Report - futmax.zip

Report Overview

Visited public
2025-04-10 09:06:15
Tags
URL
futmax.zip
Finishing URL
ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988
IP / ASN
103.224.182.241
#133618 Trellian Pty. Limited
Title
futmax.zip

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
futmax.zip	unknown	2024-02-20	2025-03-24	2025-03-24	479 B	1.5 kB	103.224.182.241
ww25.futmax.zip	unknown	2024-02-20	2024-04-17	2025-03-24	2.0 kB	44 kB	199.59.243.228
www.google.com	7	1997-09-15	2015-05-10	2025-04-09	441 B	145 kB	142.250.74.68
syndicatedsearch.goog	unknown	2023-04-14	2023-09-25	2025-04-09	3.2 kB	161 kB	216.58.207.238
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2025-04-09	1.0 kB	2.0 kB	142.250.74.33

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-10 09:05:54	low	Client IP	199.59.243.228	ET INFO HTTP Request to a *.zip Domain
2025-04-10 09:05:54	low	Client IP	199.59.243.228	ET INFO HTTP Request to a *.zip Domain
2025-04-10 09:05:54	low	Client IP	199.59.243.228	ET INFO HTTP Request to a *.zip Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988	ScriptElement	417 B	2025-04-10	2025-04-10
Pretty URL ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988 IP 199.59.243.228 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-10 09:06 Last Seen2025-04-10 09:06 Times Seen1 Hash 7793ff4ea08de2458df9031825f29878 3bdfa43ee2da091635faff5e5cb667d626642996 2a70ee629c499ef800acd2bbfbde6280779c9ffe51e113018564154fdf423aaa Loading...

	ww25.futmax.zip/bRaPTcjXg.js	ScriptElement	36 kB	2025-04-04	2025-04-15
Pretty URL ww25.futmax.zip/bRaPTcjXg.js IP 199.59.243.228 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-04 19:14 Last Seen2025-04-15 12:33 Times Seen384 Hash bcbcf4b79f2f520ddfbcb4f8937fe517 39ca8849e6ee009e244017d9b8446faa36b25f96 346420198c500daf6ae2d64c4e1d25f479348efc6fa1fa5c142d5f4056b83f6a Loading...

	www.google.com/adsense/domains/caf.js?abp=1&bodis=true	ScriptElement	144 kB	2025-03-28	2025-04-10
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP 142.250.74.68 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-28 13:41 Last Seen2025-04-10 11:27 Times Seen1681 Hash 4c7e880c2aefa6029d37243d98154abe 1c1907176debe4f203a6033184ab8755b11e8fad 12d2eb6f0e3265d35c62ccfbbdc8539cc77baf957ffd3b27aee100ebcfc42231 Loading...

	syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol436%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww25.futmax.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250410-1905-53f9-b43e-4431c8166988&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2158691236259338&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3&nocache=5621744275955265&num=0&output=afd_ads&domain_name=ww25.futmax.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744275955267&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=http%3A%2F%2Fww25.futmax.zip%2F%3Fsubid1%3D20250410-1905-53f9-b43e-4431c8166988	ScriptElement	584 B	2025-04-10	2025-04-10
Pretty URL syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol436%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww25.futmax.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250410-1905-53f9-b43e-4431c8166988&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2158691236259338&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3&nocache=5621744275955265&num=0&output=afd_ads&domain_name=ww25.futmax.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744275955267&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=http%3A%2F%2Fww25.futmax.zip%2F%3Fsubid1%3D20250410-1905-53f9-b43e-4431c8166988 IP 216.58.207.238 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-10 09:06 Last Seen2025-04-10 09:06 Times Seen1 Hash 758cadcccde018232507cbb6eaee711c e391155a162d89e5642777a507a98b66c767745f 3faaf3b0cac23de09332d579846bddb1db09c02d07437057c23b5caca5d2f808 Loading...

	syndicatedsearch.goog/adsense/domains/caf.js	ScriptElement	144 kB	2025-03-28	2025-04-10
Pretty URL syndicatedsearch.goog/adsense/domains/caf.js IP 216.58.207.238 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-28 13:41 Last Seen2025-04-10 11:31 Times Seen868 Hash 39b9587b89db39dc2b243f435a449ea9 168c0c0743f687bf3444dfbb9fe4697c5c9364d6 dc9e4c873542ea5c3135cb80053ee6376888a74d837ef48193403aaabe80e7d9 Loading...

HTTP Transactions (12)

URL IP Response Size

ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988

199.59.243.228

200 OK

1.2 kB

URL User Request GET
ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988
IP
199.59.243.228:80
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (434)
Size
1.2 kB (1166 bytes)
Hash
38cbb76dbe91c82419ebbe1fe46cd8df
71bb3fb6812235835ad17f083f684b893a06234a
b9b7eb0cd025f39677e64dc4b3ef61e2bc95594d10233f51b824bda35074d949

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET /?subid1=20250410-1905-53f9-b43e-4431c8166988 HTTP/1.1
Host: ww25.futmax.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Thu, 10 Apr 2025 09:05:53 GMT
content-type: text/html; charset=utf-8
content-length: 1166
x-request-id: 8238a589-284b-437f-a0d8-a004e6f84207
cache-control: no-store, max-age=0
accept-ch: sec-ch-prefers-color-scheme
critical-ch: sec-ch-prefers-color-scheme
vary: sec-ch-prefers-color-scheme
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_X/je8NN2kqWByFocajQEio0nu+EYOMS3DiiwwG3AouPMTgsXb3P6PyF94UW5vBc7y6uPvINoX5CNAQVNhZ4ZsA==
set-cookie: parking_session=8238a589-284b-437f-a0d8-a004e6f84207; expires=Thu, 10 Apr 2025 09:20:54 GMT; path=/

ww25.futmax.zip/bRaPTcjXg.js

199.59.243.228

200 OK

36 kB

URL GET
ww25.futmax.zip/bRaPTcjXg.js
IP
199.59.243.228:80
ASN
#16509 AMAZON-02

Requested by
http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (35690)
Size
36 kB (35693 bytes)
Hash
bcbcf4b79f2f520ddfbcb4f8937fe517
39ca8849e6ee009e244017d9b8446faa36b25f96
346420198c500daf6ae2d64c4e1d25f479348efc6fa1fa5c142d5f4056b83f6a

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET /bRaPTcjXg.js HTTP/1.1
Host: ww25.futmax.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988
Cookie: parking_session=8238a589-284b-437f-a0d8-a004e6f84207
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Thu, 10 Apr 2025 09:05:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 35693
x-request-id: cfb42181-daeb-4340-b624-156cfa67dd39
set-cookie: parking_session=8238a589-284b-437f-a0d8-a004e6f84207; expires=Thu, 10 Apr 2025 09:20:54 GMT

ww25.futmax.zip/_fd?subid1=20250410-1905-53f9-b43e-4431c8166988

199.59.243.228

200 OK

5.2 kB

URL POST
ww25.futmax.zip/_fd?subid1=20250410-1905-53f9-b43e-4431c8166988
IP
199.59.243.228:80
ASN
#16509 AMAZON-02

Requested by
http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988

File type
ASCII text, with very long lines (5209), with no line terminators
Size
5.2 kB (5209 bytes)
Hash
d9fdfb79ff5a591bb477f80f5d8ccfdd
6cfe7553ca8e9cc75839892d55b7359abae1023d
ff5e82783d97b5b7179699e755d4fbf1747a99b0bb585867eb1f574dd95b6469

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

POST /_fd?subid1=20250410-1905-53f9-b43e-4431c8166988 HTTP/1.1
Host: ww25.futmax.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988
Content-Type: application/json
Origin: http://ww25.futmax.zip
DNT: 1
Connection: keep-alive
Cookie: parking_session=8238a589-284b-437f-a0d8-a004e6f84207
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
date: Thu, 10 Apr 2025 09:05:54 GMT
content-type: application/json; charset=utf-8
content-length: 5209
x-request-id: 684fd52e-8371-4d6d-8cf6-516c444e826d
set-cookie: parking_session=8238a589-284b-437f-a0d8-a004e6f84207; expires=Thu, 10 Apr 2025 09:20:54 GMT

www.google.com/adsense/domains/caf.js?abp=1&bodis=true

142.250.74.68

200 OK

144 kB

URL GET
www.google.com/adsense/domains/caf.js?abp=1&bodis=true
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint40:5C:81:99:DA:01:36:FE:E4:60:2B:67:51:3D:C2:62:8D:9A:38:47
ValidityThu, 20 Mar 2025 11:20:31 GMT - Thu, 12 Jun 2025 11:20:30 GMT

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
144 kB (144128 bytes)
Hash
4c7e880c2aefa6029d37243d98154abe
1c1907176debe4f203a6033184ab8755b11e8fad
12d2eb6f0e3265d35c62ccfbbdc8539cc77baf957ffd3b27aee100ebcfc42231

HTTP Headers

GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww25.futmax.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 10 Apr 2025 09:05:55 GMT
expires: Thu, 10 Apr 2025 09:05:55 GMT
cache-control: private, max-age=3600
etag: "15473499877488930535"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol436%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww25.futmax.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250410-1905-53f9-b43e-4431c8166988&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2158691236259338&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3&nocache=5621744275955265&num=0&output=afd_ads&domain_name=ww25.futmax.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744275955267&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=http%3A%2F%2Fww25.futmax.zip%2F%3Fsubid1%3D20250410-1905-53f9-b43e-4431c8166988

216.58.207.238

200 OK

14 kB

URL GET
syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol436%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww25.futmax.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250410-1905-53f9-b43e-4431c8166988&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2158691236259338&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3&nocache=5621744275955265&num=0&output=afd_ads&domain_name=ww25.futmax.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744275955267&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=http%3A%2F%2Fww25.futmax.zip%2F%3Fsubid1%3D20250410-1905-53f9-b43e-4431c8166988
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41
ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT

File type
HTML document, ASCII text, with very long lines (13159)
Size
14 kB (13688 bytes)
Hash
cf7213005dc1cb88d5649e640787445b
3b513f15ad35d85501c02ff984a78580cf569748
2ff4d2286f47aed8d87f92e67feb5c9a3c6c41cbba32ffd70c4a7fd368695eb4

HTTP Headers

GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol436%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww25.futmax.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250410-1905-53f9-b43e-4431c8166988&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2158691236259338&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3&nocache=5621744275955265&num=0&output=afd_ads&domain_name=ww25.futmax.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744275955267&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=http%3A%2F%2Fww25.futmax.zip%2F%3Fsubid1%3D20250410-1905-53f9-b43e-4431c8166988 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww25.futmax.zip/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 10 Apr 2025 09:05:55 GMT
expires: Thu, 10 Apr 2025 09:05:55 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-D-84Sw_H2mIHtD1fbUGXSQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2691
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.74.33

200 OK

200 B

URL GET
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.74.33:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol436%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww25.futmax.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250410-1905-53f9-b43e-4431c8166988&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2158691236259338&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3&nocache=5621744275955265&num=0&output=afd_ads&domain_name=ww25.futmax.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744275955267&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=http%3A%2F%2Fww25.futmax.zip%2F%3Fsubid1%3D20250410-1905-53f9-b43e-4431c8166988
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint85:BF:6A:5F:09:9C:AA:F5:8D:3B:2E:65:D1:16:4F:7F:03:2D:A8:DD
ValidityThu, 20 Mar 2025 11:19:41 GMT - Thu, 12 Jun 2025 11:19:40 GMT

File type
SVG Scalable Vector Graphics image
Size
200 B (200 bytes)
Hash
11b3089d616633ca6b73b57aa877eeb4
07632f63e06b30d9b63c97177d3a8122629bda9b
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Apr 2025 02:21:41 GMT
expires: Fri, 11 Apr 2025 01:21:41 GMT
cache-control: public, max-age=82800
age: 24254
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ww25.futmax.zip/_tr

199.59.243.228

200 OK

2 B

URL POST
ww25.futmax.zip/_tr
IP
199.59.243.228:80
ASN
#16509 AMAZON-02

Requested by
http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /_tr HTTP/1.1
Host: ww25.futmax.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988
Content-Type: application/json
Content-Length: 2009
Origin: http://ww25.futmax.zip
DNT: 1
Connection: keep-alive
Cookie: parking_session=8238a589-284b-437f-a0d8-a004e6f84207
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Thu, 10 Apr 2025 09:05:55 GMT
content-type: application/json; charset=utf-8
content-length: 2
x-request-id: 0a7bc49a-490c-45cc-bec9-dfaf8258b3ac
set-cookie: parking_session=8238a589-284b-437f-a0d8-a004e6f84207; expires=Thu, 10 Apr 2025 09:20:55 GMT

futmax.zip/

103.224.182.241

302 Found

1.2 kB

URL User Request GET
futmax.zip/
IP
103.224.182.241:443
ASN
#133618 Trellian Pty. Limited

Certificate
IssuerLet's Encrypt
Subjectpelisplugo.vip
FingerprintFD:CA:8C:D0:69:E1:17:F2:59:25:74:15:0B:BE:1E:98:A4:23:82:19
ValidityTue, 01 Apr 2025 09:12:01 GMT - Mon, 30 Jun 2025 09:12:00 GMT

File type

Size
1.2 kB (1166 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: futmax.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
date: Thu, 10 Apr 2025 09:05:53 GMT
server: Apache
set-cookie: __tad=1744275953.2679716; expires=Sun, 08-Apr-2035 09:05:53 GMT; Max-Age=315360000
location: http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988
content-length: 2
content-type: text/html; charset=UTF-8
connection: close

syndicatedsearch.goog/adsense/domains/caf.js

216.58.207.238

200 OK

144 kB

URL GET
syndicatedsearch.goog/adsense/domains/caf.js
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol436%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww25.futmax.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250410-1905-53f9-b43e-4431c8166988&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2158691236259338&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3&nocache=5621744275955265&num=0&output=afd_ads&domain_name=ww25.futmax.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744275955267&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=http%3A%2F%2Fww25.futmax.zip%2F%3Fsubid1%3D20250410-1905-53f9-b43e-4431c8166988
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41
ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
144 kB (144144 bytes)
Hash
39b9587b89db39dc2b243f435a449ea9
168c0c0743f687bf3444dfbb9fe4697c5c9364d6
dc9e4c873542ea5c3135cb80053ee6376888a74d837ef48193403aaabe80e7d9

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 10 Apr 2025 09:05:55 GMT
expires: Thu, 10 Apr 2025 09:05:55 GMT
cache-control: private, max-age=3600
etag: "17592477094211667830"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b

142.250.74.33

200 OK

200 B

URL GET
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
IP
142.250.74.33:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol109%2Cpid-bodis-gcontrol436%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww25.futmax.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250410-1905-53f9-b43e-4431c8166988&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2158691236259338&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108&format=r3&nocache=5621744275955265&num=0&output=afd_ads&domain_name=ww25.futmax.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744275955267&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=740324255&rurl=http%3A%2F%2Fww25.futmax.zip%2F%3Fsubid1%3D20250410-1905-53f9-b43e-4431c8166988
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint85:BF:6A:5F:09:9C:AA:F5:8D:3B:2E:65:D1:16:4F:7F:03:2D:A8:DD
ValidityThu, 20 Mar 2025 11:19:41 GMT - Thu, 12 Jun 2025 11:19:40 GMT

File type
SVG Scalable Vector Graphics image
Size
200 B (200 bytes)
Hash
d47125b2ba92be53dcff07ba322ce1de
e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Apr 2025 18:43:55 GMT
expires: Thu, 10 Apr 2025 17:43:55 GMT
cache-control: public, max-age=82800
age: 51720
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=sy2o81oye0ti&cd_fexp=72717108&aqid=84n3Z87sGaehiM0PiMi_6Ag&psid=3113057640&pbt=bs&adbx=290&adby=170&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=740324255&csala=5%7C0%7C302%7C99%7C22&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL GET
syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=sy2o81oye0ti&cd_fexp=72717108&aqid=84n3Z87sGaehiM0PiMi_6Ag&psid=3113057640&pbt=bs&adbx=290&adby=170&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=740324255&csala=5%7C0%7C302%7C99%7C22&lle=0&ifv=1&hpt=0
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41
ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=sy2o81oye0ti&cd_fexp=72717108&aqid=84n3Z87sGaehiM0PiMi_6Ag&psid=3113057640&pbt=bs&adbx=290&adby=170&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=740324255&csala=5%7C0%7C302%7C99%7C22&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww25.futmax.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-U6YD1SuL2CppvsLWOFiW0g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Thu, 10 Apr 2025 09:05:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=u07muxlz193o&cd_fexp=72717108&aqid=84n3Z87sGaehiM0PiMi_6Ag&psid=3113057640&pbt=bv&adbx=290&adby=170&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=740324255&csala=5%7C0%7C302%7C99%7C22&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL GET
syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=u07muxlz193o&cd_fexp=72717108&aqid=84n3Z87sGaehiM0PiMi_6Ag&psid=3113057640&pbt=bv&adbx=290&adby=170&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=740324255&csala=5%7C0%7C302%7C99%7C22&lle=0&ifv=1&hpt=0
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
http://ww25.futmax.zip/?subid1=20250410-1905-53f9-b43e-4431c8166988
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41
ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=u07muxlz193o&cd_fexp=72717108&aqid=84n3Z87sGaehiM0PiMi_6Ag&psid=3113057640&pbt=bv&adbx=290&adby=170&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=740324255&csala=5%7C0%7C302%7C99%7C22&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww25.futmax.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-uxTsjChb9gbsAHCeZcFSWQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Thu, 10 Apr 2025 09:05:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (12)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL POST

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type