Report - Av4.us

Report Overview

Visited public
2025-05-09 15:23:14
Tags
URL
Av4.us
Finishing URL
ww12.av4.us/?usid=102&utid=80180b945675e719f7db560624d658bd
IP / ASN
172.233.219.49
#63949 Akamai Connected Cloud
Title
av4.us

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
av4.us	unknown	2015-04-24	2015-05-17	2025-04-19	894 B	5.1 kB	172.233.219.78
parking3.parklogic.com	unknown	2007-02-28	2023-05-10	2025-05-08	1.1 kB	2.7 kB	172.232.7.47
yfdpco.com	unknown	2025-03-03	2025-03-18	2025-05-07	759 B	953 B	208.91.196.46
router.parklogic.com	unknown	2007-02-28	2025-03-19	2025-05-03	482 B	212 B	172.234.216.100
ww12.av4.us	unknown	2015-04-24	2025-02-27	2025-04-19	1.0 kB	3.7 kB	76.223.26.96

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	av4.us/	ScriptElement	4.2 kB	2025-05-09	2025-05-09
Pretty URL av4.us/ IP 172.233.219.78 ASN #63949 Akamai Connected Cloud Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-09 15:23 Last Seen2025-05-09 15:23 Times Seen1 Hash c6cc0e3153a452c7008a508922097eeb 39ac9ffc9e72b81be43bc25533303b8bcf7435ec 99e55a35b54e86bdb39b9d818443687ea806fa625d23598fd162ec11d026315c Loading...

	parking3.parklogic.com/page/enhance.js?pcId=12&domain=av4.us	ScriptElement	2.3 kB	2025-05-09	2025-05-09
Pretty URL parking3.parklogic.com/page/enhance.js?pcId=12&domain=av4.us IP 172.232.7.47 ASN #63949 Akamai Connected Cloud Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 15:23 Last Seen2025-05-09 15:23 Times Seen1 Hash fc5530753b9461438708748075c7d878 434cf80c407e0394d38af9ba4a2fda1ca6bd65d8 979925281573412c4709a8da0e27fd5d98b63d896c39b579c8cc2dc400448cc1 Loading...

	ww12.av4.us/?usid=102&utid=80180b945675e719f7db560624d658bd	ScriptElement	164 B	2025-03-03	2025-05-14
Pretty URL ww12.av4.us/?usid=102&utid=80180b945675e719f7db560624d658bd IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-03 19:06 Last Seen2025-05-14 03:19 Times Seen838 Hash a721fadebac58116f06d5f8f84bcfe5a 413588bc107bd1be0cbd14345fb68c9b8ba14b38 912e5797a8e5f63052f4171a842ef7e90701101824c00a4dab15ce20f67605e0 Loading...

HTTP Transactions (8)

	URL	IP	Response	Size
	av4.us/	172.233.219.78	200 OK	4.2 kB
URL User Request GET av4.us/ IP 172.233.219.78:443 ASN #63949 Akamai Connected Cloud Certificate IssuerLet's Encrypt Subjectav4.us Fingerprint1F:36:F2:FA:FE:0D:32:36:9D:67:2A:DF:78:D8:D3:83:DA:46:14:88 ValiditySun, 27 Apr 2025 21:16:48 GMT - Sat, 26 Jul 2025 21:16:47 GMT File type JavaScript source, ASCII text, with very long lines (4247), with no line terminators Size 4.2 kB (4247 bytes) Hash 9ea9f383d6bb8205cdfed4c570c94c3e 4a458f1d917242aa74fb1535c0cb09354a7aa532 c202aa4aa635148926903f899e5eb7b3f31956344f74a546fd7dd78822fbc3c9 HTTP Headers `GET / HTTP/1.1 Host: av4.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 May 2025 15:22:52 GMT content-type: text/html cache-control: no-store, max-age=0 accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 permissions-policy: ch-ua=(self "https://.parklogic.com"), ch-ua-arch=(self "https://.parklogic.com"), ch-ua-bitness=(self "https://.parklogic.com"), ch-ua-full-version=(self "https://.parklogic.com"), ch-ua-full-version-list=(self "https://.parklogic.com"), ch-ua-mobile=(self "https://.parklogic.com"), ch-ua-model=(self "https://.parklogic.com"), ch-ua-platform=(self "https://.parklogic.com"), ch-ua-platform-version=(self "https://.parklogic.com"), ch-ua-wow64=(self "https://.parklogic.com") content-encoding: gzip X-Firefox-Spdy: h2

	parking3.parklogic.com/page/enhance.js?pcId=12&domain=av4.us	172.232.7.47	200 OK	2.3 kB
URL GET parking3.parklogic.com/page/enhance.js?pcId=12&domain=av4.us IP 172.232.7.47:443 ASN #63949 Akamai Connected Cloud Requested by https://ww12.av4.us/?usid=102&utid=80180b945675e719f7db560624d658bd Certificate IssuerLet's Encrypt Subjectenhance-lb01.parklogic.com FingerprintA9:52:EB:46:72:F6:AB:43:E9:BC:07:14:2E:C8:58:DD:ED:1B:9A:51 ValidityMon, 31 Mar 2025 01:04:57 GMT - Sun, 29 Jun 2025 01:04:56 GMT File type JavaScript source, ASCII text, with very long lines (460) Size 2.3 kB (2337 bytes) Hash fc5530753b9461438708748075c7d878 434cf80c407e0394d38af9ba4a2fda1ca6bd65d8 979925281573412c4709a8da0e27fd5d98b63d896c39b579c8cc2dc400448cc1 HTTP Headers `GET /page/enhance.js?pcId=12&domain=av4.us HTTP/1.1 Host: parking3.parklogic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.av4.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 09 May 2025 15:22:55 GMT content-type: text/javascript;charset=UTF-8 access-control-allow-origin: * X-Firefox-Spdy: h2`

	yfdpco.com/sk-park.php?pid=9PO15V947&dn=av4.us&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0&requrl=http%3A%2F%2Fww12.av4.us%2F%3Fusid%3D102%26utid%3D80180b945675e719f7db560624d658bd&al=en-US%2Cen%3Bq%3D0.5	208.91.196.46	403 Forbidden	300 B
URL GET yfdpco.com/sk-park.php?pid=9PO15V947&dn=av4.us&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0&requrl=http%3A%2F%2Fww12.av4.us%2F%3Fusid%3D102%26utid%3D80180b945675e719f7db560624d658bd&al=en-US%2Cen%3Bq%3D0.5 IP 208.91.196.46:443 ASN #40034 CONFLUENCE-NETWORK-INC Requested by https://ww12.av4.us/?usid=102&utid=80180b945675e719f7db560624d658bd Certificate IssuerLet's Encrypt Subjectyfdpco.com Fingerprint1B:A5:AF:00:99:A5:E3:8E:98:84:6D:CE:78:D2:BF:BB:85:9F:7A:99 ValiditySat, 03 May 2025 01:36:28 GMT - Fri, 01 Aug 2025 01:36:27 GMT File type HTML document, ASCII text, with CRLF line terminators Size 300 B (300 bytes) Hash 00a425e445e47487dd83f0fcd7ecba63 55a3c0522a63a5c16d7d3a6f444b61e03ff93dc4 6d49f001e19a4ce469bcd94e2397b9cfba3cad00ef1206a638620a097bd357d3 HTTP Headers GET /sk-park.php?pid=9PO15V947&dn=av4.us&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0&requrl=http%3A%2F%2Fww12.av4.us%2F%3Fusid%3D102%26utid%3D80180b945675e719f7db560624d658bd&al=en-US%2Cen%3Bq%3D0.5 HTTP/1.1 Host: yfdpco.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.av4.us/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 403 Forbidden Date: Fri, 09 May 2025 15:22:49 GMT Server: Apache Referrer-Policy: no-referrer-when-downgrade Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com") Content-Length: 300 Keep-Alive: timeout=5, max=120 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

	parking3.parklogic.com/page/scribe.php?pcId=12&domain=av4.us&aId=261&pId=2447&usid=102&utid=80180b945675e719f7db560624d658bd&query=null&domainJs=ww12.av4.us&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null	172.232.7.47	200 OK	0 B
URL GET parking3.parklogic.com/page/scribe.php?pcId=12&domain=av4.us&aId=261&pId=2447&usid=102&utid=80180b945675e719f7db560624d658bd&query=null&domainJs=ww12.av4.us&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null IP 172.232.7.47:443 ASN #63949 Akamai Connected Cloud Requested by https://ww12.av4.us/?usid=102&utid=80180b945675e719f7db560624d658bd Certificate IssuerLet's Encrypt Subjectenhance-lb01.parklogic.com FingerprintA9:52:EB:46:72:F6:AB:43:E9:BC:07:14:2E:C8:58:DD:ED:1B:9A:51 ValidityMon, 31 Mar 2025 01:04:57 GMT - Sun, 29 Jun 2025 01:04:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /page/scribe.php?pcId=12&domain=av4.us&aId=261&pId=2447&usid=102&utid=80180b945675e719f7db560624d658bd&query=null&domainJs=ww12.av4.us&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null HTTP/1.1 Host: parking3.parklogic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ww12.av4.us/ Origin: https://ww12.av4.us DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Fri, 09 May 2025 15:22:56 GMT content-type: text/html; charset=UTF-8 access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2`

	av4.us/favicon.ico	0.0.0.0		0 B
URL GET av4.us/favicon.ico IP 0.0.0.0:0 ASN #0 Requested by https://av4.us/ Certificate IssuerLet's Encrypt Subjectav4.us Fingerprint1F:36:F2:FA:FE:0D:32:36:9D:67:2A:DF:78:D8:D3:83:DA:46:14:88 ValiditySun, 27 Apr 2025 21:16:48 GMT - Sat, 26 Jul 2025 21:16:47 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: av4.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://av4.us/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache`

	router.parklogic.com/	172.234.216.100	200 OK	66 B
URL POST router.parklogic.com/ IP 172.234.216.100:443 ASN #63949 Akamai Connected Cloud Requested by https://av4.us/ Certificate IssuerLet's Encrypt Subjectrouter-lb01.parklogic.com FingerprintF3:F4:E5:93:6E:2E:88:F7:76:2A:C5:7C:FC:83:E7:EA:5F:A8:33:FA ValidityTue, 29 Apr 2025 10:34:22 GMT - Mon, 28 Jul 2025 10:34:21 GMT File type ASCII text, with no line terminators Size 66 B (66 bytes) Hash ca4bac53900b046be9de14d895e22cb2 6ff6178cfd97a23ee321a0045ddc87a9addcda01 032a9c993c39bfbbdb7e11073a0c64d9d6eefb4b27b53413bf618970c5a38289 HTTP Headers `POST / HTTP/1.1 Host: router.parklogic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 328 Origin: https://av4.us DNT: 1 Connection: keep-alive Referer: https://av4.us/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 09 May 2025 15:22:54 GMT content-type: text/html; charset=UTF-8 access-control-allow-origin: * X-Firefox-Spdy: h2`

	ww12.av4.us/?usid=102&utid=80180b945675e719f7db560624d658bd	76.223.26.96	200 OK	2.6 kB
URL User Request GET ww12.av4.us/?usid=102&utid=80180b945675e719f7db560624d658bd IP 76.223.26.96:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subjectww12.av4.us FingerprintA0:BC:F3:4D:E9:4D:82:D9:D3:0F:2D:C4:25:1B:8F:90:A6:28:6C:17 ValidityTue, 25 Feb 2025 21:26:13 GMT - Mon, 26 May 2025 21:26:12 GMT File type HTML document, ASCII text, with very long lines (326) Size 2.6 kB (2559 bytes) Hash ef561dfabc5e37ff7eb035f440c11d04 df10b9fd0b1689a8ab067e9b8b3dee9519f1667c 6eb044c6d61614bdf7768bd8db9032c007a83b8e5cf8a0cabc9541c7e1022094 HTTP Headers GET /?usid=102&utid=80180b945675e719f7db560624d658bd HTTP/1.1 Host: ww12.av4.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile accept-ch-lifetime: 30 alt-svc: h3=":50944"; ma=2592000 content-encoding: gzip content-type: text/html; charset=UTF-8 date: Fri, 09 May 2025 15:22:55 GMT server: Caddy, nginx vary: Accept-Encoding x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_pMOdnAsADVvcjEw/WG3okYsUw8YJJqirzDMLMWTyjbynyi/zTaSlvmIXuvJpXPwv+9BZWAX8PIgaDO61OCVzIA== x-buckets: bucket003,bucket077 x-domain: av4.us x-language: norwegian x-pcrew-blocked-reason: hosting network x-pcrew-ip-organization: Blix Solutions x-redirect: skenzo x-subdomain: ww12 x-template: tpl_CleanPeppermintBlack_twoclick content-length: 1215 X-Firefox-Spdy: h2

	ww12.av4.us/favicon.ico	76.223.26.96	200 OK	0 B
URL GET ww12.av4.us/favicon.ico IP 76.223.26.96:443 ASN #16509 AMAZON-02 Requested by https://ww12.av4.us/?usid=102&utid=80180b945675e719f7db560624d658bd Certificate IssuerLet's Encrypt Subjectww12.av4.us FingerprintA0:BC:F3:4D:E9:4D:82:D9:D3:0F:2D:C4:25:1B:8F:90:A6:28:6C:17 ValidityTue, 25 Feb 2025 21:26:13 GMT - Mon, 26 May 2025 21:26:12 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: ww12.av4.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww12.av4.us/?usid=102&utid=80180b945675e719f7db560624d658bd Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK accept-ranges: bytes alt-svc: h3=":50944"; ma=2592000 content-type: image/x-icon date: Fri, 09 May 2025 15:22:55 GMT etag: "670f7248-0" last-modified: Wed, 16 Oct 2024 07:59:04 GMT server: Caddy, nginx content-length: 0 X-Firefox-Spdy: h2`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST

IP