Report - ww7.enzav.xyz/?usid=18&utid=29008134274

Report Overview

Visitedpublic

2025-01-03 06:12:10

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
parking3.parklogic.com	unknown	2007-02-28	2023-05-10	2025-01-01	1.0 kB	2.6 kB	170.187.143.93
ww7.enzav.xyz	unknown	2023-06-20	2024-07-22	2024-12-14	2.1 kB	45 kB	199.59.243.228
www.google.com	7	1997-09-15	2015-05-10	2025-01-01	426 B	54 kB	142.250.74.68
syndicatedsearch.goog	unknown	2023-04-14	2023-09-25	2025-01-01	3.1 kB	152 kB	216.58.207.238
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2025-01-01	991 B	2.1 kB	142.250.74.33

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-03	medium	enzav.xyz	Sinkholed
2025-01-03	medium	enzav.xyz	Sinkholed
2025-01-03	medium	enzav.xyz	Sinkholed
2025-01-03	medium	enzav.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	ww7.enzav.xyz/biZbCCsVj.js	ScriptElement	36 kB	2024-12-06	2025-02-12
URL ww7.enzav.xyz/biZbCCsVj.js IP / ASN 199.59.243.228 #16509 AMAZON-02 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-06 Last Seen 2025-02-12 Times Seen 779 Size 36 kB (35880 bytes) MD5 f7a0acd3edd96a6773c808df8f2e9da1 SHA1 fb855b53532c232c2f16425926afd10c5bb1d41f SHA256 a907384260a0ffb5ff618773441d0d1865f0eed950d35902381b3d1faf79b704 Format Code Loading...

	www.google.com/adsense/domains/caf.js?abp=1&bodis=true	ScriptElement	147 kB	2024-12-13	2025-01-08
URL www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP / ASN 142.250.74.68 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-13 Last Seen 2025-01-08 Times Seen 2093 Size 147 kB (146817 bytes) MD5 63429518ecac3d4b7a9910e439563d9a SHA1 2a310587df5d8a48caf5627faede24dc3701c2b1 SHA256 0f9755eec4dd786d075295d6508e4e073a180dc75d2678854bf7d13ee19a88c3 Format Code Loading...

	syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol106%2Cpid-bodis-gcontrol424%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.enzav.xyz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D18%26utid%3D29008134274&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=1871735884706103&num=0&output=afd_ads&domain_name=ww7.enzav.xyz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1735884706105&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.enzav.xyz%2F%3Fusid%3D18%26utid%3D29008134274	ScriptElement	610 B	2025-01-03	2025-01-03
URL syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol106%2Cpid-bodis-gcontrol424%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.enzav.xyz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D18%26utid%3D29008134274&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=1871735884706103&num=0&output=afd_ads&domain_name=ww7.enzav.xyz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1735884706105&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.enzav.xyz%2F%3Fusid%3D18%26utid%3D29008134274 IP / ASN 216.58.207.238 #15169 GOOGLE Introduced by ScriptElement Embedded true Resource Info First Seen 2025-01-03 Last Seen 2025-01-03 Times Seen 1 Size 610 B (610 bytes) MD5 9f07fe463296a94d956e7088fe9070e4 SHA1 98ea7db0bc0be9d32d141a6e1e0bd56c986a4689 SHA256 29a7b04bcef0f1dc2bd6b90034113ecacece8370720e86f6968c6f48d68810e8 Format Code Loading...

	syndicatedsearch.goog/adsense/domains/caf.js	ScriptElement	147 kB	2024-12-12	2025-01-09
URL syndicatedsearch.goog/adsense/domains/caf.js IP / ASN 216.58.207.238 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-12 Last Seen 2025-01-09 Times Seen 3781 Size 147 kB (146815 bytes) MD5 819567b938a0e984308065968c76c080 SHA1 4d32c236309b03793c714fd0906464e91a0a1964 SHA256 91e2625103deff2ac8f7999f965cde3b9ef6d979ca790d0056cb6195b036e16a Format Code Loading...

	parking3.parklogic.com/page/enhance.js?pcId=7&&domain=enzav.xyz	ScriptElement	2.3 kB	2025-01-03	2025-01-03
URL parking3.parklogic.com/page/enhance.js?pcId=7&&domain=enzav.xyz IP / ASN 170.187.143.93 #63949 Akamai Connected Cloud Introduced by ScriptElement Embedded false Resource Info First Seen 2025-01-03 Last Seen 2025-01-03 Times Seen 1 Size 2.3 kB (2327 bytes) MD5 62925d325b403f933d3c022ae8cea19a SHA1 95eeb37477cb70be875f92d9799dad81254d754a SHA256 6b71b9d4fefa44e3f5837837e05228cda6624a6d6531e4dd459f2618daec4ee7 Format Code Loading...

	ww7.enzav.xyz/?usid=18&utid=29008134274	ScriptElement	379 B	2025-01-03	2025-01-03
URL ww7.enzav.xyz/?usid=18&utid=29008134274 IP / ASN 199.59.243.228 #16509 AMAZON-02 Introduced by ScriptElement Embedded true Resource Info First Seen 2025-01-03 Last Seen 2025-01-03 Times Seen 1 Size 379 B (379 bytes) MD5 f4411aaccaaae09f62c3ed7e8aee63bb SHA1 02e04d5d6d0d18e7f84441ea446f44805211672e SHA256 17972d679283b8d11c5f206bbe0b2a37fe22da1fb69e4a4a08990cf05bcbf99f Format Code Loading...

	HASH	FROM	Size	First Seen	Last Seen
	2b1c34190485f20a09be6474d40d073d	DocumentWrite	175 B	2025-01-03	2025-01-03
Introduced by DocumentWrite First Seen 2025-01-03 Last Seen 2025-01-03 Times Seen 1 Size 175 B (175 bytes) MD5 2b1c34190485f20a09be6474d40d073d SHA1 1660ff93facd37f098b5b686554eb3b14f2a77b2 SHA256 da7df617ba3c3f2f63f4e7a94a074a6a3740ad06bfe529392ec7d55b93cd6f31 Format Code Loading...

HTTP Transactions (13)

URL IP Response Size

GET ww7.enzav.xyz/?usid=18&utid=29008134274

199.59.243.228

200 OK

1.1 kB

URL

ww7.enzav.xyz/?usid=18&utid=29008134274

IP / ASN

199.59.243.228

#16509 AMAZON-02

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (394)

First Seen2025-01-03

Last Seen2025-01-03

Times Seen1

Size1.1 kB (1126 bytes)

MD53865412853eff05515770a3dc53b158b

SHA18191bd69bc06115889b3c29c02452c289614d6e6

SHA256d91f0653305674540d0f641cbde7d1d92c401463959ba077cc44c8f62175b032

Certificate Info

IssuerLet's Encrypt

Subjectww7.enzav.xyz

Fingerprint76:39:3E:B8:6F:54:BB:B8:FC:C5:42:3A:DF:1C:46:84:CD:1A:34:B2

ValiditySat, 02 Nov 2024 14:42:55 GMT - Fri, 31 Jan 2025 14:42:54 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?usid=18&utid=29008134274 HTTP/1.1
Host: ww7.enzav.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Jan 2025 06:11:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1126
X-Request-Id: 7fb5e3a0-23be-44bb-a65c-cc6ef8f4fff4
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_t5ATlWWndqzzyVuVZ15o+wR6jlFtSolTC3OYZmTyO4O3CBiuN+MzcZCzYK1QH1B6HhLMBotKpk2/neREQ4iJPg==
Set-Cookie: parking_session=7fb5e3a0-23be-44bb-a65c-cc6ef8f4fff4; expires=Fri, 03 Jan 2025 06:26:45 GMT; path=/
Connection: close

GET ww7.enzav.xyz/biZbCCsVj.js

199.59.243.228

200 OK

36 kB

URL

ww7.enzav.xyz/biZbCCsVj.js

IP / ASN

199.59.243.228

#16509 AMAZON-02

Requested byhttps://ww7.enzav.xyz/?usid=18&utid=29008134274

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (35877)

First Seen2024-12-06

Last Seen2025-02-12

Times Seen779

Size36 kB (35880 bytes)

MD5f7a0acd3edd96a6773c808df8f2e9da1

SHA1fb855b53532c232c2f16425926afd10c5bb1d41f

SHA256a907384260a0ffb5ff618773441d0d1865f0eed950d35902381b3d1faf79b704

Certificate Info

IssuerLet's Encrypt

Subjectww7.enzav.xyz

Fingerprint76:39:3E:B8:6F:54:BB:B8:FC:C5:42:3A:DF:1C:46:84:CD:1A:34:B2

ValiditySat, 02 Nov 2024 14:42:55 GMT - Fri, 31 Jan 2025 14:42:54 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /biZbCCsVj.js HTTP/1.1
Host: ww7.enzav.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.enzav.xyz/?usid=18&utid=29008134274
Cookie: parking_session=7fb5e3a0-23be-44bb-a65c-cc6ef8f4fff4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Jan 2025 06:11:44 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 35880
X-Request-Id: 5e647b10-a28e-4fb6-bb21-e35abe3a351c
Set-Cookie: parking_session=7fb5e3a0-23be-44bb-a65c-cc6ef8f4fff4; expires=Fri, 03 Jan 2025 06:26:45 GMT
Connection: close

POST ww7.enzav.xyz/_fd?usid=18&utid=29008134274

199.59.243.228

200 OK

6.3 kB

URL

ww7.enzav.xyz/_fd?usid=18&utid=29008134274

IP / ASN

199.59.243.228

#16509 AMAZON-02

Requested byhttps://ww7.enzav.xyz/?usid=18&utid=29008134274

Resource Info

File typeASCII text, with very long lines (6333), with no line terminators

First Seen2025-01-03

Last Seen2025-01-03

Times Seen1

Size6.3 kB (6333 bytes)

MD5e81c282092e484597cdf354cb1c31dc4

SHA1bfb7d21f5dc3d3e811fd2e7aa8aea52aca48fc43

SHA256f7710b21aea9b7503ea53395746a04fc72c3ec4d5c5730c8431a762dd5d49b34

Certificate Info

IssuerLet's Encrypt

Subjectww7.enzav.xyz

Fingerprint76:39:3E:B8:6F:54:BB:B8:FC:C5:42:3A:DF:1C:46:84:CD:1A:34:B2

ValiditySat, 02 Nov 2024 14:42:55 GMT - Fri, 31 Jan 2025 14:42:54 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /_fd?usid=18&utid=29008134274 HTTP/1.1
Host: ww7.enzav.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.enzav.xyz/?usid=18&utid=29008134274
Content-Type: application/json
Origin: https://ww7.enzav.xyz
DNT: 1
Connection: keep-alive
Cookie: parking_session=7fb5e3a0-23be-44bb-a65c-cc6ef8f4fff4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
Date: Fri, 03 Jan 2025 06:11:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 6333
X-Request-Id: 9da50f28-7fbf-49b4-915f-1adc2ba6fb8e
Set-Cookie: parking_session=7fb5e3a0-23be-44bb-a65c-cc6ef8f4fff4; expires=Fri, 03 Jan 2025 06:26:45 GMT
Connection: close

GET www.google.com/adsense/domains/caf.js?abp=1&bodis=true

142.250.74.68

200 OK

54 kB

URL

www.google.com/adsense/domains/caf.js?abp=1&bodis=true

IP / ASN

142.250.74.68

#15169 GOOGLE

Requested byhttps://ww7.enzav.xyz/?usid=18&utid=29008134274

Resource Info

File typegzip compressed data, max compression

First Seen2025-01-02

Last Seen2025-01-03

Times Seen13

Size54 kB (53487 bytes)

MD563d9e86e848ec38f2634cd5adb35cd56

SHA1f6c6301678e6991a2e4c2aef47f45bfa535f4cef

SHA256fb04c038a25697f4fb1e4b779a83362569a5182a8820614f447ab9934adcf52c

Certificate Info

IssuerGoogle Trust Services

Subjectwww.google.com

Fingerprint73:D7:A2:DD:D9:66:88:D8:12:DA:21:B2:6C:66:23:55:F7:97:39:A7

ValidityMon, 02 Dec 2024 08:37:44 GMT - Mon, 24 Feb 2025 08:37:43 GMT

HTTP Headers

GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.enzav.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 03 Jan 2025 06:11:45 GMT
expires: Fri, 03 Jan 2025 06:11:45 GMT
cache-control: private, max-age=3600
etag: "10192998989123001698"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol106%2Cpid-bodis-gcontrol424%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.enzav.xyz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D18%26utid%3D29008134274&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=1871735884706103&num=0&output=afd_ads&domain_name=ww7.enzav.xyz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1735884706105&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.enzav.xyz%2F%3Fusid%3D18%26utid%3D29008134274

216.58.207.238

200 OK

2.8 kB

URL

syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol106%2Cpid-bodis-gcontrol424%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.enzav.xyz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D18%26utid%3D29008134274&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=1871735884706103&num=0&output=afd_ads&domain_name=ww7.enzav.xyz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1735884706105&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.enzav.xyz%2F%3Fusid%3D18%26utid%3D29008134274

IP / ASN

216.58.207.238

#15169 GOOGLE

Requested byhttps://ww7.enzav.xyz/?usid=18&utid=29008134274

Resource Info

File typeHTML document, ASCII text, with very long lines (13233)

First Seen2025-01-03

Last Seen2025-01-03

Times Seen1

Size2.8 kB (2796 bytes)

MD5ffbdde9e916df31be81f611941c03773

SHA12843386f7c725ab515c0ce67210bc6e46ffc14a2

SHA25611f45b5001effdf8b920a5ffa3f65a637c495efd4dfe4431178f3be1d931f34d

Certificate Info

IssuerGoogle Trust Services

Subjectsyndicatedsearch.goog

FingerprintF5:58:5D:4C:84:30:00:D1:6B:92:CB:08:D0:7A:AB:C1:45:90:C9:F7

ValidityMon, 02 Dec 2024 08:39:01 GMT - Mon, 24 Feb 2025 08:39:00 GMT

HTTP Headers

GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol106%2Cpid-bodis-gcontrol424%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.enzav.xyz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D18%26utid%3D29008134274&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=1871735884706103&num=0&output=afd_ads&domain_name=ww7.enzav.xyz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1735884706105&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.enzav.xyz%2F%3Fusid%3D18%26utid%3D29008134274 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.enzav.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Fri, 03 Jan 2025 06:11:46 GMT
expires: Fri, 03 Jan 2025 06:11:46 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-IDARXPjIgBN6Z-6PYJvlNA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2796
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff

142.250.74.33

200 OK

278 B

URL

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff

IP / ASN

142.250.74.33

#15169 GOOGLE

Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol106%2Cpid-bodis-gcontrol424%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.enzav.xyz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D18%26utid%3D29008134274&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=1871735884706103&num=0&output=afd_ads&domain_name=ww7.enzav.xyz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1735884706105&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.enzav.xyz%2F%3Fusid%3D18%26utid%3D29008134274

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2023-04-07

Last Seen2025-08-01

Times Seen65959

Size278 B (278 bytes)

MD5fe7dd8c3c629cc6e9cd6d3e4d3cbe905

SHA159ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18

SHA2565455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e

Certificate Info

IssuerGoogle Trust Services

Subject*.googleusercontent.com

FingerprintB7:81:DF:88:6A:8E:A6:85:C5:CC:E0:38:BE:A6:D8:AF:B1:92:4E:DF

ValidityMon, 02 Dec 2024 08:36:53 GMT - Mon, 24 Feb 2025 08:36:52 GMT

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Jan 2025 18:11:00 GMT
expires: Fri, 03 Jan 2025 17:11:00 GMT
cache-control: public, max-age=82800
age: 43246
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b

142.250.74.33

200 OK

174 B

URL

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b

IP / ASN

142.250.74.33

#15169 GOOGLE

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2023-04-07

Last Seen2025-08-02

Times Seen76532

Size174 B (174 bytes)

MD5d47125b2ba92be53dcff07ba322ce1de

SHA1e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28

SHA2565a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6

Certificate Info

IssuerGoogle Trust Services

Subject*.googleusercontent.com

FingerprintB7:81:DF:88:6A:8E:A6:85:C5:CC:E0:38:BE:A6:D8:AF:B1:92:4E:DF

ValidityMon, 02 Dec 2024 08:36:53 GMT - Mon, 24 Feb 2025 08:36:52 GMT

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Jan 2025 07:31:43 GMT
expires: Fri, 03 Jan 2025 06:31:43 GMT
cache-control: public, max-age=82800
age: 81603
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST ww7.enzav.xyz/_tr

199.59.243.228

200 OK

2 B

URL

ww7.enzav.xyz/_tr

IP / ASN

199.59.243.228

#16509 AMAZON-02

Requested byhttps://ww7.enzav.xyz/?usid=18&utid=29008134274

Resource Info

File typeASCII text, with no line terminators

First Seen2023-03-08

Last Seen2025-08-02

Times Seen192545

Size2 B (2 bytes)

MD5444bcb3a3fcf8389296c49467f27e1d6

SHA17a85f4764bbd6daf1c3545efbbf0f279a6dc0beb

SHA2562689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Certificate Info

IssuerLet's Encrypt

Subjectww7.enzav.xyz

Fingerprint76:39:3E:B8:6F:54:BB:B8:FC:C5:42:3A:DF:1C:46:84:CD:1A:34:B2

ValiditySat, 02 Nov 2024 14:42:55 GMT - Fri, 31 Jan 2025 14:42:54 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /_tr HTTP/1.1
Host: ww7.enzav.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.enzav.xyz/?usid=18&utid=29008134274
Content-Type: application/json
Content-Length: 1957
Origin: https://ww7.enzav.xyz
DNT: 1
Connection: keep-alive
Cookie: parking_session=7fb5e3a0-23be-44bb-a65c-cc6ef8f4fff4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Jan 2025 06:11:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
X-Request-Id: e30849db-a3a5-4434-9459-a5dc92907a29
Set-Cookie: parking_session=7fb5e3a0-23be-44bb-a65c-cc6ef8f4fff4; expires=Fri, 03 Jan 2025 06:26:46 GMT
Connection: close

GET syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=mef4n6jj11ll&aqid=on93Z6DvDpOeiM0Pn6Hg0AU&psid=3113057640&pbt=bs&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=7%7C0%7C298%7C65%7C21&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL

syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=mef4n6jj11ll&aqid=on93Z6DvDpOeiM0Pn6Hg0AU&psid=3113057640&pbt=bs&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=7%7C0%7C298%7C65%7C21&lle=0&ifv=1&hpt=0

IP / ASN

216.58.207.238

#15169 GOOGLE

Requested byhttps://ww7.enzav.xyz/?usid=18&utid=29008134274

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606062

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectsyndicatedsearch.goog

FingerprintF5:58:5D:4C:84:30:00:D1:6B:92:CB:08:D0:7A:AB:C1:45:90:C9:F7

ValidityMon, 02 Dec 2024 08:39:01 GMT - Mon, 24 Feb 2025 08:39:00 GMT

HTTP Headers

GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=mef4n6jj11ll&aqid=on93Z6DvDpOeiM0Pn6Hg0AU&psid=3113057640&pbt=bs&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=7%7C0%7C298%7C65%7C21&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.enzav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-HQMeoTdoOlPerWFdbBNqvQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Fri, 03 Jan 2025 06:11:48 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=xy84ex4enqqt&aqid=on93Z6DvDpOeiM0Pn6Hg0AU&psid=3113057640&pbt=bv&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=7%7C0%7C298%7C65%7C21&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL

syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=xy84ex4enqqt&aqid=on93Z6DvDpOeiM0Pn6Hg0AU&psid=3113057640&pbt=bv&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=7%7C0%7C298%7C65%7C21&lle=0&ifv=1&hpt=0

IP / ASN

216.58.207.238

#15169 GOOGLE

Requested byhttps://ww7.enzav.xyz/?usid=18&utid=29008134274

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606062

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectsyndicatedsearch.goog

FingerprintF5:58:5D:4C:84:30:00:D1:6B:92:CB:08:D0:7A:AB:C1:45:90:C9:F7

ValidityMon, 02 Dec 2024 08:39:01 GMT - Mon, 24 Feb 2025 08:39:00 GMT

HTTP Headers

GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=xy84ex4enqqt&aqid=on93Z6DvDpOeiM0Pn6Hg0AU&psid=3113057640&pbt=bv&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=7%7C0%7C298%7C65%7C21&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.enzav.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-QYg4smycEAQWcmtCv4-K9g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Fri, 03 Jan 2025 06:11:48 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET syndicatedsearch.goog/adsense/domains/caf.js

216.58.207.238

200 OK

147 kB

URL

syndicatedsearch.goog/adsense/domains/caf.js

IP / ASN

216.58.207.238

#15169 GOOGLE

Resource Info

File typeJavaScript source, ASCII text, with very long lines (1932)

First Seen2024-12-12

Last Seen2025-01-09

Times Seen3781

Size147 kB (146815 bytes)

MD5819567b938a0e984308065968c76c080

SHA14d32c236309b03793c714fd0906464e91a0a1964

SHA25691e2625103deff2ac8f7999f965cde3b9ef6d979ca790d0056cb6195b036e16a

Certificate Info

IssuerGoogle Trust Services

Subjectsyndicatedsearch.goog

FingerprintF5:58:5D:4C:84:30:00:D1:6B:92:CB:08:D0:7A:AB:C1:45:90:C9:F7

ValidityMon, 02 Dec 2024 08:39:01 GMT - Mon, 24 Feb 2025 08:39:00 GMT

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 03 Jan 2025 06:11:46 GMT
expires: Fri, 03 Jan 2025 06:11:46 GMT
cache-control: private, max-age=3600
etag: "7350935687751240590"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET parking3.parklogic.com/page/enhance.js?pcId=7&&domain=enzav.xyz

170.187.143.93

200 OK

2.3 kB

URL

parking3.parklogic.com/page/enhance.js?pcId=7&&domain=enzav.xyz

IP / ASN

170.187.143.93

#63949 Akamai Connected Cloud

Requested byhttps://ww7.enzav.xyz/?usid=18&utid=29008134274

Resource Info

File typeJavaScript source, ASCII text, with very long lines (2397), with no line terminators

First Seen2025-01-03

Last Seen2025-01-03

Times Seen1

Size2.3 kB (2327 bytes)

MD5a6bdf6f65068219d9bf02ca82114c43d

SHA1e7fecb99a11151fe60dcbcc513f484042e63ff62

SHA256bf5d9a23d0f8d618633aeedcbb9da02cc759f15cb8a1dd0c75b8c9365214044f

Certificate Info

IssuerSectigo Limited

Subject*.parklogic.com

FingerprintA5:25:E3:1A:B4:C8:32:BD:0D:BA:C8:B4:19:22:F9:75:D4:D3:88:3F

ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT

HTTP Headers

GET /page/enhance.js?pcId=7&&domain=enzav.xyz HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.enzav.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 Jan 2025 06:11:46 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET parking3.parklogic.com/page/scribe.php?pcId=7&domain=enzav.xyz&pId=1055&usid=18&utid=29008134274&query=null&domainJs=ww7.enzav.xyz&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null

170.187.143.93

200 OK

0 B

URL

parking3.parklogic.com/page/scribe.php?pcId=7&domain=enzav.xyz&pId=1055&usid=18&utid=29008134274&query=null&domainJs=ww7.enzav.xyz&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null

IP / ASN

170.187.143.93

#63949 Akamai Connected Cloud

Requested byhttps://ww7.enzav.xyz/?usid=18&utid=29008134274

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606062

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerSectigo Limited

Subject*.parklogic.com

FingerprintA5:25:E3:1A:B4:C8:32:BD:0D:BA:C8:B4:19:22:F9:75:D4:D3:88:3F

ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT

HTTP Headers

GET /page/scribe.php?pcId=7&domain=enzav.xyz&pId=1055&usid=18&utid=29008134274&query=null&domainJs=ww7.enzav.xyz&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.enzav.xyz/
Origin: https://ww7.enzav.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 Jan 2025 06:11:47 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2