Report - cgezhdrsjj.suijidaohxl.top/

Report Overview

Visited public
2025-07-05 00:42:31
Tags
Submit Tags
URL
cgezhdrsjj.suijidaohxl.top/
Finishing URL
ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
IP / ASN
172.233.219.78
#63949 Akamai Connected Cloud
Title
suijidaohxl.top - suijidaohxl Ressurser og informasjon

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
syndicatedsearch.goog	unknown	2023-04-14	2023-09-25	2025-07-02	5.4 kB	164 kB	216.58.207.238
img.sedoparking.com	54200	2001-09-18	2013-04-22	2025-07-02	763 B	30 kB	205.234.175.175
parking3.parklogic.com	unknown	2007-02-28	2023-05-10	2025-07-03	1.1 kB	1.9 kB	172.232.7.47
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2025-07-02	1.0 kB	2.2 kB	142.250.178.97
cgezhdrsjj.suijidaohxl.top	unknown	2024-05-02	2025-07-05	2025-07-05	906 B	5.3 kB	172.237.146.25
router.parklogic.com	unknown	2007-02-28	2025-03-19	2025-06-29	520 B	220 B	172.234.216.100
www.google.com	7	1997-09-15	2015-05-10	2025-07-02	391 B	144 kB	142.250.178.68
ww1.suijidaohxl.top	unknown	2024-05-02	2025-06-23	2025-07-02	1.9 kB	25 kB	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-07-05 00:42:09	medium	Client IP	172.237.146.25	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-04	medium	suijidaohxl.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	syndicatedsearch.goog/afs/ads/i/iframe.html	ScriptElement	1.3 kB	2025-03-02	2025-07-17
Pretty URL syndicatedsearch.goog/afs/ads/i/iframe.html IP 216.58.207.238 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:28 Last Seen2025-07-17 03:55 Times Seen48654 Hash 53a557946308585635eb80aec5326b9e 544b125203bfbb516566a63c9ef3dc57e9c06df9 eff95f5e15f8aa8c8b8c0f3aaeedba0091c1ec9732d78b6594c9ceb26c8eff28 Loading...

	syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C23197244&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.suijidaohxl.top%2Fcaf%2F%3Fses%3DY3JlPTE3NTE2NzYxMzEmdGNpZD13dzEuc3VpamlkYW9oeGwudG9wNjg2ODc0ZTNhNTNhMzkuNTExMDE2OTEmdGFzaz1zZWFyY2gmZG9tYWluPXN1aWppZGFvaHhsLnRvcCZhX2lkPTMmc2Vzc2lvbj0ydmJDdnpqUUVyTDc3WEVJS2VKZg%3D%3D&type=3&swp=as-drid-2795522040535628&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=8131751676131965&num=0&output=afd_ads&domain_name=ww1.suijidaohxl.top&v=3&bsl=8&pac=2&u_his=3&u_tz=0&dt=1751676131977&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=777636663&rurl=http%3A%2F%2Fww1.suijidaohxl.top%2F%3Fusid%3D103%26utid%3D5d3a973edf2765a6a7f94bd7c0c88403&referer=http%3A%2F%2Fcgezhdrsjj.suijidaohxl.top%2F	ScriptElement	800 B	2025-07-05	2025-07-05
Pretty URL syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C23197244&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.suijidaohxl.top%2Fcaf%2F%3Fses%3DY3JlPTE3NTE2NzYxMzEmdGNpZD13dzEuc3VpamlkYW9oeGwudG9wNjg2ODc0ZTNhNTNhMzkuNTExMDE2OTEmdGFzaz1zZWFyY2gmZG9tYWluPXN1aWppZGFvaHhsLnRvcCZhX2lkPTMmc2Vzc2lvbj0ydmJDdnpqUUVyTDc3WEVJS2VKZg%3D%3D&type=3&swp=as-drid-2795522040535628&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=8131751676131965&num=0&output=afd_ads&domain_name=ww1.suijidaohxl.top&v=3&bsl=8&pac=2&u_his=3&u_tz=0&dt=1751676131977&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=777636663&rurl=http%3A%2F%2Fww1.suijidaohxl.top%2F%3Fusid%3D103%26utid%3D5d3a973edf2765a6a7f94bd7c0c88403&referer=http%3A%2F%2Fcgezhdrsjj.suijidaohxl.top%2F IP 216.58.207.238 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-05 00:42 Last Seen2025-07-05 00:42 Times Seen1 Hash 7d6d1e75dbc09cf7bb90f6fff9e53070 b9952ead1100c360c9b966bafec225daefd2835e 27d55cc95146e2752cc79b417715cf06281363a0b8af9726a7975ef1dd848889 Loading...

	ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403	ScriptElement	4.0 kB	2025-07-05	2025-07-05
Pretty URL ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-05 00:42 Last Seen2025-07-05 00:42 Times Seen1 Hash 5d704a58b8f3e3707eb2389d8750d153 b4e8c49b790c3cea780546c7aa2a4bdbccfa0e33 984f801bd608e0a816d22edc428c9a55b74e9d11de09e13bfd7ac2a9c48b2c82 Loading...

	ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403	ScriptElement	622 B	2023-03-07	2025-07-17
Pretty URL ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-17 03:53 Times Seen30815 Hash a250fbc5a068488660893f64bcbd3883 a1b5f3c0b8e3d1d4b24c80a2b0ec26e1bfdb710b c23bcb1a9582fa5e6a7640914593be32834a9f9c9996d30c430906c46a448b49 Loading...

	www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true	ScriptElement	143 kB	2025-07-01	2025-07-08
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true IP 142.250.178.68 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-01 18:06 Last Seen2025-07-08 09:51 Times Seen360 Hash 0197d9b18b4a512cc6d41517ee6e2e22 60738f913186179f32238464fdf475ef2b3a8449 943d97c8e8f2ecd0d831401a971f6734760fcfdac07f446aa362535e750e6aee Loading...

	syndicatedsearch.goog/adsense/domains/caf.js	ScriptElement	143 kB	2025-07-02	2025-07-10
Pretty URL syndicatedsearch.goog/adsense/domains/caf.js IP 216.58.207.238 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 17:33 Last Seen2025-07-10 21:39 Times Seen769 Hash a5bac31d02a1509036c4a7d79a220c1f 4133b18a0f73117a6a96153828fc35b4cc7e528d 901c464816884ac74e5ec9ec9efe6a68d4be4f41c83d667ffea16a0eed838d77 Loading...

	cgezhdrsjj.suijidaohxl.top/	ScriptElement	4.3 kB	2025-07-05	2025-07-05
Pretty URL cgezhdrsjj.suijidaohxl.top/ IP 172.237.146.25 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-05 00:42 Last Seen2025-07-05 00:42 Times Seen1 Hash 7fadb69e8386293204b40f0ca9e60394 05f478ab2b4fb5d196044b72c66b856aaa439eec 63310c9bbc11de422be7e74d9cf980a318d5ccc1940a7874567691a117856c56 Loading...

	ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403	ScriptElement	5.9 kB	2024-05-23	2025-07-17
Pretty URL ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-23 11:11 Last Seen2025-07-17 03:55 Times Seen105223 Hash 978e89b89f929ebbd0a746295eafbcbe 6b92ab60432c1e5a8aebc60ebc94f1f24c28cea6 848eaac812a5c6ef9f75fc33f2bfbb7169bfea60bc4d4a28a7e77d1737ca42ac Loading...

	parking3.parklogic.com/page/enhance.js?pcId=1&domain=suijidaohxl.top	ScriptElement	1.6 kB	2025-07-02	2025-07-15
Pretty URL parking3.parklogic.com/page/enhance.js?pcId=1&domain=suijidaohxl.top IP 172.232.7.47 ASN #63949 Akamai Connected Cloud Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 01:00 Last Seen2025-07-15 22:43 Times Seen60 Hash 90d08ced48eaffc65c8e1211f848ed34 b4227afe297d0d6464ff236c6e64205304ee63d1 6b50065ddd1b5e3c2af500cb9fdd3d3c0aa0b797370b9fed27e88e1143cc8d8e Loading...

HTTP Transactions (20)

URL IP Response Size

GET ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403

0.0.0.0

0 B

URL User Request GET
ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403 HTTP/1.1
Host: ww1.suijidaohxl.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cgezhdrsjj.suijidaohxl.top/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=i3bvrx4nqdl6&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bv&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=8%7C0%7C470%7C77%7C49&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL GET
syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=i3bvrx4nqdl6&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bv&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=8%7C0%7C470%7C77%7C49&lle=0&ifv=1&hpt=0
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint07:28:33:EB:3C:B1:2D:1A:28:D5:4E:6B:B2:5F:42:2F:BE:38:52:3C
ValidityTue, 17 Jun 2025 20:05:02 GMT - Tue, 09 Sep 2025 20:05:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=i3bvrx4nqdl6&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bv&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=8%7C0%7C470%7C77%7C49&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3hq8EopMkmSo4Vd5NMxn_w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Sat, 05 Jul 2025 00:42:14 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403

64.190.63.136

200 OK

24 kB

URL User Request GET
ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
IP
64.190.63.136:80
ASN
#47846 SEDO GmbH

File type
HTML document, Unicode text, UTF-8 text, with very long lines (10563)
Size
24 kB (24314 bytes)
Hash
13b8ffd7e6de0d5b759e6100eeba857d
c0c5b3947047dfd6bca94a86c1b4e56bf713cd15
5396567e7e960c7ff788f5d30da3f5b9dceb4ef07c56604c5c42b15f5af4ca74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403 HTTP/1.1
Host: ww1.suijidaohxl.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cgezhdrsjj.suijidaohxl.top/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Sat, 05 Jul 2025 00:42:11 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_i8Rj2i0/P4faavAhXJMjAfa0wT4xh7fLydYaeWW+ofqBnpEI4Psv6aswhjobOfYR01pkZb1py1HBgN5CypHxuw==
last-modified: Sat, 05 Jul 2025 00:42:11 GMT
x-cache-miss-from: parking-5b56c79c57-mlnc6
server: Parking/1.0
content-encoding: gzip

GET img.sedoparking.com/templates/bg/arrows-curved.png

205.234.175.175

200 OK

14 kB

URL GET
img.sedoparking.com/templates/bg/arrows-curved.png
IP
205.234.175.175:80
ASN
#30081 CACHENETWORKS

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403

File type
PNG image data, 413 x 594, 8-bit/color RGBA, non-interlaced
Size
14 kB (13502 bytes)
Hash
107694ee1e94990d97b7e58651ffd6a0
7dd9ae7badf78be01ea0623df1e90171348716ff
7aa2a3e9a9575a27f5593c3b0357423128c468a46ed20d284ce5a21555ee67bc

HTTP Headers

GET /templates/bg/arrows-curved.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 05 Jul 2025 00:42:11 GMT
Content-Type: image/png
Content-Length: 13502
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Sat, 12 Jul 2025 00:42:11 GMT
X-CFHash: "107694ee1e94990d97b7e58651ffd6a0"
X-CFF: B
Last-Modified: Tue, 12 Oct 2021 05:19:02 GMT
X-CF3: H
CF4Age: 362
x-cf-tsc: 1750436138
CF4ttl: 31535638.000
X-CF2: H
Server: CFS 1124
X-CF-ReqID: 6e8b0473fc51335a894951dfaed13fa6
X-CF1: 11696:fB.arn1:cf:nom:cacheN.arn1-01:H
Accept-Ranges: bytes

GET parking3.parklogic.com/page/scribe.php?pcId=1&domain=suijidaohxl.top&aId=313&pId=1207&usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403&query=null&domainJs=ww1.suijidaohxl.top&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null

172.232.7.47

200 OK

0 B

URL GET
parking3.parklogic.com/page/scribe.php?pcId=1&domain=suijidaohxl.top&aId=313&pId=1207&usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403&query=null&domainJs=ww1.suijidaohxl.top&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null
IP
172.232.7.47:443
ASN
#63949 Akamai Connected Cloud

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
Certificate
IssuerLet's Encrypt
Subjectenhance-lb01.parklogic.com
Fingerprint45:DF:3D:16:4B:13:1A:15:46:7A:16:A0:08:03:74:14:6C:2F:8C:1A
ValidityFri, 30 May 2025 10:02:59 GMT - Thu, 28 Aug 2025 10:02:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /page/scribe.php?pcId=1&domain=suijidaohxl.top&aId=313&pId=1207&usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403&query=null&domainJs=ww1.suijidaohxl.top&path=/&ss=true&lp=1&tzB=UTC&wd=false&gpu=null HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.suijidaohxl.top/
Origin: http://ww1.suijidaohxl.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 05 Jul 2025 00:42:12 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

GET syndicatedsearch.goog/adsense/domains/caf.js

216.58.207.238

200 OK

143 kB

URL GET
syndicatedsearch.goog/adsense/domains/caf.js
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C23197244&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.suijidaohxl.top%2Fcaf%2F%3Fses%3DY3JlPTE3NTE2NzYxMzEmdGNpZD13dzEuc3VpamlkYW9oeGwudG9wNjg2ODc0ZTNhNTNhMzkuNTExMDE2OTEmdGFzaz1zZWFyY2gmZG9tYWluPXN1aWppZGFvaHhsLnRvcCZhX2lkPTMmc2Vzc2lvbj0ydmJDdnpqUUVyTDc3WEVJS2VKZg%3D%3D&type=3&swp=as-drid-2795522040535628&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=8131751676131965&num=0&output=afd_ads&domain_name=ww1.suijidaohxl.top&v=3&bsl=8&pac=2&u_his=3&u_tz=0&dt=1751676131977&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=777636663&rurl=http%3A%2F%2Fww1.suijidaohxl.top%2F%3Fusid%3D103%26utid%3D5d3a973edf2765a6a7f94bd7c0c88403&referer=http%3A%2F%2Fcgezhdrsjj.suijidaohxl.top%2F
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint07:28:33:EB:3C:B1:2D:1A:28:D5:4E:6B:B2:5F:42:2F:BE:38:52:3C
ValidityTue, 17 Jun 2025 20:05:02 GMT - Tue, 09 Sep 2025 20:05:01 GMT

File type
JavaScript source, ASCII text, with very long lines (1888)
Size
143 kB (143301 bytes)
Hash
a5bac31d02a1509036c4a7d79a220c1f
4133b18a0f73117a6a96153828fc35b4cc7e528d
901c464816884ac74e5ec9ec9efe6a68d4be4f41c83d667ffea16a0eed838d77

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 05 Jul 2025 00:42:12 GMT
expires: Sat, 05 Jul 2025 00:42:12 GMT
cache-control: private, max-age=3600
etag: "5741767530888123831"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2

142.250.178.97

200 OK

391 B

URL GET
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
IP
142.250.178.97:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C23197244&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.suijidaohxl.top%2Fcaf%2F%3Fses%3DY3JlPTE3NTE2NzYxMzEmdGNpZD13dzEuc3VpamlkYW9oeGwudG9wNjg2ODc0ZTNhNTNhMzkuNTExMDE2OTEmdGFzaz1zZWFyY2gmZG9tYWluPXN1aWppZGFvaHhsLnRvcCZhX2lkPTMmc2Vzc2lvbj0ydmJDdnpqUUVyTDc3WEVJS2VKZg%3D%3D&type=3&swp=as-drid-2795522040535628&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=8131751676131965&num=0&output=afd_ads&domain_name=ww1.suijidaohxl.top&v=3&bsl=8&pac=2&u_his=3&u_tz=0&dt=1751676131977&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=777636663&rurl=http%3A%2F%2Fww1.suijidaohxl.top%2F%3Fusid%3D103%26utid%3D5d3a973edf2765a6a7f94bd7c0c88403&referer=http%3A%2F%2Fcgezhdrsjj.suijidaohxl.top%2F
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint39:FC:E7:28:9A:8F:58:7E:70:05:B9:86:63:50:61:EF:4B:9F:AB:40
ValidityTue, 17 Jun 2025 20:02:54 GMT - Tue, 09 Sep 2025 20:02:53 GMT

File type
SVG Scalable Vector Graphics image
Size
391 B (391 bytes)
Hash
a6ad6e65373db8c1b1f154c4c83f8ce5
84cc007d6d682c589e1e1f87482a5278830f3000
920a378947204498c122722933b3a4b67788a2b6fade8bd0d47cf830eeee0563

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Jul 2025 15:21:50 GMT
expires: Sat, 05 Jul 2025 14:21:50 GMT
cache-control: public, max-age=82800
age: 33622
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cgezhdrsjj.suijidaohxl.top/

172.237.146.25

200 OK

4.4 kB

URL User Request GET
cgezhdrsjj.suijidaohxl.top/
IP
172.237.146.25:80
ASN
#20940 Akamai International B.V.

File type
JavaScript source, ASCII text, with very long lines (4418), with no line terminators
Size
4.4 kB (4418 bytes)
Hash
329383d10735e30725d89ce7ce09437c
e1fcd1f97414925a99482dae7da7c2873fd006e9
dc80620fe9a8d8868cc4fc28772e2fdb4d61c4b9d8863939b9b0112c26583cc1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET / HTTP/1.1
Host: cgezhdrsjj.suijidaohxl.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 05 Jul 2025 00:42:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-CH: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
Permissions-Policy: ch-ua=(self "https://*.parklogic.com"), ch-ua-arch=(self "https://*.parklogic.com"), ch-ua-bitness=(self "https://*.parklogic.com"), ch-ua-full-version=(self "https://*.parklogic.com"), ch-ua-full-version-list=(self "https://*.parklogic.com"), ch-ua-mobile=(self "https://*.parklogic.com"), ch-ua-model=(self "https://*.parklogic.com"), ch-ua-platform=(self "https://*.parklogic.com"), ch-ua-platform-version=(self "https://*.parklogic.com"), ch-ua-wow64=(self "https://*.parklogic.com")
Content-Encoding: gzip

POST router.parklogic.com/

172.234.216.100

200 OK

74 B

URL POST
router.parklogic.com/
IP
172.234.216.100:443
ASN
#63949 Akamai Connected Cloud

Requested by
http://cgezhdrsjj.suijidaohxl.top/
Certificate
IssuerLet's Encrypt
Subjectrouter-lb01.parklogic.com
Fingerprint85:E3:F4:EB:CD:63:9B:0A:3D:3A:5F:C3:4A:6C:65:01:DB:CA:C3:9C
ValiditySat, 28 Jun 2025 21:31:25 GMT - Fri, 26 Sep 2025 21:31:24 GMT

File type
ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
f32c344ebde98e517a878c00098cc998
6666138231f6d1a14b87473f749e2670db51948e
e59a5c002f1ff8de7dc05b47aa47f46ef7d27e71a0d5de32a64ebbadbfc3dc97

HTTP Headers

POST / HTTP/1.1
Host: router.parklogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 445
Origin: http://cgezhdrsjj.suijidaohxl.top
DNT: 1
Connection: keep-alive
Referer: http://cgezhdrsjj.suijidaohxl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 05 Jul 2025 00:42:11 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET syndicatedsearch.goog/afs/ads/i/iframe.html

216.58.207.238

200 OK

1.6 kB

URL GET
syndicatedsearch.goog/afs/ads/i/iframe.html
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint07:28:33:EB:3C:B1:2D:1A:28:D5:4E:6B:B2:5F:42:2F:BE:38:52:3C
ValidityTue, 17 Jun 2025 20:05:02 GMT - Tue, 09 Sep 2025 20:05:01 GMT

File type
HTML document, ASCII text, with very long lines (1559)
Size
1.6 kB (1560 bytes)
Hash
c199804352e993038b0fa2c8dc8b9c5b
0d6e8a20c591aef842e6c569a38749eca75c3616
b31dcb40c075c4dc3c3492ba8b9306a7531a4a3949ff9938b1a12382a4f9f1d5

HTTP Headers

GET /afs/ads/i/iframe.html HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-xbHHzy0RLUu7K2jG3sBLbQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 729
date: Sat, 05 Jul 2025 00:42:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 17 Sep 2024 06:00:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET img.sedoparking.com/templates/logos/sedo_logo.png

205.234.175.175

200 OK

15 kB

URL GET
img.sedoparking.com/templates/logos/sedo_logo.png
IP
205.234.175.175:80
ASN
#30081 CACHENETWORKS

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15086 bytes)
Hash
def00c11b1596db4efee6a9fbe64fc27
bd298981e6d8d7e4ffa18abcf687041f4246672d
95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4

HTTP Headers

GET /templates/logos/sedo_logo.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 05 Jul 2025 00:42:12 GMT
Content-Type: image/png
Content-Length: 15086
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Sat, 12 Jul 2025 00:42:12 GMT
X-CFHash: "def00c11b1596db4efee6a9fbe64fc27"
X-CFF: B
Last-Modified: Mon, 11 Jan 2021 07:44:34 GMT
X-CF3: H
CF4Age: 0
x-cf-tsc: 1735940836
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 1124
X-CF-ReqID: 127351a831bc45297e4053cf0731fce0
X-CF1: 11696:fB.arn1:cf:nom:cacheN.arn1-01:H
Accept-Ranges: bytes

GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.178.97

200 OK

200 B

URL GET
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.178.97:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C23197244&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.suijidaohxl.top%2Fcaf%2F%3Fses%3DY3JlPTE3NTE2NzYxMzEmdGNpZD13dzEuc3VpamlkYW9oeGwudG9wNjg2ODc0ZTNhNTNhMzkuNTExMDE2OTEmdGFzaz1zZWFyY2gmZG9tYWluPXN1aWppZGFvaHhsLnRvcCZhX2lkPTMmc2Vzc2lvbj0ydmJDdnpqUUVyTDc3WEVJS2VKZg%3D%3D&type=3&swp=as-drid-2795522040535628&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=8131751676131965&num=0&output=afd_ads&domain_name=ww1.suijidaohxl.top&v=3&bsl=8&pac=2&u_his=3&u_tz=0&dt=1751676131977&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=777636663&rurl=http%3A%2F%2Fww1.suijidaohxl.top%2F%3Fusid%3D103%26utid%3D5d3a973edf2765a6a7f94bd7c0c88403&referer=http%3A%2F%2Fcgezhdrsjj.suijidaohxl.top%2F
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint39:FC:E7:28:9A:8F:58:7E:70:05:B9:86:63:50:61:EF:4B:9F:AB:40
ValidityTue, 17 Jun 2025 20:02:54 GMT - Tue, 09 Sep 2025 20:02:53 GMT

File type
SVG Scalable Vector Graphics image
Size
200 B (200 bytes)
Hash
11b3089d616633ca6b73b57aa877eeb4
07632f63e06b30d9b63c97177d3a8122629bda9b
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Jul 2025 06:51:06 GMT
expires: Sat, 05 Jul 2025 05:51:06 GMT
cache-control: public, max-age=82800
age: 64266
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=746tp0w5999z&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bs&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=8%7C0%7C470%7C77%7C49&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL GET
syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=746tp0w5999z&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bs&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=8%7C0%7C470%7C77%7C49&lle=0&ifv=1&hpt=0
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint07:28:33:EB:3C:B1:2D:1A:28:D5:4E:6B:B2:5F:42:2F:BE:38:52:3C
ValidityTue, 17 Jun 2025 20:05:02 GMT - Tue, 09 Sep 2025 20:05:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=746tp0w5999z&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bs&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=8%7C0%7C470%7C77%7C49&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-4lGbXDamEdtGJK9rxBSq_g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Sat, 05 Jul 2025 00:42:14 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=vera74jmwg7t&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bv&adbx=392&adby=134.64999389648438&adbh=533&adbw=496&adbah=171%2C171%2C171&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=22%7C0%7C456%7C77%7C49&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL GET
syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=vera74jmwg7t&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bv&adbx=392&adby=134.64999389648438&adbh=533&adbw=496&adbah=171%2C171%2C171&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=22%7C0%7C456%7C77%7C49&lle=0&ifv=1&hpt=0
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint07:28:33:EB:3C:B1:2D:1A:28:D5:4E:6B:B2:5F:42:2F:BE:38:52:3C
ValidityTue, 17 Jun 2025 20:05:02 GMT - Tue, 09 Sep 2025 20:05:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=vera74jmwg7t&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bv&adbx=392&adby=134.64999389648438&adbh=533&adbw=496&adbah=171%2C171%2C171&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=22%7C0%7C456%7C77%7C49&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Y3RnsOAn7o-bYje8vDZhdw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Sat, 05 Jul 2025 00:42:14 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET cgezhdrsjj.suijidaohxl.top/

0.0.0.0

0 B

URL User Request GET
cgezhdrsjj.suijidaohxl.top/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET / HTTP/1.1
Host: cgezhdrsjj.suijidaohxl.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET parking3.parklogic.com/page/enhance.js?pcId=1&domain=suijidaohxl.top

172.232.7.47

200 OK

1.6 kB

URL GET
parking3.parklogic.com/page/enhance.js?pcId=1&domain=suijidaohxl.top
IP
172.232.7.47:443
ASN
#63949 Akamai Connected Cloud

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
Certificate
IssuerLet's Encrypt
Subjectenhance-lb01.parklogic.com
Fingerprint45:DF:3D:16:4B:13:1A:15:46:7A:16:A0:08:03:74:14:6C:2F:8C:1A
ValidityFri, 30 May 2025 10:02:59 GMT - Thu, 28 Aug 2025 10:02:58 GMT

File type
JavaScript source, ASCII text
Size
1.6 kB (1564 bytes)
Hash
90d08ced48eaffc65c8e1211f848ed34
b4227afe297d0d6464ff236c6e64205304ee63d1
6b50065ddd1b5e3c2af500cb9fdd3d3c0aa0b797370b9fed27e88e1143cc8d8e

HTTP Headers

GET /page/enhance.js?pcId=1&domain=suijidaohxl.top HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 05 Jul 2025 00:42:12 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true

142.250.178.68

200 OK

143 kB

URL GET
www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true
IP
142.250.178.68:80
ASN
#15169 GOOGLE

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403

File type
JavaScript source, ASCII text, with very long lines (1888)
Size
143 kB (143303 bytes)
Hash
0197d9b18b4a512cc6d41517ee6e2e22
60738f913186179f32238464fdf475ef2b3a8449
943d97c8e8f2ecd0d831401a971f6734760fcfdac07f446aa362535e750e6aee

HTTP Headers

GET /adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 05 Jul 2025 00:42:11 GMT
Expires: Sat, 05 Jul 2025 00:42:11 GMT
Cache-Control: private, max-age=3600
ETag: "6877394312270975167"
X-Content-Type-Options: nosniff
Link: <https://syndicatedsearch.goog>; rel="preconnect"
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

GET syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C23197244&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.suijidaohxl.top%2Fcaf%2F%3Fses%3DY3JlPTE3NTE2NzYxMzEmdGNpZD13dzEuc3VpamlkYW9oeGwudG9wNjg2ODc0ZTNhNTNhMzkuNTExMDE2OTEmdGFzaz1zZWFyY2gmZG9tYWluPXN1aWppZGFvaHhsLnRvcCZhX2lkPTMmc2Vzc2lvbj0ydmJDdnpqUUVyTDc3WEVJS2VKZg%3D%3D&type=3&swp=as-drid-2795522040535628&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=8131751676131965&num=0&output=afd_ads&domain_name=ww1.suijidaohxl.top&v=3&bsl=8&pac=2&u_his=3&u_tz=0&dt=1751676131977&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=777636663&rurl=http%3A%2F%2Fww1.suijidaohxl.top%2F%3Fusid%3D103%26utid%3D5d3a973edf2765a6a7f94bd7c0c88403&referer=http%3A%2F%2Fcgezhdrsjj.suijidaohxl.top%2F

216.58.207.238

200 OK

14 kB

URL GET
syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C23197244&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.suijidaohxl.top%2Fcaf%2F%3Fses%3DY3JlPTE3NTE2NzYxMzEmdGNpZD13dzEuc3VpamlkYW9oeGwudG9wNjg2ODc0ZTNhNTNhMzkuNTExMDE2OTEmdGFzaz1zZWFyY2gmZG9tYWluPXN1aWppZGFvaHhsLnRvcCZhX2lkPTMmc2Vzc2lvbj0ydmJDdnpqUUVyTDc3WEVJS2VKZg%3D%3D&type=3&swp=as-drid-2795522040535628&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=8131751676131965&num=0&output=afd_ads&domain_name=ww1.suijidaohxl.top&v=3&bsl=8&pac=2&u_his=3&u_tz=0&dt=1751676131977&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=777636663&rurl=http%3A%2F%2Fww1.suijidaohxl.top%2F%3Fusid%3D103%26utid%3D5d3a973edf2765a6a7f94bd7c0c88403&referer=http%3A%2F%2Fcgezhdrsjj.suijidaohxl.top%2F
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint07:28:33:EB:3C:B1:2D:1A:28:D5:4E:6B:B2:5F:42:2F:BE:38:52:3C
ValidityTue, 17 Jun 2025 20:05:02 GMT - Tue, 09 Sep 2025 20:05:01 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (13736)
Size
14 kB (14482 bytes)
Hash
1ccb86dcbe18d4e2fb72e2e9535d5d8a
14f7a1ff405fdb9367a680bf1607083b5195fb90
913eca087cf060649eb4f81923f31e2cb1801965ab7b7cb8d498f9d6fdcb2616

HTTP Headers

GET /afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C23197244&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.suijidaohxl.top%2Fcaf%2F%3Fses%3DY3JlPTE3NTE2NzYxMzEmdGNpZD13dzEuc3VpamlkYW9oeGwudG9wNjg2ODc0ZTNhNTNhMzkuNTExMDE2OTEmdGFzaz1zZWFyY2gmZG9tYWluPXN1aWppZGFvaHhsLnRvcCZhX2lkPTMmc2Vzc2lvbj0ydmJDdnpqUUVyTDc3WEVJS2VKZg%3D%3D&type=3&swp=as-drid-2795522040535628&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=8131751676131965&num=0&output=afd_ads&domain_name=ww1.suijidaohxl.top&v=3&bsl=8&pac=2&u_his=3&u_tz=0&dt=1751676131977&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=777636663&rurl=http%3A%2F%2Fww1.suijidaohxl.top%2F%3Fusid%3D103%26utid%3D5d3a973edf2765a6a7f94bd7c0c88403&referer=http%3A%2F%2Fcgezhdrsjj.suijidaohxl.top%2F HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 05 Jul 2025 00:42:12 GMT
expires: Sat, 05 Jul 2025 00:42:12 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-plUxRwe753oO2kYGyuj0tQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 3049
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET ww1.suijidaohxl.top/search/tsc.php?ses=ogcnJl8vri3jQumF9AqknWrVjZjACB9vNbVma0xFrZVE9g7jkfFzUg8roLFuTHqeZfivTWX4nP_Qz6K4HBMtinuCGZGmHaMDHFlYh-5vk9R9I1EFVGNAEqIIWGI-k8O-V6DifoKtJePdo8Wx_C_SFUgDfJQd1LBCsL2cfnQCAWrWgphZlnYpjatsgd-W359Ww9HZ4aJtv9zknpKc3yXSeQO16ZwrJAE8VnDx0dOKxNdT9oAShFF0kdGTITZDnhrPDp1FVm9bQjo8ZEELF7ZJVEIlHZAmt4-M8xremZpPhFIGSzSBuucOjLqBUKUUlmLMJ7h-pS_KH7rwAmJpMu9BN8atY29HoSaEhnFdR1rXMTavIPmVISfansM-3bEJQ&cv=2

64.190.63.136

200 OK

0 B

URL GET
ww1.suijidaohxl.top/search/tsc.php?ses=ogcnJl8vri3jQumF9AqknWrVjZjACB9vNbVma0xFrZVE9g7jkfFzUg8roLFuTHqeZfivTWX4nP_Qz6K4HBMtinuCGZGmHaMDHFlYh-5vk9R9I1EFVGNAEqIIWGI-k8O-V6DifoKtJePdo8Wx_C_SFUgDfJQd1LBCsL2cfnQCAWrWgphZlnYpjatsgd-W359Ww9HZ4aJtv9zknpKc3yXSeQO16ZwrJAE8VnDx0dOKxNdT9oAShFF0kdGTITZDnhrPDp1FVm9bQjo8ZEELF7ZJVEIlHZAmt4-M8xremZpPhFIGSzSBuucOjLqBUKUUlmLMJ7h-pS_KH7rwAmJpMu9BN8atY29HoSaEhnFdR1rXMTavIPmVISfansM-3bEJQ&cv=2
IP
64.190.63.136:80
ASN
#47846 SEDO GmbH

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /search/tsc.php?ses=ogcnJl8vri3jQumF9AqknWrVjZjACB9vNbVma0xFrZVE9g7jkfFzUg8roLFuTHqeZfivTWX4nP_Qz6K4HBMtinuCGZGmHaMDHFlYh-5vk9R9I1EFVGNAEqIIWGI-k8O-V6DifoKtJePdo8Wx_C_SFUgDfJQd1LBCsL2cfnQCAWrWgphZlnYpjatsgd-W359Ww9HZ4aJtv9zknpKc3yXSeQO16ZwrJAE8VnDx0dOKxNdT9oAShFF0kdGTITZDnhrPDp1FVm9bQjo8ZEELF7ZJVEIlHZAmt4-M8xremZpPhFIGSzSBuucOjLqBUKUUlmLMJ7h-pS_KH7rwAmJpMu9BN8atY29HoSaEhnFdR1rXMTavIPmVISfansM-3bEJQ&cv=2 HTTP/1.1
Host: ww1.suijidaohxl.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Sat, 05 Jul 2025 00:42:12 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-cache-miss-from: parking-5b56c79c57-q9dxb
server: Parking/1.0

GET syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=ej4g429cqocv&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bs&adbx=392&adby=134.64999389648438&adbh=533&adbw=496&adbah=171%2C171%2C171&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=22%7C0%7C456%7C77%7C49&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL GET
syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=ej4g429cqocv&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bs&adbx=392&adby=134.64999389648438&adbh=533&adbw=496&adbah=171%2C171%2C171&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=22%7C0%7C456%7C77%7C49&lle=0&ifv=1&hpt=0
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
http://ww1.suijidaohxl.top/?usid=103&utid=5d3a973edf2765a6a7f94bd7c0c88403
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint07:28:33:EB:3C:B1:2D:1A:28:D5:4E:6B:B2:5F:42:2F:BE:38:52:3C
ValidityTue, 17 Jun 2025 20:05:02 GMT - Tue, 09 Sep 2025 20:05:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=ej4g429cqocv&cd_fexp=72717108&aqid=5HRoaK3WDcqbjuwPt4PAwAw&psid=3259787283&pbt=bs&adbx=392&adby=134.64999389648438&adbh=533&adbw=496&adbah=171%2C171%2C171&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=777636663&csala=22%7C0%7C456%7C77%7C49&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.suijidaohxl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-SoKUSH6qH0HrJZfDVl9UWw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Sat, 05 Jul 2025 00:42:14 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (20)

URL User Request GET

IP

ASN

File type