answercheck&answer=yes&uid=MTc0NTM1OTQzNS45OTI1OjE2OGNhMGRjNTBkMTBmNWIzZDM4YTUyODc2MDc4OGI4MTJlYmIwNzUzZTlmN2MxODc5NDg2ZDg1M2IxZGNjMDY6NjgwODEyNGJmMjRjZA%3D%3D HTTP/1.1
Host: ww12.njkhsirb3t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/?usid=25&utid=10280164410
Cookie: _cq_duid=1.1745359438.15b1pcBAELWTIOEc; _cq_suid=1.1745359438.3z7KqS7qy72jpxvU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-origin: *
alt-svc: h3=":50944"; ma=2592000
content-type: text/html; charset=UTF-8
date: Tue, 22 Apr 2025 22:03:59 GMT
server: Caddy, nginx
x-custom-track: answercheck
content-length: 0
X-Firefox-Spdy: h2
|
|
| afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff | 142.250.74.33 | 200 OK | 200 B |
URL GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP142.250.74.33:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket102%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.wneaPV7VBTW4jyFN_hShFNmZRjWdEM8opyM-l3kohZVHkY4vk4q_iw.b1mQZx0iWJk0MN_LlHkB9Q.7lsyCjHUcQwD5GE4TOuzuSPBr2-Q53QX6PvCoIPlW0ozwMOfjAOwcfge0EzGoAuqe_M_MMCKt9AnpCI8XT7jaAP6bl9HQ-QXpiw-fvCct3eb9dJDxm6Bg9Li11nFC7OUb3w9gPrgjpm-KqKDpad08jO4W9dx95DB2AfziwUNns6wo8TZUw11G4IptNnmYhtiO-Yy1Inn0Rf0opuqoFv0pZ2bvTWjgoCAuQuMrPNmhrQqMtM5P9EKdrRJsBPgQl98f9_VS1t0LdB80UqWq4c2gsmgBbAzQ5k2t29YJUZAT5yEmeZB1hINfteIvRo3B7wI4UjxRP4agIWaOY-_luMlZ0iWPA7oAC_nXkYvCJwAcAr9EgpFpadFZEWsXQfZq7BOR39o5yDS8q6gmRqj8YVgHR7JxXriONJ_kSZDoVA3kiO4HFHuxHH9vjnDi3sCvMKKh1OLSSmDlq0Uz5s9rclMei0VpjKaQZjdD_8scbbGZ9bwo2VRVzTrlEJjFv2iBHJKCwr_DW1vazlt_liPo6VeaMwGJhvqhhiNY-9l75YjTjntJrqi1ob4036yPfZ_dVfih07jO9kMpgMHJkDCPl9E3bR34IahIClzKHHV5sDhonT7fZptw42x1fDpKau2RzTI.PRd9oipKFQX-PnTDGXKMlQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2249930504083802&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=3861745359438155&num=0&output=afd_ads&domain_name=ww12.njkhsirb3t.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1745359438157&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=747525664&rurl=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fusid%3D25%26utid%3D10280164410 CertificateIssuerGoogle Trust Services Subject*.googleusercontent.com Fingerprint66:19:DE:95:18:3E:90:8D:7D:31:50:9A:E3:F7:2D:9D:D6:7D:A7:F8 ValidityMon, 31 Mar 2025 08:55:39 GMT - Mon, 23 Jun 2025 08:55:38 GMT
File typeSVG Scalable Vector Graphics image Hash11b3089d616633ca6b73b57aa877eeb4 07632f63e06b30d9b63c97177d3a8122629bda9b 809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Apr 2025 21:38:47 GMT
expires: Wed, 23 Apr 2025 20:38:47 GMT
cache-control: public, max-age=82800
age: 1512
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| obseu.astarsbuilding.com/mon | 3.248.162.96 | 200 OK | 0 B |
URL POST obseu.astarsbuilding.com/mon IP3.248.162.96:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerZeroSSL Subject*.astarsbuilding.com FingerprintCD:97:8B:26:8F:44:36:BF:15:6E:E5:CB:05:4C:8D:F5:F1:0C:F2:54 ValidityThu, 27 Mar 2025 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obseu.astarsbuilding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1752
Origin: https://ww12.njkhsirb3t.com
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Cookie: cg_uuid=44d0eaf4140a8ce08859bc8378b2b608
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ww12.njkhsirb3t.com
content-type: application/json
date: Tue, 22 Apr 2025 22:04:04 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| parking3.parklogic.com/page/enhance.js?pcId=12&domain=njkhsirb3t.com | 172.232.7.47 | 200 OK | 2.2 kB |
URL GET parking3.parklogic.com/page/enhance.js?pcId=12&domain=njkhsirb3t.com IP172.232.7.47:443 ASN#63949 Akamai Connected Cloud
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerLet's Encrypt Subjectenhance-lb01.parklogic.com FingerprintA9:52:EB:46:72:F6:AB:43:E9:BC:07:14:2E:C8:58:DD:ED:1B:9A:51 ValidityMon, 31 Mar 2025 01:04:57 GMT - Sun, 29 Jun 2025 01:04:56 GMT
File typeJavaScript source, ASCII text Hash1728c9b4feb08005d03bfc634723731b cf41c08acf6b50d2e0e700222ceb536c9439b5b6 03dc1f09908fd61c7cc6e3f240d145509fa84c31dd2eac107cc7425a36d273ed
GET /page/enhance.js?pcId=12&domain=njkhsirb3t.com HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 22 Apr 2025 22:03:56 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png | 3.167.7.97 | 200 OK | 11 kB |
URL GET d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png IP3.167.7.97:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerAmazon Subject*.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
File typePNG image data, 1500 x 600, 8-bit colormap, non-interlaced Hash0cb2e5165dc9324eb462199f04e1ffa9 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 11375
server: nginx
date: Tue, 22 Apr 2025 11:05:07 GMT
accept-ranges: bytes
last-modified: Thu, 21 Mar 2024 11:48:11 GMT
etag: "czzekhpxmtxd8rz"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193fe983778f7496cce206a132f2e55a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: -smc8WlLXQoewqzF8Qzb1sLGt8gXk5eaOpzYKqS-vrS9Ws9AfIQAdA==
age: 39530
X-Firefox-Spdy: h2
|
|
| ww12.njkhsirb3t.com/favicon.ico | 13.248.148.254 | 200 OK | 0 B |
URL GET ww12.njkhsirb3t.com/favicon.ico IP13.248.148.254:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerLet's Encrypt Subjectww12.njkhsirb3t.com Fingerprint83:7F:E9:93:FA:7C:A7:93:84:DD:D5:1A:A7:23:D1:64:EE:45:4A:11 ValidityFri, 18 Apr 2025 09:11:42 GMT - Thu, 17 Jul 2025 09:11:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww12.njkhsirb3t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/?usid=25&utid=10280164410
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
alt-svc: h3=":50944"; ma=2592000
content-type: image/x-icon
date: Tue, 22 Apr 2025 22:03:57 GMT
etag: "670f7248-0"
last-modified: Wed, 16 Oct 2024 07:59:04 GMT
server: Caddy, nginx
content-length: 0
X-Firefox-Spdy: h2
|
|
| obseu.astarsbuilding.com/ct?id=80705&url=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fusid%3D25%26utid%3D10280164410&sf=0&tpi=&ch=AdsDeli%20-%20domain%20-%20landingpage&uvid=b509acb1993ee1b589464ec0ad12ab32dfdbf667&tsf=0&tsfmi=&tsfu=&cb=1745359438785&hl=2&op=0&ag=2881387774&rand=239225010560910501582911225087257155121722916866601158951071920502786915518160390710502&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDkyNzRdLFsiYWJuY2giLDMxXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcIm1lc2FcIixcInJcIjpcImxsdm1waXBlXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjBcIixcImd2ZW5cIjpcIm1vemlsbGFcIixcImJlblwiOjI3NyxcIndnbFwiOjEsXCJncmVuXCI6XCJsbHZtcGlwZVwiLFwic2VmXCI6NDk0MTk1MDQzLFwic2VjXCI6XCJcIn0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTksIi0iXSxbLTgsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstNiwie1wid1wiOltcIjBcIixcIk5vdGlmeVBhaW50RXZlbnRcIixcInVzaWRcIixcInV0aWRcIixcInBhdGhcIixcImdldEdQVVZlbmRvclwiLFwidGNibG9ja1wiLFwic2VhcmNoYm94QmxvY2tcIixcImdldFhNTGh0dHBcIixcImFqYXhRdWVyeVwiLFwiYWpheEJhY2tmaWxsXCIsXCJsb2FkRmVlZFwiLFwieG1sSHR0cFwiLFwibHNcIixcImdldExvYWRGZWVkQXJndW1lbnRzXCIsXCJfX2N0Y2dfY3RfODA3MDVfZXhlY1wiLFwiZ29vZ2xlTkRUX1wiLFwiZ29vZ2xlQWx0TG9hZGVyXCIsXCJnb29nbGVcIixcIl9fc2FzQ29va2llXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstMjksIi0iXSxbLTQ0LCIwLDUsMCw1Il0sWy01OCwiLSJdLFstNzIsIkV4VT0iXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTIxLCItIl0sWy0zMSwiZmFsc2UiXSxbLTM4LCJpLC0xLC0xLDYzLDAsMTgsMCwyMCwyNTAsNjMsLTEsMCwsMTc0NCwyODE4LDI4MTkiXSxbLTU0LCJ7XCJoXCI6W1wiMzI5OTcyODQ1MlwiLFwiODIyODIzMTE5XCIsXCJfM1wiLFwiMjYzOTIyMjQ2OFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMFwiLFwiMjY0NjAzODgyXCJdLFwic1wiOjF9Il0sWy01NywiUzNsUlRVMUpTZ01XRmx4TVZsc1hXRXBOV0V0S1cweFFWVjFRVjE0WFdsWlVGa3BCU1JaUUZnc0xEVjhCREFvSkMxaFlDMXNQWEZvS0NWaFlXZ0JZQVF4ZFdBdGFXMThBRjFOS0F3Z0REd3NMQVFzVkRnZ0FGazBYWEVGSlZrdE5TaFlGZVZGTlRVbEtBeFlXWEV4V1d4ZFlTazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTa0ZKRmxBV0N3c05Yd0VNQ2drTFdGZ0xXdzljV2dvSldGaGFBRmdCREYxWUMxcGJYd0FYVTBvRENBTVBDdzBPQVJWS1hFMXRVRlJjVmt4TkdWRllWMTFWWEVzVERnZ0FGazBYWEVGSlZrdE5TaFlGZVZGTlRVbEtBeFlXWEV4V1d4ZFlTazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTa0ZKRmxBV0N3PT0iXSxbLTQsIi0iXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTQ4LCJbXCItXCIsXCItXCIsXCItXCJdIl0sWy02MywiLSJdLFstMTAsIi0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjQsbnVsbF0iXSxbLTIwLCItIl0sWy00OSwiLSJdLFstNTMsIjAwMSJdLFstMSwiTGludXggeDg2XzY0Il0sWy02NSwiLSJdLFstNzEsImEwMTAwMTAxMTAwMTAwMTAxMDAwMTAxMDAxMTAxMTAwMDAwMDEwIl0sWy0xMiwiXCIxXCIiXSxbLTEzLCItIl0sWy03LCItIl0sWy0yNiwiLSJdLFstMjcsIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTY2LCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWyJibmNoIiwxMjYzXSxbLTMyLCIwIl0sWy0zNywiLSJdLFstNTAsIi0iXSxbLTY0LCItIl0sWy02OSwiTGludXggeDg2XzY0fHx8NDh8LXwtIl0sWy0xNywiNDgiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsNSx0cnVlLGZhbHNlLG51bGwsMCxmYWxzZSxmYWxzZV0iXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMDEwMDAwMDEwMDAwMDAwMDAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy0yLCIxMCxJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy01LCItIl0sWy0xNCwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzQsIi0iXSxbLTUxLCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTY4LCItIl0sWy00MCwiMzciXSxbLTU1LCIwIl0sWy01OSwiLSJdLFstNjAsIi0iXSxbLTIzLCIrIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zNSwiWzE3NDUzNTk0Mzg3NzQsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstNTIsIi0iXSxbLTYxLCItIl0sWy02MiwiNTgiXSxbLTY3LCItIl0sWy03MCwiLSJdLFstMzMsIi0iXSxbLTQxLCItIl0sWy00NiwiMCJdLFsiZGRiIiwiMCwxMCwwLDEsMCwxNCwwLDAsMCwwLDEsMCwwLDAsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDEsMCwwLDAsMiwwLDAsMCwwLDAsNCwxLDksNzYsMCwwLDAsMiwwLDAsMCwxLDAsMCwwLDAsNywwLDAsMSwwLDAsMCwwLDAsMCwwLDExLDEsMCwwIl0sWyJjYiIsIjQsMSwwLDAsMCwwLDAsMSwwLDcsMjQsMCwyODMsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDIsMCwwLDAsMCwxMSwwLDcsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDE0LDAsMCwwLDEiXV0%3D&dep=0&pre=0&sdd=&cri=GsTTbKrANu&pto=3162&ver=65&gac=-&mei=&ap=&fe=1&duid=1.1745359438.15b1pcBAELWTIOEc&suid=1.1745359438.3z7KqS7qy72jpxvU&tuid=1.1745359438.sAYX7Cf9Yv2foY0u&fbc=->m=-&it=12%2C855%2C207&fbcl=-&gacl=-&gacsd=-&rtic=-&rtict=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D | 3.248.162.96 | 200 OK | 3.5 kB |
URL GET obseu.astarsbuilding.com/ct?id=80705&url=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fusid%3D25%26utid%3D10280164410&sf=0&tpi=&ch=AdsDeli%20-%20domain%20-%20landingpage&uvid=b509acb1993ee1b589464ec0ad12ab32dfdbf667&tsf=0&tsfmi=&tsfu=&cb=1745359438785&hl=2&op=0&ag=2881387774&rand=239225010560910501582911225087257155121722916866601158951071920502786915518160390710502&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDkyNzRdLFsiYWJuY2giLDMxXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcIm1lc2FcIixcInJcIjpcImxsdm1waXBlXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjBcIixcImd2ZW5cIjpcIm1vemlsbGFcIixcImJlblwiOjI3NyxcIndnbFwiOjEsXCJncmVuXCI6XCJsbHZtcGlwZVwiLFwic2VmXCI6NDk0MTk1MDQzLFwic2VjXCI6XCJcIn0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTksIi0iXSxbLTgsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstNiwie1wid1wiOltcIjBcIixcIk5vdGlmeVBhaW50RXZlbnRcIixcInVzaWRcIixcInV0aWRcIixcInBhdGhcIixcImdldEdQVVZlbmRvclwiLFwidGNibG9ja1wiLFwic2VhcmNoYm94QmxvY2tcIixcImdldFhNTGh0dHBcIixcImFqYXhRdWVyeVwiLFwiYWpheEJhY2tmaWxsXCIsXCJsb2FkRmVlZFwiLFwieG1sSHR0cFwiLFwibHNcIixcImdldExvYWRGZWVkQXJndW1lbnRzXCIsXCJfX2N0Y2dfY3RfODA3MDVfZXhlY1wiLFwiZ29vZ2xlTkRUX1wiLFwiZ29vZ2xlQWx0TG9hZGVyXCIsXCJnb29nbGVcIixcIl9fc2FzQ29va2llXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstMjksIi0iXSxbLTQ0LCIwLDUsMCw1Il0sWy01OCwiLSJdLFstNzIsIkV4VT0iXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTIxLCItIl0sWy0zMSwiZmFsc2UiXSxbLTM4LCJpLC0xLC0xLDYzLDAsMTgsMCwyMCwyNTAsNjMsLTEsMCwsMTc0NCwyODE4LDI4MTkiXSxbLTU0LCJ7XCJoXCI6W1wiMzI5OTcyODQ1MlwiLFwiODIyODIzMTE5XCIsXCJfM1wiLFwiMjYzOTIyMjQ2OFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMFwiLFwiMjY0NjAzODgyXCJdLFwic1wiOjF9Il0sWy01NywiUzNsUlRVMUpTZ01XRmx4TVZsc1hXRXBOV0V0S1cweFFWVjFRVjE0WFdsWlVGa3BCU1JaUUZnc0xEVjhCREFvSkMxaFlDMXNQWEZvS0NWaFlXZ0JZQVF4ZFdBdGFXMThBRjFOS0F3Z0REd3NMQVFzVkRnZ0FGazBYWEVGSlZrdE5TaFlGZVZGTlRVbEtBeFlXWEV4V1d4ZFlTazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTa0ZKRmxBV0N3c05Yd0VNQ2drTFdGZ0xXdzljV2dvSldGaGFBRmdCREYxWUMxcGJYd0FYVTBvRENBTVBDdzBPQVJWS1hFMXRVRlJjVmt4TkdWRllWMTFWWEVzVERnZ0FGazBYWEVGSlZrdE5TaFlGZVZGTlRVbEtBeFlXWEV4V1d4ZFlTazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTa0ZKRmxBV0N3PT0iXSxbLTQsIi0iXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTQ4LCJbXCItXCIsXCItXCIsXCItXCJdIl0sWy02MywiLSJdLFstMTAsIi0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjQsbnVsbF0iXSxbLTIwLCItIl0sWy00OSwiLSJdLFstNTMsIjAwMSJdLFstMSwiTGludXggeDg2XzY0Il0sWy02NSwiLSJdLFstNzEsImEwMTAwMTAxMTAwMTAwMTAxMDAwMTAxMDAxMTAxMTAwMDAwMDEwIl0sWy0xMiwiXCIxXCIiXSxbLTEzLCItIl0sWy03LCItIl0sWy0yNiwiLSJdLFstMjcsIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTY2LCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWyJibmNoIiwxMjYzXSxbLTMyLCIwIl0sWy0zNywiLSJdLFstNTAsIi0iXSxbLTY0LCItIl0sWy02OSwiTGludXggeDg2XzY0fHx8NDh8LXwtIl0sWy0xNywiNDgiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsNSx0cnVlLGZhbHNlLG51bGwsMCxmYWxzZSxmYWxzZV0iXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMDEwMDAwMDEwMDAwMDAwMDAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy0yLCIxMCxJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy01LCItIl0sWy0xNCwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzQsIi0iXSxbLTUxLCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTY4LCItIl0sWy00MCwiMzciXSxbLTU1LCIwIl0sWy01OSwiLSJdLFstNjAsIi0iXSxbLTIzLCIrIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zNSwiWzE3NDUzNTk0Mzg3NzQsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstNTIsIi0iXSxbLTYxLCItIl0sWy02MiwiNTgiXSxbLTY3LCItIl0sWy03MCwiLSJdLFstMzMsIi0iXSxbLTQxLCItIl0sWy00NiwiMCJdLFsiZGRiIiwiMCwxMCwwLDEsMCwxNCwwLDAsMCwwLDEsMCwwLDAsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDEsMCwwLDAsMiwwLDAsMCwwLDAsNCwxLDksNzYsMCwwLDAsMiwwLDAsMCwxLDAsMCwwLDAsNywwLDAsMSwwLDAsMCwwLDAsMCwwLDExLDEsMCwwIl0sWyJjYiIsIjQsMSwwLDAsMCwwLDAsMSwwLDcsMjQsMCwyODMsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDIsMCwwLDAsMCwxMSwwLDcsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDE0LDAsMCwwLDEiXV0%3D&dep=0&pre=0&sdd=&cri=GsTTbKrANu&pto=3162&ver=65&gac=-&mei=&ap=&fe=1&duid=1.1745359438.15b1pcBAELWTIOEc&suid=1.1745359438.3z7KqS7qy72jpxvU&tuid=1.1745359438.sAYX7Cf9Yv2foY0u&fbc=->m=-&it=12%2C855%2C207&fbcl=-&gacl=-&gacsd=-&rtic=-&rtict=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D IP3.248.162.96:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerZeroSSL Subject*.astarsbuilding.com FingerprintCD:97:8B:26:8F:44:36:BF:15:6E:E5:CB:05:4C:8D:F5:F1:0C:F2:54 ValidityThu, 27 Mar 2025 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3501), with no line terminators Hash5ea898ed07ea205e1fc52a94d182603d fa9f3e09ea1e4ee0b5d74770c8d8da23fdd040aa 3d071dedf96265334758e714e76b3d0ad90e69c0d499d93e3f333333888f9781
GET /ct?id=80705&url=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fusid%3D25%26utid%3D10280164410&sf=0&tpi=&ch=AdsDeli%20-%20domain%20-%20landingpage&uvid=b509acb1993ee1b589464ec0ad12ab32dfdbf667&tsf=0&tsfmi=&tsfu=&cb=1745359438785&hl=2&op=0&ag=2881387774&rand=239225010560910501582911225087257155121722916866601158951071920502786915518160390710502&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDkyNzRdLFsiYWJuY2giLDMxXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcIm1lc2FcIixcInJcIjpcImxsdm1waXBlXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjBcIixcImd2ZW5cIjpcIm1vemlsbGFcIixcImJlblwiOjI3NyxcIndnbFwiOjEsXCJncmVuXCI6XCJsbHZtcGlwZVwiLFwic2VmXCI6NDk0MTk1MDQzLFwic2VjXCI6XCJcIn0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTksIi0iXSxbLTgsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstNiwie1wid1wiOltcIjBcIixcIk5vdGlmeVBhaW50RXZlbnRcIixcInVzaWRcIixcInV0aWRcIixcInBhdGhcIixcImdldEdQVVZlbmRvclwiLFwidGNibG9ja1wiLFwic2VhcmNoYm94QmxvY2tcIixcImdldFhNTGh0dHBcIixcImFqYXhRdWVyeVwiLFwiYWpheEJhY2tmaWxsXCIsXCJsb2FkRmVlZFwiLFwieG1sSHR0cFwiLFwibHNcIixcImdldExvYWRGZWVkQXJndW1lbnRzXCIsXCJfX2N0Y2dfY3RfODA3MDVfZXhlY1wiLFwiZ29vZ2xlTkRUX1wiLFwiZ29vZ2xlQWx0TG9hZGVyXCIsXCJnb29nbGVcIixcIl9fc2FzQ29va2llXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstMjksIi0iXSxbLTQ0LCIwLDUsMCw1Il0sWy01OCwiLSJdLFstNzIsIkV4VT0iXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTIxLCItIl0sWy0zMSwiZmFsc2UiXSxbLTM4LCJpLC0xLC0xLDYzLDAsMTgsMCwyMCwyNTAsNjMsLTEsMCwsMTc0NCwyODE4LDI4MTkiXSxbLTU0LCJ7XCJoXCI6W1wiMzI5OTcyODQ1MlwiLFwiODIyODIzMTE5XCIsXCJfM1wiLFwiMjYzOTIyMjQ2OFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMFwiLFwiMjY0NjAzODgyXCJdLFwic1wiOjF9Il0sWy01NywiUzNsUlRVMUpTZ01XRmx4TVZsc1hXRXBOV0V0S1cweFFWVjFRVjE0WFdsWlVGa3BCU1JaUUZnc0xEVjhCREFvSkMxaFlDMXNQWEZvS0NWaFlXZ0JZQVF4ZFdBdGFXMThBRjFOS0F3Z0REd3NMQVFzVkRnZ0FGazBYWEVGSlZrdE5TaFlGZVZGTlRVbEtBeFlXWEV4V1d4ZFlTazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTa0ZKRmxBV0N3c05Yd0VNQ2drTFdGZ0xXdzljV2dvSldGaGFBRmdCREYxWUMxcGJYd0FYVTBvRENBTVBDdzBPQVJWS1hFMXRVRlJjVmt4TkdWRllWMTFWWEVzVERnZ0FGazBYWEVGSlZrdE5TaFlGZVZGTlRVbEtBeFlXWEV4V1d4ZFlTazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTa0ZKRmxBV0N3PT0iXSxbLTQsIi0iXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTQ4LCJbXCItXCIsXCItXCIsXCItXCJdIl0sWy02MywiLSJdLFstMTAsIi0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjQsbnVsbF0iXSxbLTIwLCItIl0sWy00OSwiLSJdLFstNTMsIjAwMSJdLFstMSwiTGludXggeDg2XzY0Il0sWy02NSwiLSJdLFstNzEsImEwMTAwMTAxMTAwMTAwMTAxMDAwMTAxMDAxMTAxMTAwMDAwMDEwIl0sWy0xMiwiXCIxXCIiXSxbLTEzLCItIl0sWy03LCItIl0sWy0yNiwiLSJdLFstMjcsIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTY2LCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWyJibmNoIiwxMjYzXSxbLTMyLCIwIl0sWy0zNywiLSJdLFstNTAsIi0iXSxbLTY0LCItIl0sWy02OSwiTGludXggeDg2XzY0fHx8NDh8LXwtIl0sWy0xNywiNDgiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsNSx0cnVlLGZhbHNlLG51bGwsMCxmYWxzZSxmYWxzZV0iXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMDEwMDAwMDEwMDAwMDAwMDAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy0yLCIxMCxJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy01LCItIl0sWy0xNCwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzQsIi0iXSxbLTUxLCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTY4LCItIl0sWy00MCwiMzciXSxbLTU1LCIwIl0sWy01OSwiLSJdLFstNjAsIi0iXSxbLTIzLCIrIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zNSwiWzE3NDUzNTk0Mzg3NzQsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstNTIsIi0iXSxbLTYxLCItIl0sWy02MiwiNTgiXSxbLTY3LCItIl0sWy03MCwiLSJdLFstMzMsIi0iXSxbLTQxLCItIl0sWy00NiwiMCJdLFsiZGRiIiwiMCwxMCwwLDEsMCwxNCwwLDAsMCwwLDEsMCwwLDAsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDEsMCwwLDAsMiwwLDAsMCwwLDAsNCwxLDksNzYsMCwwLDAsMiwwLDAsMCwxLDAsMCwwLDAsNywwLDAsMSwwLDAsMCwwLDAsMCwwLDExLDEsMCwwIl0sWyJjYiIsIjQsMSwwLDAsMCwwLDAsMSwwLDcsMjQsMCwyODMsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDIsMCwwLDAsMCwxMSwwLDcsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDE0LDAsMCwwLDEiXV0%3D&dep=0&pre=0&sdd=&cri=GsTTbKrANu&pto=3162&ver=65&gac=-&mei=&ap=&fe=1&duid=1.1745359438.15b1pcBAELWTIOEc&suid=1.1745359438.3z7KqS7qy72jpxvU&tuid=1.1745359438.sAYX7Cf9Yv2foY0u&fbc=->m=-&it=12%2C855%2C207&fbcl=-&gacl=-&gacsd=-&rtic=-&rtict=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D HTTP/1.1
Host: obseu.astarsbuilding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Tue, 22 Apr 2025 22:03:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=44d0eaf4140a8ce08859bc8378b2b608; Max-Age=29030400; Path=/; Expires=Tue, 24 Mar 2026 22:03:58 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: https://ww12.njkhsirb3t.com
content-length: 1197
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=2u56gsgxjjpy&cd_fexp=72717108&aqid=ThIIaInAF72hxdwPtcaX-QQ&psid=5837883959&pbt=bv&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=747525664&csala=34%7C0%7C495%7C145%7C347&lle=0&ifv=1&hpt=1 | 216.58.207.238 | 204 No Content | 0 B |
URL GET syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=2u56gsgxjjpy&cd_fexp=72717108&aqid=ThIIaInAF72hxdwPtcaX-QQ&psid=5837883959&pbt=bv&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=747525664&csala=34%7C0%7C495%7C145%7C347&lle=0&ifv=1&hpt=1 IP216.58.207.238:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintC9:3B:A5:26:0C:7E:1A:E6:96:B8:C5:03:1C:2B:2B:5D:F4:4B:1B:C1 ValidityMon, 31 Mar 2025 08:57:49 GMT - Mon, 23 Jun 2025 08:57:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=2u56gsgxjjpy&cd_fexp=72717108&aqid=ThIIaInAF72hxdwPtcaX-QQ&psid=5837883959&pbt=bv&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=747525664&csala=34%7C0%7C495%7C145%7C347&lle=0&ifv=1&hpt=1 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Z5Ih_AGEMpHgkHaJHJO_ZA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Tue, 22 Apr 2025 22:04:00 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| obseu.astarsbuilding.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126eebc430e34389959225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674d86d789527d691fff7c77558f688a62cf0c350c71c05a03583d565d94b86b4777be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c784376555af18d24602800f7f8412f88fea02791e00f26197afef0a4929d7ebecfc248b5038e523d65cceb92a9e471d280f061856b4a95b98a260709b0266eaa8e4a3eb580b82dcd54fc02acd7479f50c48a3c9d6c38949c319d21c986e5f28fedeb192bf02bb2bafa3b4d26e886719ab55ea107135094020497dad29b90b2c531887290b298c836ae7c3b6cd4366b8397d116719ea863ac05e0835d9167ef25020b1a8c37b54d84878d79a9a13fc917a5c09edd6a815a4f61bf11565d7d4578cca066a646d1cbc76ae59266e99b29d994e2f371cfe8a7532630c8ec5d65d5bc0e5614dfeaa26cb62788f64eb9b25dee25f56fd12a8006ddba21d50635a6f2806c543c610036025c17aafd8d6cd202b7594f4329fabc53de98180ffca4debabc6fcaf1e0e09bf9adf957523ff3409aab5a68875f781dd563416c6bf77ab36b1ec3efdd7e8c60d63996ad2cc9d5118b2f4a78741076019ddee5dc387e569f114196dbc7bab5985245cdc2cc08eaa81702a7a7412e75ebd29c0f75a52d975e811be43b9e11dec117fbb22ce1d18fa9d92465aea93c61d836eecbd5b90a8e28714f5186625151afa2588be917cf909fcb5cd3c4f65a663034e834c243a803ede869d3205f33037a2b6deb31e39d2117fd36d2adf529cb9b1cc8250ff0422d68c6b78f680fb928aad002d0052d121ee9793e88acd66bd7457ec7d401abdec1edc01f8f1f472816f3743940dccd4e4eb03cfbec9e6edc82fe045c60b035635b518d055ae598ed0403cf212291858d41d5c6e3990c30b031a7153b15de44267fd6d0005d9994a78fa4a019bf7ffa32c93798cc7b849fa47464b4df1e958cb4e495af959879&cri=GsTTbKrANu&ts=371&cb=1745359439157 | 3.248.162.96 | 200 OK | 43 B |
URL GET obseu.astarsbuilding.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126eebc430e34389959225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674d86d789527d691fff7c77558f688a62cf0c350c71c05a03583d565d94b86b4777be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c784376555af18d24602800f7f8412f88fea02791e00f26197afef0a4929d7ebecfc248b5038e523d65cceb92a9e471d280f061856b4a95b98a260709b0266eaa8e4a3eb580b82dcd54fc02acd7479f50c48a3c9d6c38949c319d21c986e5f28fedeb192bf02bb2bafa3b4d26e886719ab55ea107135094020497dad29b90b2c531887290b298c836ae7c3b6cd4366b8397d116719ea863ac05e0835d9167ef25020b1a8c37b54d84878d79a9a13fc917a5c09edd6a815a4f61bf11565d7d4578cca066a646d1cbc76ae59266e99b29d994e2f371cfe8a7532630c8ec5d65d5bc0e5614dfeaa26cb62788f64eb9b25dee25f56fd12a8006ddba21d50635a6f2806c543c610036025c17aafd8d6cd202b7594f4329fabc53de98180ffca4debabc6fcaf1e0e09bf9adf957523ff3409aab5a68875f781dd563416c6bf77ab36b1ec3efdd7e8c60d63996ad2cc9d5118b2f4a78741076019ddee5dc387e569f114196dbc7bab5985245cdc2cc08eaa81702a7a7412e75ebd29c0f75a52d975e811be43b9e11dec117fbb22ce1d18fa9d92465aea93c61d836eecbd5b90a8e28714f5186625151afa2588be917cf909fcb5cd3c4f65a663034e834c243a803ede869d3205f33037a2b6deb31e39d2117fd36d2adf529cb9b1cc8250ff0422d68c6b78f680fb928aad002d0052d121ee9793e88acd66bd7457ec7d401abdec1edc01f8f1f472816f3743940dccd4e4eb03cfbec9e6edc82fe045c60b035635b518d055ae598ed0403cf212291858d41d5c6e3990c30b031a7153b15de44267fd6d0005d9994a78fa4a019bf7ffa32c93798cc7b849fa47464b4df1e958cb4e495af959879&cri=GsTTbKrANu&ts=371&cb=1745359439157 IP3.248.162.96:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerZeroSSL Subject*.astarsbuilding.com FingerprintCD:97:8B:26:8F:44:36:BF:15:6E:E5:CB:05:4C:8D:F5:F1:0C:F2:54 ValidityThu, 27 Mar 2025 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdb04c7b378cb2db912c3ba8a5a774ee3 dee34bd86c3484d31002182aa2b7caa4699126b8 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126eebc430e34389959225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674d86d789527d691fff7c77558f688a62cf0c350c71c05a03583d565d94b86b4777be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c784376555af18d24602800f7f8412f88fea02791e00f26197afef0a4929d7ebecfc248b5038e523d65cceb92a9e471d280f061856b4a95b98a260709b0266eaa8e4a3eb580b82dcd54fc02acd7479f50c48a3c9d6c38949c319d21c986e5f28fedeb192bf02bb2bafa3b4d26e886719ab55ea107135094020497dad29b90b2c531887290b298c836ae7c3b6cd4366b8397d116719ea863ac05e0835d9167ef25020b1a8c37b54d84878d79a9a13fc917a5c09edd6a815a4f61bf11565d7d4578cca066a646d1cbc76ae59266e99b29d994e2f371cfe8a7532630c8ec5d65d5bc0e5614dfeaa26cb62788f64eb9b25dee25f56fd12a8006ddba21d50635a6f2806c543c610036025c17aafd8d6cd202b7594f4329fabc53de98180ffca4debabc6fcaf1e0e09bf9adf957523ff3409aab5a68875f781dd563416c6bf77ab36b1ec3efdd7e8c60d63996ad2cc9d5118b2f4a78741076019ddee5dc387e569f114196dbc7bab5985245cdc2cc08eaa81702a7a7412e75ebd29c0f75a52d975e811be43b9e11dec117fbb22ce1d18fa9d92465aea93c61d836eecbd5b90a8e28714f5186625151afa2588be917cf909fcb5cd3c4f65a663034e834c243a803ede869d3205f33037a2b6deb31e39d2117fd36d2adf529cb9b1cc8250ff0422d68c6b78f680fb928aad002d0052d121ee9793e88acd66bd7457ec7d401abdec1edc01f8f1f472816f3743940dccd4e4eb03cfbec9e6edc82fe045c60b035635b518d055ae598ed0403cf212291858d41d5c6e3990c30b031a7153b15de44267fd6d0005d9994a78fa4a019bf7ffa32c93798cc7b849fa47464b4df1e958cb4e495af959879&cri=GsTTbKrANu&ts=371&cb=1745359439157 HTTP/1.1
Host: obseu.astarsbuilding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Cookie: cg_uuid=44d0eaf4140a8ce08859bc8378b2b608
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Tue, 22 Apr 2025 22:03:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=zayr3oe9hldd&cd_fexp=72717108&aqid=ThIIaInAF72hxdwPtcaX-QQ&psid=5837883959&pbt=bs&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=747525664&csala=34%7C0%7C495%7C145%7C347&lle=0&ifv=1&hpt=1 | 216.58.207.238 | 204 No Content | 0 B |
URL GET syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=zayr3oe9hldd&cd_fexp=72717108&aqid=ThIIaInAF72hxdwPtcaX-QQ&psid=5837883959&pbt=bs&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=747525664&csala=34%7C0%7C495%7C145%7C347&lle=0&ifv=1&hpt=1 IP216.58.207.238:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintC9:3B:A5:26:0C:7E:1A:E6:96:B8:C5:03:1C:2B:2B:5D:F4:4B:1B:C1 ValidityMon, 31 Mar 2025 08:57:49 GMT - Mon, 23 Jun 2025 08:57:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=zayr3oe9hldd&cd_fexp=72717108&aqid=ThIIaInAF72hxdwPtcaX-QQ&psid=5837883959&pbt=bs&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=747525664&csala=34%7C0%7C495%7C145%7C347&lle=0&ifv=1&hpt=1 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-u5ngNtPBNAPLA0JGIIA4XA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Tue, 22 Apr 2025 22:04:00 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| obseu.astarsbuilding.com/mon | 3.248.162.96 | 200 OK | 0 B |
URL POST obseu.astarsbuilding.com/mon IP3.248.162.96:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerZeroSSL Subject*.astarsbuilding.com FingerprintCD:97:8B:26:8F:44:36:BF:15:6E:E5:CB:05:4C:8D:F5:F1:0C:F2:54 ValidityThu, 27 Mar 2025 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obseu.astarsbuilding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1755
Origin: https://ww12.njkhsirb3t.com
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Cookie: cg_uuid=44d0eaf4140a8ce08859bc8378b2b608
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ww12.njkhsirb3t.com
content-type: application/json
date: Tue, 22 Apr 2025 22:04:09 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| obseu.astarsbuilding.com/mon | 3.248.162.96 | 200 OK | 0 B |
URL POST obseu.astarsbuilding.com/mon IP3.248.162.96:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerZeroSSL Subject*.astarsbuilding.com FingerprintCD:97:8B:26:8F:44:36:BF:15:6E:E5:CB:05:4C:8D:F5:F1:0C:F2:54 ValidityThu, 27 Mar 2025 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obseu.astarsbuilding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1755
Origin: https://ww12.njkhsirb3t.com
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Cookie: cg_uuid=44d0eaf4140a8ce08859bc8378b2b608
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ww12.njkhsirb3t.com
content-type: application/json
date: Tue, 22 Apr 2025 22:04:14 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true | 142.250.74.68 | 200 OK | 144 kB |
URL GET www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true IP142.250.74.68:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerGoogle Trust Services Subjectwww.google.com FingerprintD0:D7:4C:27:9F:7B:15:26:DB:1E:8C:54:8C:59:28:47:E4:A8:63:68 ValidityMon, 31 Mar 2025 08:56:27 GMT - Mon, 23 Jun 2025 08:56:26 GMT
File typeJavaScript source, ASCII text, with very long lines (1839) Size144 kB (144019 bytes) Hash97e89d8ec8ce7fc75b0a9dca6c5d7a02 028794a73993db1926c899f182f5e756931d262c 03134bffc7423a6fd9a1ebe89aafa2509d7b787bb70bc936443a4c23accc1783
GET /adsense/domains/caf.js?abp=1&adsdeli=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Tue, 22 Apr 2025 22:03:57 GMT
expires: Tue, 22 Apr 2025 22:03:57 GMT
cache-control: private, max-age=3600
etag: "12479839741467696111"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket102%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.wneaPV7VBTW4jyFN_hShFNmZRjWdEM8opyM-l3kohZVHkY4vk4q_iw.b1mQZx0iWJk0MN_LlHkB9Q.7lsyCjHUcQwD5GE4TOuzuSPBr2-Q53QX6PvCoIPlW0ozwMOfjAOwcfge0EzGoAuqe_M_MMCKt9AnpCI8XT7jaAP6bl9HQ-QXpiw-fvCct3eb9dJDxm6Bg9Li11nFC7OUb3w9gPrgjpm-KqKDpad08jO4W9dx95DB2AfziwUNns6wo8TZUw11G4IptNnmYhtiO-Yy1Inn0Rf0opuqoFv0pZ2bvTWjgoCAuQuMrPNmhrQqMtM5P9EKdrRJsBPgQl98f9_VS1t0LdB80UqWq4c2gsmgBbAzQ5k2t29YJUZAT5yEmeZB1hINfteIvRo3B7wI4UjxRP4agIWaOY-_luMlZ0iWPA7oAC_nXkYvCJwAcAr9EgpFpadFZEWsXQfZq7BOR39o5yDS8q6gmRqj8YVgHR7JxXriONJ_kSZDoVA3kiO4HFHuxHH9vjnDi3sCvMKKh1OLSSmDlq0Uz5s9rclMei0VpjKaQZjdD_8scbbGZ9bwo2VRVzTrlEJjFv2iBHJKCwr_DW1vazlt_liPo6VeaMwGJhvqhhiNY-9l75YjTjntJrqi1ob4036yPfZ_dVfih07jO9kMpgMHJkDCPl9E3bR34IahIClzKHHV5sDhonT7fZptw42x1fDpKau2RzTI.PRd9oipKFQX-PnTDGXKMlQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2249930504083802&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=3861745359438155&num=0&output=afd_ads&domain_name=ww12.njkhsirb3t.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1745359438157&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=747525664&rurl=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fusid%3D25%26utid%3D10280164410 | 216.58.207.238 | 200 OK | 16 kB |
URL GET syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket102%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.wneaPV7VBTW4jyFN_hShFNmZRjWdEM8opyM-l3kohZVHkY4vk4q_iw.b1mQZx0iWJk0MN_LlHkB9Q.7lsyCjHUcQwD5GE4TOuzuSPBr2-Q53QX6PvCoIPlW0ozwMOfjAOwcfge0EzGoAuqe_M_MMCKt9AnpCI8XT7jaAP6bl9HQ-QXpiw-fvCct3eb9dJDxm6Bg9Li11nFC7OUb3w9gPrgjpm-KqKDpad08jO4W9dx95DB2AfziwUNns6wo8TZUw11G4IptNnmYhtiO-Yy1Inn0Rf0opuqoFv0pZ2bvTWjgoCAuQuMrPNmhrQqMtM5P9EKdrRJsBPgQl98f9_VS1t0LdB80UqWq4c2gsmgBbAzQ5k2t29YJUZAT5yEmeZB1hINfteIvRo3B7wI4UjxRP4agIWaOY-_luMlZ0iWPA7oAC_nXkYvCJwAcAr9EgpFpadFZEWsXQfZq7BOR39o5yDS8q6gmRqj8YVgHR7JxXriONJ_kSZDoVA3kiO4HFHuxHH9vjnDi3sCvMKKh1OLSSmDlq0Uz5s9rclMei0VpjKaQZjdD_8scbbGZ9bwo2VRVzTrlEJjFv2iBHJKCwr_DW1vazlt_liPo6VeaMwGJhvqhhiNY-9l75YjTjntJrqi1ob4036yPfZ_dVfih07jO9kMpgMHJkDCPl9E3bR34IahIClzKHHV5sDhonT7fZptw42x1fDpKau2RzTI.PRd9oipKFQX-PnTDGXKMlQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2249930504083802&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=3861745359438155&num=0&output=afd_ads&domain_name=ww12.njkhsirb3t.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1745359438157&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=747525664&rurl=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fusid%3D25%26utid%3D10280164410 IP216.58.207.238:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintC9:3B:A5:26:0C:7E:1A:E6:96:B8:C5:03:1C:2B:2B:5D:F4:4B:1B:C1 ValidityMon, 31 Mar 2025 08:57:49 GMT - Mon, 23 Jun 2025 08:57:48 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (15367) Hash3b0b8cff5f4a517959261f3a9efc67c4 805112f7900f677f48d4642650902b592cb8d4ba 67d54168c241165ed156872ef516c534d0b92dbd81b99bfea80d2af7f8206ed5
GET /afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket102%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.wneaPV7VBTW4jyFN_hShFNmZRjWdEM8opyM-l3kohZVHkY4vk4q_iw.b1mQZx0iWJk0MN_LlHkB9Q.7lsyCjHUcQwD5GE4TOuzuSPBr2-Q53QX6PvCoIPlW0ozwMOfjAOwcfge0EzGoAuqe_M_MMCKt9AnpCI8XT7jaAP6bl9HQ-QXpiw-fvCct3eb9dJDxm6Bg9Li11nFC7OUb3w9gPrgjpm-KqKDpad08jO4W9dx95DB2AfziwUNns6wo8TZUw11G4IptNnmYhtiO-Yy1Inn0Rf0opuqoFv0pZ2bvTWjgoCAuQuMrPNmhrQqMtM5P9EKdrRJsBPgQl98f9_VS1t0LdB80UqWq4c2gsmgBbAzQ5k2t29YJUZAT5yEmeZB1hINfteIvRo3B7wI4UjxRP4agIWaOY-_luMlZ0iWPA7oAC_nXkYvCJwAcAr9EgpFpadFZEWsXQfZq7BOR39o5yDS8q6gmRqj8YVgHR7JxXriONJ_kSZDoVA3kiO4HFHuxHH9vjnDi3sCvMKKh1OLSSmDlq0Uz5s9rclMei0VpjKaQZjdD_8scbbGZ9bwo2VRVzTrlEJjFv2iBHJKCwr_DW1vazlt_liPo6VeaMwGJhvqhhiNY-9l75YjTjntJrqi1ob4036yPfZ_dVfih07jO9kMpgMHJkDCPl9E3bR34IahIClzKHHV5sDhonT7fZptw42x1fDpKau2RzTI.PRd9oipKFQX-PnTDGXKMlQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2249930504083802&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=3861745359438155&num=0&output=afd_ads&domain_name=ww12.njkhsirb3t.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1745359438157&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=747525664&rurl=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fusid%3D25%26utid%3D10280164410 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Tue, 22 Apr 2025 22:03:58 GMT
expires: Tue, 22 Apr 2025 22:03:58 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-S3PIn2cITn4ya3s2b4prCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 3498
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/adsense/domains/caf.js | 216.58.207.238 | 200 OK | 144 kB |
URL GET syndicatedsearch.goog/adsense/domains/caf.js IP216.58.207.238:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket102%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.wneaPV7VBTW4jyFN_hShFNmZRjWdEM8opyM-l3kohZVHkY4vk4q_iw.b1mQZx0iWJk0MN_LlHkB9Q.7lsyCjHUcQwD5GE4TOuzuSPBr2-Q53QX6PvCoIPlW0ozwMOfjAOwcfge0EzGoAuqe_M_MMCKt9AnpCI8XT7jaAP6bl9HQ-QXpiw-fvCct3eb9dJDxm6Bg9Li11nFC7OUb3w9gPrgjpm-KqKDpad08jO4W9dx95DB2AfziwUNns6wo8TZUw11G4IptNnmYhtiO-Yy1Inn0Rf0opuqoFv0pZ2bvTWjgoCAuQuMrPNmhrQqMtM5P9EKdrRJsBPgQl98f9_VS1t0LdB80UqWq4c2gsmgBbAzQ5k2t29YJUZAT5yEmeZB1hINfteIvRo3B7wI4UjxRP4agIWaOY-_luMlZ0iWPA7oAC_nXkYvCJwAcAr9EgpFpadFZEWsXQfZq7BOR39o5yDS8q6gmRqj8YVgHR7JxXriONJ_kSZDoVA3kiO4HFHuxHH9vjnDi3sCvMKKh1OLSSmDlq0Uz5s9rclMei0VpjKaQZjdD_8scbbGZ9bwo2VRVzTrlEJjFv2iBHJKCwr_DW1vazlt_liPo6VeaMwGJhvqhhiNY-9l75YjTjntJrqi1ob4036yPfZ_dVfih07jO9kMpgMHJkDCPl9E3bR34IahIClzKHHV5sDhonT7fZptw42x1fDpKau2RzTI.PRd9oipKFQX-PnTDGXKMlQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2249930504083802&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=3861745359438155&num=0&output=afd_ads&domain_name=ww12.njkhsirb3t.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1745359438157&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=747525664&rurl=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fusid%3D25%26utid%3D10280164410 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintC9:3B:A5:26:0C:7E:1A:E6:96:B8:C5:03:1C:2B:2B:5D:F4:4B:1B:C1 ValidityMon, 31 Mar 2025 08:57:49 GMT - Mon, 23 Jun 2025 08:57:48 GMT
File typeJavaScript source, ASCII text, with very long lines (1839) Size144 kB (144026 bytes) Hashe76549201cee7be54dbaefb4d0678dc6 7eb929de9c05a681f16cd9210d3e233592f377f6 f38f5ea1fd5e58cd2599bd166c05c013b59a05e08d07a755d39e15bd84c75351
GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Tue, 22 Apr 2025 22:03:58 GMT
expires: Tue, 22 Apr 2025 22:03:58 GMT
cache-control: private, max-age=3600
etag: "5510323284664303165"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff | 142.250.74.33 | 200 OK | 391 B |
URL GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff IP142.250.74.33:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket102%2Cbucket077&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.wneaPV7VBTW4jyFN_hShFNmZRjWdEM8opyM-l3kohZVHkY4vk4q_iw.b1mQZx0iWJk0MN_LlHkB9Q.7lsyCjHUcQwD5GE4TOuzuSPBr2-Q53QX6PvCoIPlW0ozwMOfjAOwcfge0EzGoAuqe_M_MMCKt9AnpCI8XT7jaAP6bl9HQ-QXpiw-fvCct3eb9dJDxm6Bg9Li11nFC7OUb3w9gPrgjpm-KqKDpad08jO4W9dx95DB2AfziwUNns6wo8TZUw11G4IptNnmYhtiO-Yy1Inn0Rf0opuqoFv0pZ2bvTWjgoCAuQuMrPNmhrQqMtM5P9EKdrRJsBPgQl98f9_VS1t0LdB80UqWq4c2gsmgBbAzQ5k2t29YJUZAT5yEmeZB1hINfteIvRo3B7wI4UjxRP4agIWaOY-_luMlZ0iWPA7oAC_nXkYvCJwAcAr9EgpFpadFZEWsXQfZq7BOR39o5yDS8q6gmRqj8YVgHR7JxXriONJ_kSZDoVA3kiO4HFHuxHH9vjnDi3sCvMKKh1OLSSmDlq0Uz5s9rclMei0VpjKaQZjdD_8scbbGZ9bwo2VRVzTrlEJjFv2iBHJKCwr_DW1vazlt_liPo6VeaMwGJhvqhhiNY-9l75YjTjntJrqi1ob4036yPfZ_dVfih07jO9kMpgMHJkDCPl9E3bR34IahIClzKHHV5sDhonT7fZptw42x1fDpKau2RzTI.PRd9oipKFQX-PnTDGXKMlQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2249930504083802&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=3861745359438155&num=0&output=afd_ads&domain_name=ww12.njkhsirb3t.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1745359438157&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=747525664&rurl=https%3A%2F%2Fww12.njkhsirb3t.com%2F%3Fusid%3D25%26utid%3D10280164410 CertificateIssuerGoogle Trust Services Subject*.googleusercontent.com Fingerprint66:19:DE:95:18:3E:90:8D:7D:31:50:9A:E3:F7:2D:9D:D6:7D:A7:F8 ValidityMon, 31 Mar 2025 08:55:39 GMT - Mon, 23 Jun 2025 08:55:38 GMT
File typeSVG Scalable Vector Graphics image Hash8959ddcd9712196961d93f58064ed655 62ab1e38e7e9fbf58a04381b76c2d96a9c829f24 17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Apr 2025 15:28:25 GMT
expires: Wed, 23 Apr 2025 14:28:25 GMT
cache-control: public, max-age=82800
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 23734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| obseu.astarsbuilding.com/mon | 3.248.162.96 | 200 OK | 0 B |
URL POST obseu.astarsbuilding.com/mon IP3.248.162.96:443
Requested byhttps://ww12.njkhsirb3t.com/?usid=25&utid=10280164410 CertificateIssuerZeroSSL Subject*.astarsbuilding.com FingerprintCD:97:8B:26:8F:44:36:BF:15:6E:E5:CB:05:4C:8D:F5:F1:0C:F2:54 ValidityThu, 27 Mar 2025 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obseu.astarsbuilding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1752
Origin: https://ww12.njkhsirb3t.com
DNT: 1
Connection: keep-alive
Referer: https://ww12.njkhsirb3t.com/
Cookie: cg_uuid=44d0eaf4140a8ce08859bc8378b2b608
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ww12.njkhsirb3t.com
content-type: application/json
date: Tue, 22 Apr 2025 22:04:02 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|