| euob.seaskydvd.com/sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js |  54.240.174.69 | 200 OK | 111 kB |
URL GET euob.seaskydvd.com/sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js IP54.240.174.69:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerAmazon Subject*.seaskydvd.com Fingerprint5D:E2:D2:FB:0A:F9:91:11:96:63:07:24:64:47:1E:C8:64:72:1A:12 ValidityTue, 18 Jun 2024 00:00:00 GMT - Fri, 18 Jul 2025 23:59:59 GMT
Size111 kB (111069 bytes) Hashf7b4ab1bebbca49be5bb7203095d0cb5 7a2f171f01f5239e5569976623b0b21fc106c636 558beae89b8830d8e7a0b09d6d901447cce591552e91c3fde0a2f682eddabe92
GET /sxp/i/224f85302aa2b6ec30aac9a85da2cbf9.js HTTP/1.1
Host: euob.seaskydvd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 40716
content-encoding: gzip
server: Caddy
date: Mon, 07 Apr 2025 00:50:59 GMT
cache-control: max-age=43200
expires: Mon, 07 Apr 2025 12:50:39 GMT
etag: "1b1dd-ei8XHwH1I55VaZdmI7CyH8EGxjY"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kVPEztsvbGiTfPgDytwhSMoXTIYJQOl-7e0YmO0J26u5-j3VnqBVDQ==
age: 13764
X-Firefox-Spdy: h2
|
|
| www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true | 142.250.178.100 | 200 OK | 144 kB |
URL GET www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true IP142.250.178.100:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint40:5C:81:99:DA:01:36:FE:E4:60:2B:67:51:3D:C2:62:8D:9A:38:47 ValidityThu, 20 Mar 2025 11:20:31 GMT - Thu, 12 Jun 2025 11:20:30 GMT
File typeJavaScript source, ASCII text, with very long lines (1831) Size144 kB (144137 bytes) Hashc2d81b2d79a0037967d0766b34a91cae 1ee3ea6b1a53ce88398cc46ae12cebd45050bfb5 c95dff12e57e5f94bfd3fccc956a36d18b3e4d1af3cb1a6f9e5d86c58cc5e43b
GET /adsense/domains/caf.js?abp=1&adsdeli=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Mon, 07 Apr 2025 04:40:03 GMT
expires: Mon, 07 Apr 2025 04:40:03 GMT
cache-control: private, max-age=3600
etag: "16157181307104696654"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ww12.przvgke.biz/munin/a/ls?t=67f35723&token=3a1abbeddbf9214a899418440431303bc5092da1 | 76.223.26.96 | 201 Created | 0 B |
URL GET ww12.przvgke.biz/munin/a/ls?t=67f35723&token=3a1abbeddbf9214a899418440431303bc5092da1 IP76.223.26.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerLet's Encrypt Subjectww12.przvgke.biz Fingerprint12:68:BD:A0:C8:70:57:20:B3:AD:B8:C9:84:A2:1B:44:B2:90:BF:A5 ValidityWed, 19 Feb 2025 16:02:47 GMT - Tue, 20 May 2025 16:02:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /munin/a/ls?t=67f35723&token=3a1abbeddbf9214a899418440431303bc5092da1 HTTP/1.1
Host: ww12.przvgke.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin:
access-control-max-age: 86400
alt-svc: h3=":50944"; ma=2592000
charset: utf-8
content-type: text/javascript;charset=UTF-8
date: Mon, 07 Apr 2025 04:40:03 GMT
server: Caddy, nginx
status: 201 Created
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_UBXVoNqzVldqgNrqJ7R2GR9zRKp23DwLtsZLlotc6baoLutJq00jeMewblSLfkG6GEaKrUt9sLZL8jpvEsVQ1w==
x-log-success: 67f357235718d51b88008b9b
content-length: 0
X-Firefox-Spdy: h2
|
|
| partner.googleadservices.com/gampad/cookie.js?domain=ww12.przvgke.biz&client=dp-teaminternet04_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2 | 142.250.178.66 | 200 OK | 376 B |
URL GET partner.googleadservices.com/gampad/cookie.js?domain=ww12.przvgke.biz&client=dp-teaminternet04_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2 IP142.250.178.66:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerGoogle Trust Services Subject*.googleadservices.com FingerprintD5:49:F7:BC:97:FE:75:B1:34:46:6B:53:27:E1:8B:F5:BB:94:40:F3 ValidityThu, 20 Mar 2025 11:19:29 GMT - Thu, 12 Jun 2025 11:19:28 GMT
File typeASCII text, with very long lines (376), with no line terminators Hashf2182dccd290a18bc4d6e2f8abfca5aa ba08e0964bde55ceea0436e1b174a3a016783d1c 360b36c984b9e6d09fc80ae643821276eba89c36c9b6ef9ec5c378ffcf798c8e
GET /gampad/cookie.js?domain=ww12.przvgke.biz&client=dp-teaminternet04_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 07 Apr 2025 04:40:04 GMT
server: cafe
content-length: 240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| obseu.seaskydvd.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126eeac735ea4f8a999225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f6749d0838f027e361dfa787052d63fdf36c705335425945b515e67020c93ed394e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c231570530ca38928657e0fa4ae4b2b84fda47c99e15b761f2ffef3f490c976bdcfc248b5038e523d65cceb92a9e471d280f061856b4a95b98a260709b0266eaa8e5426a49eac2fda18ad1ff89b4680128e9a24856176d4c6628b3acdddadb0d6bbee1b2ce06af2e2ae245035b9da6492b043b74c4f13cb4f0ed0c2db9b8fbc9537cb3bdd92f5d029bd2d3574853873d4b8bc0e6990e833f351a9d35a9537f72b0c0b44cb32b81dccc0be3fe0c778895ce6859c8327ad5f554bfa501f11310b78caa360bf499683c52aa69263f69c29c881ecf93dc1f0eb5c72758dea484fd6bb490242f8acac74f36be9b605babe6acb28b23b874ec608c5fe6eb4467eb1f0d61f6b2d6a1137194005e8bd9e66b901b646524229f8b44fc399180cfcb0c3bbbc6cc1eff8fd86f8acf9574b20e64684be4573804b6207ca605b7570eb7dad7605dfecc062967dd0248fb731cbb80c85660921246f6001c885bd8f2e71479b064492d7ddbbb0ca5b059aaecc15eea63420dda7433961a892bc315ca53b971cda43b72d9100dad612ffbe36e29b88da98437cee9b4410e834aef8c8ad60cf1330735e86745114f4fa0b9de606cb879acf50c9878733063743a047d647ef52b38610d34c1850456e7c7df3469cc37303ab65abcae9279b8b149e7e73b303287ddbb9ad5509bf35acd14eb852665915e2292680b3c53c9e152c908612a2c3cfbfdd13c857543e07b22a70108e9a0f5db920f5be9c6f9dd9ec124f23e139711a0ece0b42b9dabd4d53826872d2949b539697e98d4b28ba2ca95e3c03de442263c781475381d3e3d5e2b60ff378e2379337cbd14798b1e4396eacff00b0c2e1e19faa889a2648dab77916ce72&cri=eCnTmLifO1&ts=316&cb=1744000804841 |  3.248.162.96 | 200 OK | 43 B |
URL GET obseu.seaskydvd.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126eeac735ea4f8a999225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f6749d0838f027e361dfa787052d63fdf36c705335425945b515e67020c93ed394e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c231570530ca38928657e0fa4ae4b2b84fda47c99e15b761f2ffef3f490c976bdcfc248b5038e523d65cceb92a9e471d280f061856b4a95b98a260709b0266eaa8e5426a49eac2fda18ad1ff89b4680128e9a24856176d4c6628b3acdddadb0d6bbee1b2ce06af2e2ae245035b9da6492b043b74c4f13cb4f0ed0c2db9b8fbc9537cb3bdd92f5d029bd2d3574853873d4b8bc0e6990e833f351a9d35a9537f72b0c0b44cb32b81dccc0be3fe0c778895ce6859c8327ad5f554bfa501f11310b78caa360bf499683c52aa69263f69c29c881ecf93dc1f0eb5c72758dea484fd6bb490242f8acac74f36be9b605babe6acb28b23b874ec608c5fe6eb4467eb1f0d61f6b2d6a1137194005e8bd9e66b901b646524229f8b44fc399180cfcb0c3bbbc6cc1eff8fd86f8acf9574b20e64684be4573804b6207ca605b7570eb7dad7605dfecc062967dd0248fb731cbb80c85660921246f6001c885bd8f2e71479b064492d7ddbbb0ca5b059aaecc15eea63420dda7433961a892bc315ca53b971cda43b72d9100dad612ffbe36e29b88da98437cee9b4410e834aef8c8ad60cf1330735e86745114f4fa0b9de606cb879acf50c9878733063743a047d647ef52b38610d34c1850456e7c7df3469cc37303ab65abcae9279b8b149e7e73b303287ddbb9ad5509bf35acd14eb852665915e2292680b3c53c9e152c908612a2c3cfbfdd13c857543e07b22a70108e9a0f5db920f5be9c6f9dd9ec124f23e139711a0ece0b42b9dabd4d53826872d2949b539697e98d4b28ba2ca95e3c03de442263c781475381d3e3d5e2b60ff378e2379337cbd14798b1e4396eacff00b0c2e1e19faa889a2648dab77916ce72&cri=eCnTmLifO1&ts=316&cb=1744000804841 IP3.248.162.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerZeroSSL Subject*.seaskydvd.com Fingerprint83:E6:81:53:64:C2:1C:D9:61:DD:3E:40:EB:D3:E1:18:43:D9:D0:62 ValidityMon, 31 Mar 2025 00:00:00 GMT - Sun, 29 Jun 2025 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdb04c7b378cb2db912c3ba8a5a774ee3 dee34bd86c3484d31002182aa2b7caa4699126b8 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126eeac735ea4f8a999225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f6749d0838f027e361dfa787052d63fdf36c705335425945b515e67020c93ed394e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c231570530ca38928657e0fa4ae4b2b84fda47c99e15b761f2ffef3f490c976bdcfc248b5038e523d65cceb92a9e471d280f061856b4a95b98a260709b0266eaa8e5426a49eac2fda18ad1ff89b4680128e9a24856176d4c6628b3acdddadb0d6bbee1b2ce06af2e2ae245035b9da6492b043b74c4f13cb4f0ed0c2db9b8fbc9537cb3bdd92f5d029bd2d3574853873d4b8bc0e6990e833f351a9d35a9537f72b0c0b44cb32b81dccc0be3fe0c778895ce6859c8327ad5f554bfa501f11310b78caa360bf499683c52aa69263f69c29c881ecf93dc1f0eb5c72758dea484fd6bb490242f8acac74f36be9b605babe6acb28b23b874ec608c5fe6eb4467eb1f0d61f6b2d6a1137194005e8bd9e66b901b646524229f8b44fc399180cfcb0c3bbbc6cc1eff8fd86f8acf9574b20e64684be4573804b6207ca605b7570eb7dad7605dfecc062967dd0248fb731cbb80c85660921246f6001c885bd8f2e71479b064492d7ddbbb0ca5b059aaecc15eea63420dda7433961a892bc315ca53b971cda43b72d9100dad612ffbe36e29b88da98437cee9b4410e834aef8c8ad60cf1330735e86745114f4fa0b9de606cb879acf50c9878733063743a047d647ef52b38610d34c1850456e7c7df3469cc37303ab65abcae9279b8b149e7e73b303287ddbb9ad5509bf35acd14eb852665915e2292680b3c53c9e152c908612a2c3cfbfdd13c857543e07b22a70108e9a0f5db920f5be9c6f9dd9ec124f23e139711a0ece0b42b9dabd4d53826872d2949b539697e98d4b28ba2ca95e3c03de442263c781475381d3e3d5e2b60ff378e2379337cbd14798b1e4396eacff00b0c2e1e19faa889a2648dab77916ce72&cri=eCnTmLifO1&ts=316&cb=1744000804841 HTTP/1.1
Host: obseu.seaskydvd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Cookie: cg_uuid=0b065b96407fa40d013a679a1b6cecb1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Mon, 07 Apr 2025 04:40:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
|
|
| obseu.seaskydvd.com/mon | 3.248.162.96 | 200 OK | 0 B |
IP3.248.162.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerZeroSSL Subject*.seaskydvd.com Fingerprint83:E6:81:53:64:C2:1C:D9:61:DD:3E:40:EB:D3:E1:18:43:D9:D0:62 ValidityMon, 31 Mar 2025 00:00:00 GMT - Sun, 29 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obseu.seaskydvd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2552
Origin: https://ww12.przvgke.biz
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Cookie: cg_uuid=0b065b96407fa40d013a679a1b6cecb1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ww12.przvgke.biz
content-type: application/json
date: Mon, 07 Apr 2025 04:40:05 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=f5g8nalc9s8p&cd_fexp=72717108&aqid=JFfzZ7XXG7zKjuwPxNHKiQ4&psid=5837883959&pbt=bs&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=740324255&csala=7%7C0%7C398%7C95%7C151&lle=0&ifv=1&hpt=1 | 142.250.178.78 | 204 No Content | 0 B |
URL GET syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=f5g8nalc9s8p&cd_fexp=72717108&aqid=JFfzZ7XXG7zKjuwPxNHKiQ4&psid=5837883959&pbt=bs&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=740324255&csala=7%7C0%7C398%7C95%7C151&lle=0&ifv=1&hpt=1 IP142.250.178.78:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41 ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=f5g8nalc9s8p&cd_fexp=72717108&aqid=JFfzZ7XXG7zKjuwPxNHKiQ4&psid=5837883959&pbt=bs&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=740324255&csala=7%7C0%7C398%7C95%7C151&lle=0&ifv=1&hpt=1 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-kO2dbImaamsqgvQwcoc7IQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Mon, 07 Apr 2025 04:40:06 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| obseu.seaskydvd.com/mon | 3.248.162.96 | 200 OK | 0 B |
IP3.248.162.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerZeroSSL Subject*.seaskydvd.com Fingerprint83:E6:81:53:64:C2:1C:D9:61:DD:3E:40:EB:D3:E1:18:43:D9:D0:62 ValidityMon, 31 Mar 2025 00:00:00 GMT - Sun, 29 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obseu.seaskydvd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1769
Origin: https://ww12.przvgke.biz
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Cookie: cg_uuid=0b065b96407fa40d013a679a1b6cecb1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ww12.przvgke.biz
content-type: application/json
date: Mon, 07 Apr 2025 04:40:19 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| ww12.przvgke.biz/favicon.ico | 76.223.26.96 | 200 OK | 0 B |
URL GET ww12.przvgke.biz/favicon.ico IP76.223.26.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerLet's Encrypt Subjectww12.przvgke.biz Fingerprint12:68:BD:A0:C8:70:57:20:B3:AD:B8:C9:84:A2:1B:44:B2:90:BF:A5 ValidityWed, 19 Feb 2025 16:02:47 GMT - Tue, 20 May 2025 16:02:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ww12.przvgke.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
alt-svc: h3=":50944"; ma=2592000
content-type: image/x-icon
date: Mon, 07 Apr 2025 04:40:04 GMT
etag: "670f7248-0"
last-modified: Wed, 16 Oct 2024 07:59:04 GMT
server: Caddy, nginx
content-length: 0
X-Firefox-Spdy: h2
|
|
| afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff | 142.250.178.97 | 200 OK | 200 B |
URL GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP142.250.178.97:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.przvgke.biz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.DliAHeQmbtpdLy5DJ2Wi_KMXHjn4_MXxe5bheFkkb--18wQhlCt1uw.4Oa5grzohAGbpda9TVujkQ.YXjIe9Ttnzb9C4ZR4J_C94hcHHSCYq8RWXnRTfYFa4ptUHn3Cxv-1B2VwmPbEcXwInJ5Jmo0s1_DWV3kpGJRulUlTvOkXGj_-BJnfKeiCgRpgefEF8BInz7bE4bZV4fn_jP77LEcYTfo2swREK6KuW9B1g-6NxjLMnVw-tNHlWcUDDkomyS9XjOoLJLBiMmVl6NJJRMXQ2l8nwopLfwOsQYpMF8gNb6kqGZ4-nfxtiw-fCTUoLUbYjjYpGcP63qhGeN86v-7y_7i0Rkn1xh_O-odSuaI5eJbbP4yu9U9UYKNYYUPaVlLztxyy0X8soSpiqMa44Ux9mQsiZvQCU2rT8J6gE7kevBdlbIemyqX0CMDWtCSNdRL6cHvFK8ZhcJhLpxbTPcfDJErUPC8RATLyAd1zuKLg62cWu2Xh2shzBZlvNrC6vAOM_61qMG2lHOx1eLLQvBrXa00gwAgnnL5LHooArtyJ5ILo1nSfpsL8XfiNtNnlJ5SeEOQfeDmk6WaBkNqMor_ZwiE5SVItcwl2BlsrZhwpFoOmTGrJq5PcGF_y33NJhor66PqvIYTq-XfGh28WUYzVtTtyTPwsFn33WMSZ16LgocimNTNj6b4cf5Rg4NGIBiE7om0AY1xp0wiSVdaBUpsQL9z5UtJd_SdGQ.zzPhFcnyQ2GQURgJB0FVpQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=9361744000804272&num=0&output=afd_ads&domain_name=ww12.przvgke.biz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744000804274&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww12.przvgke.biz%2Fnrmuekqisroucom%3Fusid%3D26%26utid%3D11597241499 CertificateIssuerGoogle Trust Services Subject*.googleusercontent.com Fingerprint85:BF:6A:5F:09:9C:AA:F5:8D:3B:2E:65:D1:16:4F:7F:03:2D:A8:DD ValidityThu, 20 Mar 2025 11:19:41 GMT - Thu, 12 Jun 2025 11:19:40 GMT
File typeSVG Scalable Vector Graphics image Hash11b3089d616633ca6b73b57aa877eeb4 07632f63e06b30d9b63c97177d3a8122629bda9b 809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Apr 2025 00:20:03 GMT
expires: Mon, 07 Apr 2025 23:20:03 GMT
cache-control: public, max-age=82800
age: 15602
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=8k6sn728ouho&cd_fexp=72717108&aqid=JFfzZ7XXG7zKjuwPxNHKiQ4&psid=5837883959&pbt=bv&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=740324255&csala=7%7C0%7C398%7C95%7C151&lle=0&ifv=1&hpt=1 | 142.250.178.78 | 204 No Content | 0 B |
URL GET syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=8k6sn728ouho&cd_fexp=72717108&aqid=JFfzZ7XXG7zKjuwPxNHKiQ4&psid=5837883959&pbt=bv&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=740324255&csala=7%7C0%7C398%7C95%7C151&lle=0&ifv=1&hpt=1 IP142.250.178.78:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41 ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=8k6sn728ouho&cd_fexp=72717108&aqid=JFfzZ7XXG7zKjuwPxNHKiQ4&psid=5837883959&pbt=bv&adbx=375&adby=170.1999969482422&adbh=498&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=740324255&csala=7%7C0%7C398%7C95%7C151&lle=0&ifv=1&hpt=1 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Uv6zAi4MG34BIPl1uiOxuQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Mon, 07 Apr 2025 04:40:06 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| obseu.seaskydvd.com/mon | 3.248.162.96 | 200 OK | 0 B |
IP3.248.162.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerZeroSSL Subject*.seaskydvd.com Fingerprint83:E6:81:53:64:C2:1C:D9:61:DD:3E:40:EB:D3:E1:18:43:D9:D0:62 ValidityMon, 31 Mar 2025 00:00:00 GMT - Sun, 29 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obseu.seaskydvd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1766
Origin: https://ww12.przvgke.biz
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Cookie: cg_uuid=0b065b96407fa40d013a679a1b6cecb1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ww12.przvgke.biz
content-type: application/json
date: Mon, 07 Apr 2025 04:40:07 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| obseu.seaskydvd.com/mon | 3.248.162.96 | 200 OK | 0 B |
IP3.248.162.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerZeroSSL Subject*.seaskydvd.com Fingerprint83:E6:81:53:64:C2:1C:D9:61:DD:3E:40:EB:D3:E1:18:43:D9:D0:62 ValidityMon, 31 Mar 2025 00:00:00 GMT - Sun, 29 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obseu.seaskydvd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1769
Origin: https://ww12.przvgke.biz
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Cookie: cg_uuid=0b065b96407fa40d013a679a1b6cecb1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ww12.przvgke.biz
content-type: application/json
date: Mon, 07 Apr 2025 04:40:14 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 | 76.223.26.96 | 200 OK | 17 kB |
URL User Request GET ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 IP76.223.26.96:443
CertificateIssuerLet's Encrypt Subjectww12.przvgke.biz Fingerprint12:68:BD:A0:C8:70:57:20:B3:AD:B8:C9:84:A2:1B:44:B2:90:BF:A5 ValidityWed, 19 Feb 2025 16:02:47 GMT - Tue, 20 May 2025 16:02:46 GMT
File typeHTML document, ASCII text, with very long lines (9180) Hashdeeb78a158c1358afb7b5696a29287d5 fa6316bf5f57d3dd34e61aa49ac2eeb062bcf60f 140acd2e362340186cdffdcea6d933f6ee067b745f56b36c239d84438c17ea82
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /nrmuekqisroucom?usid=26&utid=11597241499 HTTP/1.1
Host: ww12.przvgke.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
alt-svc: h3=":50944"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 07 Apr 2025 04:40:03 GMT
server: Caddy, nginx
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_BkMu1ZGuZ514OeKFhz9TC+1IFOz2a8CPzwNgALNNgo5UGdZk7i7NsoFTVfBGdhl62pFaqFxRFMQX7ygESA0Jig==
x-buckets: bucket003,bucket077
x-domain: przvgke.biz
x-language: norwegian
x-pcrew-blocked-reason: hosting network
x-pcrew-ip-organization: Blix Solutions
x-subdomain: ww12
x-template: tpl_CleanPeppermintBlack_twoclick
X-Firefox-Spdy: h2
|
|
| parking3.parklogic.com/page/enhance.js?pcId=12&domain=przvgke.biz | 172.232.7.47 | 200 OK | 2.3 kB |
URL GET parking3.parklogic.com/page/enhance.js?pcId=12&domain=przvgke.biz IP172.232.7.47:443 ASN#63949 Akamai Connected Cloud
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerLet's Encrypt Subjectenhance-lb01.parklogic.com FingerprintA9:52:EB:46:72:F6:AB:43:E9:BC:07:14:2E:C8:58:DD:ED:1B:9A:51 ValidityMon, 31 Mar 2025 01:04:57 GMT - Sun, 29 Jun 2025 01:04:56 GMT
File typeJavaScript source, ASCII text, with very long lines (465) Hashd3205a7f1e37b25eb18cc1bbac84ea8e a7da5e3cc8aca87572981b69ae7074043ec53455 77c8e0f4385786dce0d63ac1b7556975ace927aca63b0416db09d2e2b603bcd6
GET /page/enhance.js?pcId=12&domain=przvgke.biz HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 07 Apr 2025 04:40:03 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ww12.przvgke.biz/munin/a/tr/browserjs?domain=przvgke.biz&toggle=browserjs&uid=MTc0NDAwMDgwMy4wNDM5Ojk1MDQxNjhjNzk1OGYyZjgzNDI5ZGNhMDMyM2FiNTgyYWIxNzM1NjA3Zjc5MTI0ODNkM2Y0ZThmNDczZGY0YWY6NjdmMzU3MjMwYWI1OA%3D%3D | 76.223.26.96 | 200 OK | 0 B |
URL GET ww12.przvgke.biz/munin/a/tr/browserjs?domain=przvgke.biz&toggle=browserjs&uid=MTc0NDAwMDgwMy4wNDM5Ojk1MDQxNjhjNzk1OGYyZjgzNDI5ZGNhMDMyM2FiNTgyYWIxNzM1NjA3Zjc5MTI0ODNkM2Y0ZThmNDczZGY0YWY6NjdmMzU3MjMwYWI1OA%3D%3D IP76.223.26.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerLet's Encrypt Subjectww12.przvgke.biz Fingerprint12:68:BD:A0:C8:70:57:20:B3:AD:B8:C9:84:A2:1B:44:B2:90:BF:A5 ValidityWed, 19 Feb 2025 16:02:47 GMT - Tue, 20 May 2025 16:02:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /munin/a/tr/browserjs?domain=przvgke.biz&toggle=browserjs&uid=MTc0NDAwMDgwMy4wNDM5Ojk1MDQxNjhjNzk1OGYyZjgzNDI5ZGNhMDMyM2FiNTgyYWIxNzM1NjA3Zjc5MTI0ODNkM2Y0ZThmNDczZGY0YWY6NjdmMzU3MjMwYWI1OA%3D%3D HTTP/1.1
Host: ww12.przvgke.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-origin: *
alt-svc: h3=":50944"; ma=2592000
content-type: text/html; charset=UTF-8
date: Mon, 07 Apr 2025 04:40:03 GMT
server: Caddy, nginx
x-custom-track: browserjs
content-length: 0
X-Firefox-Spdy: h2
|
|
| d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png | 54.230.245.138 | 200 OK | 11 kB |
URL GET d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png IP54.230.245.138:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerAmazon Subject*.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
File typePNG image data, 1500 x 600, 8-bit colormap, non-interlaced Hash0cb2e5165dc9324eb462199f04e1ffa9 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 11375
server: nginx
date: Sun, 06 Apr 2025 11:05:06 GMT
accept-ranges: bytes
last-modified: Thu, 21 Mar 2024 11:48:11 GMT
etag: "czzekhpxmtxd8rz"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O2j2B1Fc_lgn1skDDbHZNhJ4u-pe_Gmy5wPP3sQgmDzoRMk7D5FS7A==
age: 63297
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.przvgke.biz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.DliAHeQmbtpdLy5DJ2Wi_KMXHjn4_MXxe5bheFkkb--18wQhlCt1uw.4Oa5grzohAGbpda9TVujkQ.YXjIe9Ttnzb9C4ZR4J_C94hcHHSCYq8RWXnRTfYFa4ptUHn3Cxv-1B2VwmPbEcXwInJ5Jmo0s1_DWV3kpGJRulUlTvOkXGj_-BJnfKeiCgRpgefEF8BInz7bE4bZV4fn_jP77LEcYTfo2swREK6KuW9B1g-6NxjLMnVw-tNHlWcUDDkomyS9XjOoLJLBiMmVl6NJJRMXQ2l8nwopLfwOsQYpMF8gNb6kqGZ4-nfxtiw-fCTUoLUbYjjYpGcP63qhGeN86v-7y_7i0Rkn1xh_O-odSuaI5eJbbP4yu9U9UYKNYYUPaVlLztxyy0X8soSpiqMa44Ux9mQsiZvQCU2rT8J6gE7kevBdlbIemyqX0CMDWtCSNdRL6cHvFK8ZhcJhLpxbTPcfDJErUPC8RATLyAd1zuKLg62cWu2Xh2shzBZlvNrC6vAOM_61qMG2lHOx1eLLQvBrXa00gwAgnnL5LHooArtyJ5ILo1nSfpsL8XfiNtNnlJ5SeEOQfeDmk6WaBkNqMor_ZwiE5SVItcwl2BlsrZhwpFoOmTGrJq5PcGF_y33NJhor66PqvIYTq-XfGh28WUYzVtTtyTPwsFn33WMSZ16LgocimNTNj6b4cf5Rg4NGIBiE7om0AY1xp0wiSVdaBUpsQL9z5UtJd_SdGQ.zzPhFcnyQ2GQURgJB0FVpQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=9361744000804272&num=0&output=afd_ads&domain_name=ww12.przvgke.biz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744000804274&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww12.przvgke.biz%2Fnrmuekqisroucom%3Fusid%3D26%26utid%3D11597241499 | 142.250.178.78 | 200 OK | 16 kB |
URL GET syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.przvgke.biz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.DliAHeQmbtpdLy5DJ2Wi_KMXHjn4_MXxe5bheFkkb--18wQhlCt1uw.4Oa5grzohAGbpda9TVujkQ.YXjIe9Ttnzb9C4ZR4J_C94hcHHSCYq8RWXnRTfYFa4ptUHn3Cxv-1B2VwmPbEcXwInJ5Jmo0s1_DWV3kpGJRulUlTvOkXGj_-BJnfKeiCgRpgefEF8BInz7bE4bZV4fn_jP77LEcYTfo2swREK6KuW9B1g-6NxjLMnVw-tNHlWcUDDkomyS9XjOoLJLBiMmVl6NJJRMXQ2l8nwopLfwOsQYpMF8gNb6kqGZ4-nfxtiw-fCTUoLUbYjjYpGcP63qhGeN86v-7y_7i0Rkn1xh_O-odSuaI5eJbbP4yu9U9UYKNYYUPaVlLztxyy0X8soSpiqMa44Ux9mQsiZvQCU2rT8J6gE7kevBdlbIemyqX0CMDWtCSNdRL6cHvFK8ZhcJhLpxbTPcfDJErUPC8RATLyAd1zuKLg62cWu2Xh2shzBZlvNrC6vAOM_61qMG2lHOx1eLLQvBrXa00gwAgnnL5LHooArtyJ5ILo1nSfpsL8XfiNtNnlJ5SeEOQfeDmk6WaBkNqMor_ZwiE5SVItcwl2BlsrZhwpFoOmTGrJq5PcGF_y33NJhor66PqvIYTq-XfGh28WUYzVtTtyTPwsFn33WMSZ16LgocimNTNj6b4cf5Rg4NGIBiE7om0AY1xp0wiSVdaBUpsQL9z5UtJd_SdGQ.zzPhFcnyQ2GQURgJB0FVpQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=9361744000804272&num=0&output=afd_ads&domain_name=ww12.przvgke.biz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744000804274&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww12.przvgke.biz%2Fnrmuekqisroucom%3Fusid%3D26%26utid%3D11597241499 IP142.250.178.78:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41 ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (15435) Hash6b33f20c7d89817cb1ce6cd1fb03c8a6 2f9297cd8506c3b8f2430da936e10212a2a28cee e917c444b9e4a1191fe1453d92b63fb893310930fdec6fd749393052f2bb8059
GET /afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.przvgke.biz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.DliAHeQmbtpdLy5DJ2Wi_KMXHjn4_MXxe5bheFkkb--18wQhlCt1uw.4Oa5grzohAGbpda9TVujkQ.YXjIe9Ttnzb9C4ZR4J_C94hcHHSCYq8RWXnRTfYFa4ptUHn3Cxv-1B2VwmPbEcXwInJ5Jmo0s1_DWV3kpGJRulUlTvOkXGj_-BJnfKeiCgRpgefEF8BInz7bE4bZV4fn_jP77LEcYTfo2swREK6KuW9B1g-6NxjLMnVw-tNHlWcUDDkomyS9XjOoLJLBiMmVl6NJJRMXQ2l8nwopLfwOsQYpMF8gNb6kqGZ4-nfxtiw-fCTUoLUbYjjYpGcP63qhGeN86v-7y_7i0Rkn1xh_O-odSuaI5eJbbP4yu9U9UYKNYYUPaVlLztxyy0X8soSpiqMa44Ux9mQsiZvQCU2rT8J6gE7kevBdlbIemyqX0CMDWtCSNdRL6cHvFK8ZhcJhLpxbTPcfDJErUPC8RATLyAd1zuKLg62cWu2Xh2shzBZlvNrC6vAOM_61qMG2lHOx1eLLQvBrXa00gwAgnnL5LHooArtyJ5ILo1nSfpsL8XfiNtNnlJ5SeEOQfeDmk6WaBkNqMor_ZwiE5SVItcwl2BlsrZhwpFoOmTGrJq5PcGF_y33NJhor66PqvIYTq-XfGh28WUYzVtTtyTPwsFn33WMSZ16LgocimNTNj6b4cf5Rg4NGIBiE7om0AY1xp0wiSVdaBUpsQL9z5UtJd_SdGQ.zzPhFcnyQ2GQURgJB0FVpQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=9361744000804272&num=0&output=afd_ads&domain_name=ww12.przvgke.biz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744000804274&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww12.przvgke.biz%2Fnrmuekqisroucom%3Fusid%3D26%26utid%3D11597241499 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Mon, 07 Apr 2025 04:40:04 GMT
expires: Mon, 07 Apr 2025 04:40:04 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ZpqSEvoq6ShVF9Uc87HRKQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 3532
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| obseu.seaskydvd.com/ct?id=80705&url=https%3A%2F%2Fww12.przvgke.biz%2Fnrmuekqisroucom%3Fusid%3D26%26utid%3D11597241499&sf=0&tpi=&ch=AdsDeli%20-%20domain%20-%20landingpage&uvid=3a1abbeddbf9214a899418440431303bc5092da1&tsf=0&tsfmi=&tsfu=&cb=1744000804524&hl=2&op=0&ag=2881387774&rand=146111702700291779791661122162612997089805222570870081795111788280712122500506329288159&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDY5NDZdLFsiYWJuY2giLDIzXSxbLTIzLCIrIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTQ2LCIwIl0sWy00OCwiW1wiLVwiLFwiLVwiLFwiLVwiXSJdLFstNTcsIlMzbFJUVTFKU2dNV0ZseE1WbHNYU2x4WVNsSkFYVTlkRjFwV1ZCWktRVWtXVUJZTEN3MWZBUXdLQ1F0WVdBdGJEMXhhQ2dsWVdGb0FXQUVNWFZnTFdsdGZBQmRUU2dNSUF3OExDQXNORlE0SUFCWk5GMXhCU1ZaTFRVb1dCWGxSVFUxSlNnTVdGbHhNVmxzWFNseFlTbEpBWFU5ZEYxcFdWQlpLUVVrV1VCWUxDdzFmQVF3S0NRdFlXQXRiRDF4YUNnbFlXRm9BV0FFTVhWZ0xXbHRmQUJkVFNnTUlBdzhMQ2dzSkZVcGNUVzFRVkZ4V1RFMFpVVmhYWFZWY1N4TU9DQUFXVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaY1RGWmJGMHBjV0VwU1FGMVBYUmRhVmxRV1NrRkpGbEFXQ3dzTlh3RU1DZ2tMV0ZnTFd3OWNXZz09Il0sWy02MiwiNTgiXSxbLTE0LCItIl0sWy0yMCwiLSJdLFstMzMsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJ1c2lkXCIsXCJ1dGlkXCIsXCJwYXRoXCIsXCJnZXRHUFVWZW5kb3JcIixcInRjYmxvY2tcIixcInNlYXJjaGJveEJsb2NrXCIsXCJnZXRYTUxodHRwXCIsXCJhamF4UXVlcnlcIixcImFqYXhCYWNrZmlsbFwiLFwibG9hZEZlZWRcIixcInhtbEh0dHBcIixcImxzXCIsXCJnZXRMb2FkRmVlZEFyZ3VtZW50c1wiLFwiX19jdGNnX2N0XzgwNzA1X2V4ZWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00MSwiLSJdLFstOSwiLSJdLFstNTEsIi0iXSxbLTcxLCJhMDEwMDEwMTEwMDEwMDEwMTAwMDEwMTAwMTEwMTEwMDAwMDAxMCJdLFstMTMsIi0iXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcIm1lc2FcIixcInJcIjpcImxsdm1waXBlXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjBcIixcImd2ZW5cIjpcIm1vemlsbGFcIixcImJlblwiOjE4NixcIndnbFwiOjEsXCJncmVuXCI6XCJsbHZtcGlwZVwiLFwic2VmXCI6NDk0MTk1MDQzLFwic2VjXCI6XCJcIn0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjQsbnVsbF0iXSxbLTMyLCIwIl0sWy0zNCwiLSJdLFstNTgsIi0iXSxbLTU5LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjYsIi0iXSxbLTMxLCJmYWxzZSJdLFstNDksIi0iXSxbLTUzLCIwMDEiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNjYsIi0iXSxbLTcyLCJFeFU9Il0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy01LCItIl0sWy01MCwiLSJdLFstNTQsIntcImhcIjpbXCIzMjk5NzI4NDUyXCIsXCI4MjI4MjMxMTlcIixcIl8zXCIsXCIyNjM5MjIyNDY4XCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIyNjQ2MDM4ODJcIl0sXCJzXCI6MX0iXSxbLTY3LCItIl0sWy0yMSwiLSJdLFstMjQsIltdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMjgsMCw4LDAsNjAsMjMzLDYwLC0xLDAsLDEwNjksMTYwMCwxNTk5Il0sWy00MCwiMzciXSxbLTgsIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTYxLCItIl0sWy00LCItIl0sWy0xMCwiLSJdLFstNTUsIjAiXSxbLTE2LCIwIl0sWy0xNywiNDgiXSxbLTcsIi0iXSxbLTYzLCItIl0sWyJibmNoIiw0OTldLFstMTIsIlwiMVwiIl0sWy0yNSwiLSJdLFstMjcsIi0iXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiOSxJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02NCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTUsIi0iXSxbLTM1LCJbMTc0NDAwMDgwNDMyNiwwXSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwMCJdLFstNDUsIjc1MiwwLDAsNzE5LDAsMCw3NjEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTY1LCItIl0sWy02OCwiLSJdLFstNzAsIi0iXSxbLTQ0LCIwLDUsMCw1Il0sWy01MiwiLSJdLFstNjAsIi0iXSxbLTY5LCJMaW51eCB4ODZfNjR8fHw0OHwtfC0iXSxbImRkYiIsIjAsOSwwLDAsMSw0LDAsMCwwLDEsMSwwLDAsMCwwLDAsMSwwLDExLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDksMCwwLDAsMiwwLDAsMCwwLDAsMSwxLDUsNDgsMCwxLDEsMSwwLDAsMCwwLDEsMCwwLDEsMTUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDcsMSwwLDE5MywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMSwyLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAiXV0%3D&dep=0&pre=0&sdd=&cri=eCnTmLifO1&pto=1828&ver=65&gac=-&mei=&ap=&fe=1&duid=1.1744000804.AXHYwk5Ea58a3UWM&suid=1.1744000804.1KOCZr8EH6FcO4Uk&tuid=1.1744000804.JMru717IuNkA4d12&fbc=->m=-&it=10%2C566%2C80&fbcl=-&gacl=-&gacsd=-&rtic=-&rtict=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D | 3.248.162.96 | 200 OK | 3.5 kB |
URL GET obseu.seaskydvd.com/ct?id=80705&url=https%3A%2F%2Fww12.przvgke.biz%2Fnrmuekqisroucom%3Fusid%3D26%26utid%3D11597241499&sf=0&tpi=&ch=AdsDeli%20-%20domain%20-%20landingpage&uvid=3a1abbeddbf9214a899418440431303bc5092da1&tsf=0&tsfmi=&tsfu=&cb=1744000804524&hl=2&op=0&ag=2881387774&rand=146111702700291779791661122162612997089805222570870081795111788280712122500506329288159&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDY5NDZdLFsiYWJuY2giLDIzXSxbLTIzLCIrIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTQ2LCIwIl0sWy00OCwiW1wiLVwiLFwiLVwiLFwiLVwiXSJdLFstNTcsIlMzbFJUVTFKU2dNV0ZseE1WbHNYU2x4WVNsSkFYVTlkRjFwV1ZCWktRVWtXVUJZTEN3MWZBUXdLQ1F0WVdBdGJEMXhhQ2dsWVdGb0FXQUVNWFZnTFdsdGZBQmRUU2dNSUF3OExDQXNORlE0SUFCWk5GMXhCU1ZaTFRVb1dCWGxSVFUxSlNnTVdGbHhNVmxzWFNseFlTbEpBWFU5ZEYxcFdWQlpLUVVrV1VCWUxDdzFmQVF3S0NRdFlXQXRiRDF4YUNnbFlXRm9BV0FFTVhWZ0xXbHRmQUJkVFNnTUlBdzhMQ2dzSkZVcGNUVzFRVkZ4V1RFMFpVVmhYWFZWY1N4TU9DQUFXVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaY1RGWmJGMHBjV0VwU1FGMVBYUmRhVmxRV1NrRkpGbEFXQ3dzTlh3RU1DZ2tMV0ZnTFd3OWNXZz09Il0sWy02MiwiNTgiXSxbLTE0LCItIl0sWy0yMCwiLSJdLFstMzMsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJ1c2lkXCIsXCJ1dGlkXCIsXCJwYXRoXCIsXCJnZXRHUFVWZW5kb3JcIixcInRjYmxvY2tcIixcInNlYXJjaGJveEJsb2NrXCIsXCJnZXRYTUxodHRwXCIsXCJhamF4UXVlcnlcIixcImFqYXhCYWNrZmlsbFwiLFwibG9hZEZlZWRcIixcInhtbEh0dHBcIixcImxzXCIsXCJnZXRMb2FkRmVlZEFyZ3VtZW50c1wiLFwiX19jdGNnX2N0XzgwNzA1X2V4ZWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00MSwiLSJdLFstOSwiLSJdLFstNTEsIi0iXSxbLTcxLCJhMDEwMDEwMTEwMDEwMDEwMTAwMDEwMTAwMTEwMTEwMDAwMDAxMCJdLFstMTMsIi0iXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcIm1lc2FcIixcInJcIjpcImxsdm1waXBlXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjBcIixcImd2ZW5cIjpcIm1vemlsbGFcIixcImJlblwiOjE4NixcIndnbFwiOjEsXCJncmVuXCI6XCJsbHZtcGlwZVwiLFwic2VmXCI6NDk0MTk1MDQzLFwic2VjXCI6XCJcIn0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjQsbnVsbF0iXSxbLTMyLCIwIl0sWy0zNCwiLSJdLFstNTgsIi0iXSxbLTU5LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjYsIi0iXSxbLTMxLCJmYWxzZSJdLFstNDksIi0iXSxbLTUzLCIwMDEiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNjYsIi0iXSxbLTcyLCJFeFU9Il0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy01LCItIl0sWy01MCwiLSJdLFstNTQsIntcImhcIjpbXCIzMjk5NzI4NDUyXCIsXCI4MjI4MjMxMTlcIixcIl8zXCIsXCIyNjM5MjIyNDY4XCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIyNjQ2MDM4ODJcIl0sXCJzXCI6MX0iXSxbLTY3LCItIl0sWy0yMSwiLSJdLFstMjQsIltdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMjgsMCw4LDAsNjAsMjMzLDYwLC0xLDAsLDEwNjksMTYwMCwxNTk5Il0sWy00MCwiMzciXSxbLTgsIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTYxLCItIl0sWy00LCItIl0sWy0xMCwiLSJdLFstNTUsIjAiXSxbLTE2LCIwIl0sWy0xNywiNDgiXSxbLTcsIi0iXSxbLTYzLCItIl0sWyJibmNoIiw0OTldLFstMTIsIlwiMVwiIl0sWy0yNSwiLSJdLFstMjcsIi0iXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiOSxJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02NCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTUsIi0iXSxbLTM1LCJbMTc0NDAwMDgwNDMyNiwwXSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwMCJdLFstNDUsIjc1MiwwLDAsNzE5LDAsMCw3NjEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTY1LCItIl0sWy02OCwiLSJdLFstNzAsIi0iXSxbLTQ0LCIwLDUsMCw1Il0sWy01MiwiLSJdLFstNjAsIi0iXSxbLTY5LCJMaW51eCB4ODZfNjR8fHw0OHwtfC0iXSxbImRkYiIsIjAsOSwwLDAsMSw0LDAsMCwwLDEsMSwwLDAsMCwwLDAsMSwwLDExLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDksMCwwLDAsMiwwLDAsMCwwLDAsMSwxLDUsNDgsMCwxLDEsMSwwLDAsMCwwLDEsMCwwLDEsMTUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDcsMSwwLDE5MywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMSwyLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAiXV0%3D&dep=0&pre=0&sdd=&cri=eCnTmLifO1&pto=1828&ver=65&gac=-&mei=&ap=&fe=1&duid=1.1744000804.AXHYwk5Ea58a3UWM&suid=1.1744000804.1KOCZr8EH6FcO4Uk&tuid=1.1744000804.JMru717IuNkA4d12&fbc=->m=-&it=10%2C566%2C80&fbcl=-&gacl=-&gacsd=-&rtic=-&rtict=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D IP3.248.162.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerZeroSSL Subject*.seaskydvd.com Fingerprint83:E6:81:53:64:C2:1C:D9:61:DD:3E:40:EB:D3:E1:18:43:D9:D0:62 ValidityMon, 31 Mar 2025 00:00:00 GMT - Sun, 29 Jun 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3529), with no line terminators Hash7b804c8b912087f02b924d998fe462ec 75a491cb99e2d162e02c295ff80a8b84da5be0a2 a75b06bd06d3f3db37251d98206a9fd10694b30860e7f71b2dad768596c55cbe
GET /ct?id=80705&url=https%3A%2F%2Fww12.przvgke.biz%2Fnrmuekqisroucom%3Fusid%3D26%26utid%3D11597241499&sf=0&tpi=&ch=AdsDeli%20-%20domain%20-%20landingpage&uvid=3a1abbeddbf9214a899418440431303bc5092da1&tsf=0&tsfmi=&tsfu=&cb=1744000804524&hl=2&op=0&ag=2881387774&rand=146111702700291779791661122162612997089805222570870081795111788280712122500506329288159&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDY5NDZdLFsiYWJuY2giLDIzXSxbLTIzLCIrIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTQ2LCIwIl0sWy00OCwiW1wiLVwiLFwiLVwiLFwiLVwiXSJdLFstNTcsIlMzbFJUVTFKU2dNV0ZseE1WbHNYU2x4WVNsSkFYVTlkRjFwV1ZCWktRVWtXVUJZTEN3MWZBUXdLQ1F0WVdBdGJEMXhhQ2dsWVdGb0FXQUVNWFZnTFdsdGZBQmRUU2dNSUF3OExDQXNORlE0SUFCWk5GMXhCU1ZaTFRVb1dCWGxSVFUxSlNnTVdGbHhNVmxzWFNseFlTbEpBWFU5ZEYxcFdWQlpLUVVrV1VCWUxDdzFmQVF3S0NRdFlXQXRiRDF4YUNnbFlXRm9BV0FFTVhWZ0xXbHRmQUJkVFNnTUlBdzhMQ2dzSkZVcGNUVzFRVkZ4V1RFMFpVVmhYWFZWY1N4TU9DQUFXVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaY1RGWmJGMHBjV0VwU1FGMVBYUmRhVmxRV1NrRkpGbEFXQ3dzTlh3RU1DZ2tMV0ZnTFd3OWNXZz09Il0sWy02MiwiNTgiXSxbLTE0LCItIl0sWy0yMCwiLSJdLFstMzMsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJ1c2lkXCIsXCJ1dGlkXCIsXCJwYXRoXCIsXCJnZXRHUFVWZW5kb3JcIixcInRjYmxvY2tcIixcInNlYXJjaGJveEJsb2NrXCIsXCJnZXRYTUxodHRwXCIsXCJhamF4UXVlcnlcIixcImFqYXhCYWNrZmlsbFwiLFwibG9hZEZlZWRcIixcInhtbEh0dHBcIixcImxzXCIsXCJnZXRMb2FkRmVlZEFyZ3VtZW50c1wiLFwiX19jdGNnX2N0XzgwNzA1X2V4ZWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00MSwiLSJdLFstOSwiLSJdLFstNTEsIi0iXSxbLTcxLCJhMDEwMDEwMTEwMDEwMDEwMTAwMDEwMTAwMTEwMTEwMDAwMDAxMCJdLFstMTMsIi0iXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcIm1lc2FcIixcInJcIjpcImxsdm1waXBlXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjBcIixcImd2ZW5cIjpcIm1vemlsbGFcIixcImJlblwiOjE4NixcIndnbFwiOjEsXCJncmVuXCI6XCJsbHZtcGlwZVwiLFwic2VmXCI6NDk0MTk1MDQzLFwic2VjXCI6XCJcIn0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjQsbnVsbF0iXSxbLTMyLCIwIl0sWy0zNCwiLSJdLFstNTgsIi0iXSxbLTU5LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjYsIi0iXSxbLTMxLCJmYWxzZSJdLFstNDksIi0iXSxbLTUzLCIwMDEiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNjYsIi0iXSxbLTcyLCJFeFU9Il0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy01LCItIl0sWy01MCwiLSJdLFstNTQsIntcImhcIjpbXCIzMjk5NzI4NDUyXCIsXCI4MjI4MjMxMTlcIixcIl8zXCIsXCIyNjM5MjIyNDY4XCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIyNjQ2MDM4ODJcIl0sXCJzXCI6MX0iXSxbLTY3LCItIl0sWy0yMSwiLSJdLFstMjQsIltdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMjgsMCw4LDAsNjAsMjMzLDYwLC0xLDAsLDEwNjksMTYwMCwxNTk5Il0sWy00MCwiMzciXSxbLTgsIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTYxLCItIl0sWy00LCItIl0sWy0xMCwiLSJdLFstNTUsIjAiXSxbLTE2LCIwIl0sWy0xNywiNDgiXSxbLTcsIi0iXSxbLTYzLCItIl0sWyJibmNoIiw0OTldLFstMTIsIlwiMVwiIl0sWy0yNSwiLSJdLFstMjcsIi0iXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiOSxJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02NCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTUsIi0iXSxbLTM1LCJbMTc0NDAwMDgwNDMyNiwwXSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwMCJdLFstNDUsIjc1MiwwLDAsNzE5LDAsMCw3NjEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTY1LCItIl0sWy02OCwiLSJdLFstNzAsIi0iXSxbLTQ0LCIwLDUsMCw1Il0sWy01MiwiLSJdLFstNjAsIi0iXSxbLTY5LCJMaW51eCB4ODZfNjR8fHw0OHwtfC0iXSxbImRkYiIsIjAsOSwwLDAsMSw0LDAsMCwwLDEsMSwwLDAsMCwwLDAsMSwwLDExLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDksMCwwLDAsMiwwLDAsMCwwLDAsMSwxLDUsNDgsMCwxLDEsMSwwLDAsMCwwLDEsMCwwLDEsMTUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDcsMSwwLDE5MywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMSwyLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAiXV0%3D&dep=0&pre=0&sdd=&cri=eCnTmLifO1&pto=1828&ver=65&gac=-&mei=&ap=&fe=1&duid=1.1744000804.AXHYwk5Ea58a3UWM&suid=1.1744000804.1KOCZr8EH6FcO4Uk&tuid=1.1744000804.JMru717IuNkA4d12&fbc=->m=-&it=10%2C566%2C80&fbcl=-&gacl=-&gacsd=-&rtic=-&rtict=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D HTTP/1.1
Host: obseu.seaskydvd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Mon, 07 Apr 2025 04:40:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=0b065b96407fa40d013a679a1b6cecb1; Max-Age=29030400; Path=/; Expires=Mon, 09 Mar 2026 04:40:04 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: https://ww12.przvgke.biz
content-length: 1202
X-Firefox-Spdy: h2
|
|
| ww12.przvgke.biz/munin/a/tr/answercheck/yes?domain=przvgke.biz&caf=1&toggle=answercheck&answer=yes&uid=MTc0NDAwMDgwMy4wNDM5Ojk1MDQxNjhjNzk1OGYyZjgzNDI5ZGNhMDMyM2FiNTgyYWIxNzM1NjA3Zjc5MTI0ODNkM2Y0ZThmNDczZGY0YWY6NjdmMzU3MjMwYWI1OA%3D%3D | 76.223.26.96 | 200 OK | 0 B |
URL GET ww12.przvgke.biz/munin/a/tr/answercheck/yes?domain=przvgke.biz&caf=1&toggle=answercheck&answer=yes&uid=MTc0NDAwMDgwMy4wNDM5Ojk1MDQxNjhjNzk1OGYyZjgzNDI5ZGNhMDMyM2FiNTgyYWIxNzM1NjA3Zjc5MTI0ODNkM2Y0ZThmNDczZGY0YWY6NjdmMzU3MjMwYWI1OA%3D%3D IP76.223.26.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerLet's Encrypt Subjectww12.przvgke.biz Fingerprint12:68:BD:A0:C8:70:57:20:B3:AD:B8:C9:84:A2:1B:44:B2:90:BF:A5 ValidityWed, 19 Feb 2025 16:02:47 GMT - Tue, 20 May 2025 16:02:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /munin/a/tr/answercheck/yes?domain=przvgke.biz&caf=1&toggle=answercheck&answer=yes&uid=MTc0NDAwMDgwMy4wNDM5Ojk1MDQxNjhjNzk1OGYyZjgzNDI5ZGNhMDMyM2FiNTgyYWIxNzM1NjA3Zjc5MTI0ODNkM2Y0ZThmNDczZGY0YWY6NjdmMzU3MjMwYWI1OA%3D%3D HTTP/1.1
Host: ww12.przvgke.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499
Cookie: _cq_duid=1.1744000804.AXHYwk5Ea58a3UWM; _cq_suid=1.1744000804.1KOCZr8EH6FcO4Uk; __gsas=ID=71a663e9abe7cb88:T=1744000804:RT=1744000804:S=ALNI_MavgG2CHE5pxVcVkPhY6Bb5wOoQKg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-origin: *
alt-svc: h3=":50944"; ma=2592000
content-type: text/html; charset=UTF-8
date: Mon, 07 Apr 2025 04:40:04 GMT
server: Caddy, nginx
x-custom-track: answercheck
content-length: 0
X-Firefox-Spdy: h2
|
|
| afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff | 142.250.178.97 | 200 OK | 391 B |
URL GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff IP142.250.178.97:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.przvgke.biz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.DliAHeQmbtpdLy5DJ2Wi_KMXHjn4_MXxe5bheFkkb--18wQhlCt1uw.4Oa5grzohAGbpda9TVujkQ.YXjIe9Ttnzb9C4ZR4J_C94hcHHSCYq8RWXnRTfYFa4ptUHn3Cxv-1B2VwmPbEcXwInJ5Jmo0s1_DWV3kpGJRulUlTvOkXGj_-BJnfKeiCgRpgefEF8BInz7bE4bZV4fn_jP77LEcYTfo2swREK6KuW9B1g-6NxjLMnVw-tNHlWcUDDkomyS9XjOoLJLBiMmVl6NJJRMXQ2l8nwopLfwOsQYpMF8gNb6kqGZ4-nfxtiw-fCTUoLUbYjjYpGcP63qhGeN86v-7y_7i0Rkn1xh_O-odSuaI5eJbbP4yu9U9UYKNYYUPaVlLztxyy0X8soSpiqMa44Ux9mQsiZvQCU2rT8J6gE7kevBdlbIemyqX0CMDWtCSNdRL6cHvFK8ZhcJhLpxbTPcfDJErUPC8RATLyAd1zuKLg62cWu2Xh2shzBZlvNrC6vAOM_61qMG2lHOx1eLLQvBrXa00gwAgnnL5LHooArtyJ5ILo1nSfpsL8XfiNtNnlJ5SeEOQfeDmk6WaBkNqMor_ZwiE5SVItcwl2BlsrZhwpFoOmTGrJq5PcGF_y33NJhor66PqvIYTq-XfGh28WUYzVtTtyTPwsFn33WMSZ16LgocimNTNj6b4cf5Rg4NGIBiE7om0AY1xp0wiSVdaBUpsQL9z5UtJd_SdGQ.zzPhFcnyQ2GQURgJB0FVpQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=9361744000804272&num=0&output=afd_ads&domain_name=ww12.przvgke.biz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744000804274&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww12.przvgke.biz%2Fnrmuekqisroucom%3Fusid%3D26%26utid%3D11597241499 CertificateIssuerGoogle Trust Services Subject*.googleusercontent.com Fingerprint85:BF:6A:5F:09:9C:AA:F5:8D:3B:2E:65:D1:16:4F:7F:03:2D:A8:DD ValidityThu, 20 Mar 2025 11:19:41 GMT - Thu, 12 Jun 2025 11:19:40 GMT
File typeSVG Scalable Vector Graphics image Hash8959ddcd9712196961d93f58064ed655 62ab1e38e7e9fbf58a04381b76c2d96a9c829f24 17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Apr 2025 09:35:52 GMT
expires: Mon, 07 Apr 2025 08:35:52 GMT
cache-control: public, max-age=82800
age: 68653
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| parking3.parklogic.com/page/scribe.php?pcId=12&domain=przvgke.biz&pId=2447&usid=26&utid=11597241499&query=null&domainJs=ww12.przvgke.biz&path=/nrmuekqisroucom&ss=true&lp=1&tzB=UTC&wd=false&gpu=null | 172.232.7.47 | 200 OK | 0 B |
URL GET parking3.parklogic.com/page/scribe.php?pcId=12&domain=przvgke.biz&pId=2447&usid=26&utid=11597241499&query=null&domainJs=ww12.przvgke.biz&path=/nrmuekqisroucom&ss=true&lp=1&tzB=UTC&wd=false&gpu=null IP172.232.7.47:443 ASN#63949 Akamai Connected Cloud
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerLet's Encrypt Subjectenhance-lb01.parklogic.com FingerprintA9:52:EB:46:72:F6:AB:43:E9:BC:07:14:2E:C8:58:DD:ED:1B:9A:51 ValidityMon, 31 Mar 2025 01:04:57 GMT - Sun, 29 Jun 2025 01:04:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /page/scribe.php?pcId=12&domain=przvgke.biz&pId=2447&usid=26&utid=11597241499&query=null&domainJs=ww12.przvgke.biz&path=/nrmuekqisroucom&ss=true&lp=1&tzB=UTC&wd=false&gpu=null HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww12.przvgke.biz/
Origin: https://ww12.przvgke.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 07 Apr 2025 04:40:03 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/adsense/domains/caf.js | 142.250.178.78 | 200 OK | 144 kB |
URL GET syndicatedsearch.goog/adsense/domains/caf.js IP142.250.178.78:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket003%2Cbucket077&client=dp-teaminternet04_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fww12.przvgke.biz%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.DliAHeQmbtpdLy5DJ2Wi_KMXHjn4_MXxe5bheFkkb--18wQhlCt1uw.4Oa5grzohAGbpda9TVujkQ.YXjIe9Ttnzb9C4ZR4J_C94hcHHSCYq8RWXnRTfYFa4ptUHn3Cxv-1B2VwmPbEcXwInJ5Jmo0s1_DWV3kpGJRulUlTvOkXGj_-BJnfKeiCgRpgefEF8BInz7bE4bZV4fn_jP77LEcYTfo2swREK6KuW9B1g-6NxjLMnVw-tNHlWcUDDkomyS9XjOoLJLBiMmVl6NJJRMXQ2l8nwopLfwOsQYpMF8gNb6kqGZ4-nfxtiw-fCTUoLUbYjjYpGcP63qhGeN86v-7y_7i0Rkn1xh_O-odSuaI5eJbbP4yu9U9UYKNYYUPaVlLztxyy0X8soSpiqMa44Ux9mQsiZvQCU2rT8J6gE7kevBdlbIemyqX0CMDWtCSNdRL6cHvFK8ZhcJhLpxbTPcfDJErUPC8RATLyAd1zuKLg62cWu2Xh2shzBZlvNrC6vAOM_61qMG2lHOx1eLLQvBrXa00gwAgnnL5LHooArtyJ5ILo1nSfpsL8XfiNtNnlJ5SeEOQfeDmk6WaBkNqMor_ZwiE5SVItcwl2BlsrZhwpFoOmTGrJq5PcGF_y33NJhor66PqvIYTq-XfGh28WUYzVtTtyTPwsFn33WMSZ16LgocimNTNj6b4cf5Rg4NGIBiE7om0AY1xp0wiSVdaBUpsQL9z5UtJd_SdGQ.zzPhFcnyQ2GQURgJB0FVpQ&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2758074928654248&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=9361744000804272&num=0&output=afd_ads&domain_name=ww12.przvgke.biz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744000804274&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=740324255&rurl=https%3A%2F%2Fww12.przvgke.biz%2Fnrmuekqisroucom%3Fusid%3D26%26utid%3D11597241499 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41 ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT
File typeJavaScript source, ASCII text, with very long lines (1831) Size144 kB (144080 bytes) Hashaf13b01438d830fa1c449c18bed4b1fc 557709fbe21fe7b01d46ba1ee46f1582cfa68e13 7fdc65732aa9d04e8cd381759e4d2972d184fd3b8471a2e25a537f2667acff14
GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Mon, 07 Apr 2025 04:40:04 GMT
expires: Mon, 07 Apr 2025 04:40:04 GMT
cache-control: private, max-age=3600
etag: "2536937284499350584"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| obseu.seaskydvd.com/mon | 3.248.162.96 | 200 OK | 0 B |
IP3.248.162.96:443
Requested byhttps://ww12.przvgke.biz/nrmuekqisroucom?usid=26&utid=11597241499 CertificateIssuerZeroSSL Subject*.seaskydvd.com Fingerprint83:E6:81:53:64:C2:1C:D9:61:DD:3E:40:EB:D3:E1:18:43:D9:D0:62 ValidityMon, 31 Mar 2025 00:00:00 GMT - Sun, 29 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obseu.seaskydvd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1766
Origin: https://ww12.przvgke.biz
DNT: 1
Connection: keep-alive
Referer: https://ww12.przvgke.biz/
Cookie: cg_uuid=0b065b96407fa40d013a679a1b6cecb1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ww12.przvgke.biz
content-type: application/json
date: Mon, 07 Apr 2025 04:40:09 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|