Report - securityhealthsetup.zip

Report Overview

Visited public
2025-04-11 00:54:11
Tags
URL
securityhealthsetup.zip
Finishing URL
ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
IP / ASN
103.224.182.210
#133618 Trellian Pty. Limited
Title
securityhealthsetup.zip

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ww25.securityhealthsetup.zip	unknown	2024-06-12	2024-07-03	2025-02-04	2.4 kB	44 kB	199.59.243.228
syndicatedsearch.goog	unknown	2023-04-14	2023-09-25	2025-04-09	3.3 kB	161 kB	216.58.207.238
securityhealthsetup.zip	unknown	2024-06-12	2024-10-30	2024-11-30	900 B	1.5 kB	0.0.0.0
www.google.com	7	1997-09-15	2015-05-10	2025-04-09	455 B	145 kB	142.250.178.36
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2025-04-09	1.0 kB	2.0 kB	142.250.178.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-11 00:53:49	low	Client IP	103.224.182.210	ET INFO HTTP Request to a *.zip Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	syndicatedsearch.goog/adsense/domains/caf.js	ScriptElement	144 kB	2025-04-08	2025-04-17
Pretty URL syndicatedsearch.goog/adsense/domains/caf.js IP 216.58.207.238 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-08 18:44 Last Seen2025-04-17 13:05 Times Seen653 Hash f267cc78e0c1cc8d90841eda54c2e5de 8d704a7f3d8ce8f9fa04477fc29d917111a081c4 34b1ae29f010cbe8b62ef562af04f6b86924f4747ddaedc3ea2ce4a8dc948f6c Loading...

	ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b	ScriptElement	453 B	2025-04-11	2025-04-11
Pretty URL ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b IP 199.59.243.228 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-11 00:54 Last Seen2025-04-11 00:54 Times Seen1 Hash 608a9e60c5561eadfec141ac3ab9b32d 724221f20cf2d05c029a7e3078d8560919b53d91 df9a3d2e52a5c8364f264d94095abfc454f5c6d262bec2db860fe734d8688a91 Loading...

	ww25.securityhealthsetup.zip/bNZXdlkxs.js	ScriptElement	36 kB	2025-04-09	2025-04-15
Pretty URL ww25.securityhealthsetup.zip/bNZXdlkxs.js IP 199.59.243.228 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 20:33 Last Seen2025-04-15 11:02 Times Seen53 Hash 8dfe4431aa4fcd959f5be19347251c61 b497dc70b2c757b2ea61ecd5f9bba57a9668a215 a29f00644f70e058e413930d0aefcdfb834333ef54a072475f724f2e687e230e Loading...

	www.google.com/adsense/domains/caf.js?abp=1&bodis=true	ScriptElement	144 kB	2025-04-10	2025-04-18
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP 142.250.178.36 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-10 12:16 Last Seen2025-04-18 12:53 Times Seen685 Hash 794c67103253d5aad23d6a19cfd9aa74 43db340ba686f111750df671b2f1566546b12fc4 3c59ed7b8ccc7fcb011f425a9db3450b0302af351d26aab6130b7d6b838aadfc Loading...

	syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol100%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250411-1053-49f1-8f10-30d4f7d5919b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2589285024539458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=2311744332831100&num=0&output=afd_ads&domain_name=ww25.securityhealthsetup.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744332831103&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=744711979&rurl=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fsubid1%3D20250411-1053-49f1-8f10-30d4f7d5919b	ScriptElement	584 B	2025-04-11	2025-04-11
Pretty URL syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol100%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250411-1053-49f1-8f10-30d4f7d5919b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2589285024539458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=2311744332831100&num=0&output=afd_ads&domain_name=ww25.securityhealthsetup.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744332831103&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=744711979&rurl=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fsubid1%3D20250411-1053-49f1-8f10-30d4f7d5919b IP 216.58.207.238 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-11 00:54 Last Seen2025-04-11 00:54 Times Seen1 Hash 81ce9b8c47c334d3317d8abc46b7db07 e035bf0581bf2a9d4fe92822a58af7b80faba3f4 1859210749baacea8912a02a75b753eff6bbd48f8d9453c67c47ae85b865dfe5 Loading...

HTTP Transactions (13)

URL IP Response Size

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.178.97

200 OK

200 B

URL GET
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.178.97:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol100%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250411-1053-49f1-8f10-30d4f7d5919b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2589285024539458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=2311744332831100&num=0&output=afd_ads&domain_name=ww25.securityhealthsetup.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744332831103&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=744711979&rurl=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fsubid1%3D20250411-1053-49f1-8f10-30d4f7d5919b
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint85:BF:6A:5F:09:9C:AA:F5:8D:3B:2E:65:D1:16:4F:7F:03:2D:A8:DD
ValidityThu, 20 Mar 2025 11:19:41 GMT - Thu, 12 Jun 2025 11:19:40 GMT

File type
SVG Scalable Vector Graphics image
Size
200 B (200 bytes)
Hash
11b3089d616633ca6b73b57aa877eeb4
07632f63e06b30d9b63c97177d3a8122629bda9b
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Apr 2025 20:23:32 GMT
expires: Fri, 11 Apr 2025 19:23:32 GMT
cache-control: public, max-age=82800
age: 16219
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ww25.securityhealthsetup.zip/bNZXdlkxs.js

199.59.243.228

200 OK

36 kB

URL GET
ww25.securityhealthsetup.zip/bNZXdlkxs.js
IP
199.59.243.228:443
ASN
#16509 AMAZON-02

Requested by
https://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
Certificate
IssuerLet's Encrypt
Subjectww25.securityhealthsetup.zip
FingerprintE5:6D:6F:D6:FB:83:FB:05:1F:2E:22:32:A3:3C:F2:34:F8:BE:3B:E8
ValidityTue, 28 Jan 2025 07:27:44 GMT - Mon, 28 Apr 2025 07:27:43 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (36489)
Size
36 kB (36492 bytes)
Hash
8dfe4431aa4fcd959f5be19347251c61
b497dc70b2c757b2ea61ecd5f9bba57a9668a215
a29f00644f70e058e413930d0aefcdfb834333ef54a072475f724f2e687e230e

HTTP Headers

GET /bNZXdlkxs.js HTTP/1.1
Host: ww25.securityhealthsetup.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
Cookie: parking_session=081b3f9e-c396-4aaf-9b80-2c8f95460e66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 11 Apr 2025 00:53:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 36492
X-Request-Id: 6353dda1-0fd0-47d8-a57b-4d5614b62f36
Set-Cookie: parking_session=081b3f9e-c396-4aaf-9b80-2c8f95460e66; expires=Fri, 11 Apr 2025 01:08:50 GMT
Connection: close

syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol100%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250411-1053-49f1-8f10-30d4f7d5919b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2589285024539458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=2311744332831100&num=0&output=afd_ads&domain_name=ww25.securityhealthsetup.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744332831103&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=744711979&rurl=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fsubid1%3D20250411-1053-49f1-8f10-30d4f7d5919b

216.58.207.238

200 OK

14 kB

URL GET
syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol100%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250411-1053-49f1-8f10-30d4f7d5919b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2589285024539458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=2311744332831100&num=0&output=afd_ads&domain_name=ww25.securityhealthsetup.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744332831103&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=744711979&rurl=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fsubid1%3D20250411-1053-49f1-8f10-30d4f7d5919b
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41
ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (13286)
Size
14 kB (13816 bytes)
Hash
21edd066217d82f298390486c54883d2
909e7d4676bc1a89f1b06931cb95372111d98c36
886cb8f3c3453aea8622fd6965679043aa8d36856227756b3d2db470a53f9261

HTTP Headers

GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol100%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250411-1053-49f1-8f10-30d4f7d5919b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2589285024539458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=2311744332831100&num=0&output=afd_ads&domain_name=ww25.securityhealthsetup.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744332831103&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=744711979&rurl=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fsubid1%3D20250411-1053-49f1-8f10-30d4f7d5919b HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.securityhealthsetup.zip/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Fri, 11 Apr 2025 00:53:51 GMT
expires: Fri, 11 Apr 2025 00:53:51 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zjPXVsy93Tb_0NDEoUrpzg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2795
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=k02i5nnixgkr&cd_fexp=72717108&aqid=H2j4Z6edEsG4iM0Pr7edgQs&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=744711979&csala=7%7C0%7C449%7C77%7C16&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL GET
syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=k02i5nnixgkr&cd_fexp=72717108&aqid=H2j4Z6edEsG4iM0Pr7edgQs&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=744711979&csala=7%7C0%7C449%7C77%7C16&lle=0&ifv=1&hpt=0
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41
ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=k02i5nnixgkr&cd_fexp=72717108&aqid=H2j4Z6edEsG4iM0Pr7edgQs&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=744711979&csala=7%7C0%7C449%7C77%7C16&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.securityhealthsetup.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
x-content-security-policy-report-only: default-src https: data:; options eval-script inline-script; report-uri /csp_report; referrer origin
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_bkoTw7rWZ0Upf5FLcuXzA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Fri, 11 Apr 2025 00:53:53 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

securityhealthsetup.zip/

0.0.0.0

0 B

URL User Request GET
securityhealthsetup.zip/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET / HTTP/1.1
Host: securityhealthsetup.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.google.com/adsense/domains/caf.js?abp=1&bodis=true

142.250.178.36

200 OK

144 kB

URL GET
www.google.com/adsense/domains/caf.js?abp=1&bodis=true
IP
142.250.178.36:443
ASN
#15169 GOOGLE

Requested by
https://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint40:5C:81:99:DA:01:36:FE:E4:60:2B:67:51:3D:C2:62:8D:9A:38:47
ValidityThu, 20 Mar 2025 11:20:31 GMT - Thu, 12 Jun 2025 11:20:30 GMT

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
144 kB (144072 bytes)
Hash
794c67103253d5aad23d6a19cfd9aa74
43db340ba686f111750df671b2f1566546b12fc4
3c59ed7b8ccc7fcb011f425a9db3450b0302af351d26aab6130b7d6b838aadfc

HTTP Headers

GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.securityhealthsetup.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 11 Apr 2025 00:53:50 GMT
expires: Fri, 11 Apr 2025 00:53:50 GMT
cache-control: private, max-age=3600
etag: "13794752104379595604"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b

142.250.178.97

200 OK

200 B

URL GET
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
IP
142.250.178.97:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol100%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250411-1053-49f1-8f10-30d4f7d5919b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2589285024539458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=2311744332831100&num=0&output=afd_ads&domain_name=ww25.securityhealthsetup.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744332831103&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=744711979&rurl=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fsubid1%3D20250411-1053-49f1-8f10-30d4f7d5919b
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint85:BF:6A:5F:09:9C:AA:F5:8D:3B:2E:65:D1:16:4F:7F:03:2D:A8:DD
ValidityThu, 20 Mar 2025 11:19:41 GMT - Thu, 12 Jun 2025 11:19:40 GMT

File type
SVG Scalable Vector Graphics image
Size
200 B (200 bytes)
Hash
d47125b2ba92be53dcff07ba322ce1de
e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Apr 2025 21:33:54 GMT
expires: Fri, 11 Apr 2025 20:33:54 GMT
cache-control: public, max-age=82800
age: 11997
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ww25.securityhealthsetup.zip/_tr

199.59.243.228

200 OK

2 B

URL POST
ww25.securityhealthsetup.zip/_tr
IP
199.59.243.228:443
ASN
#16509 AMAZON-02

Requested by
https://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
Certificate
IssuerLet's Encrypt
Subjectww25.securityhealthsetup.zip
FingerprintE5:6D:6F:D6:FB:83:FB:05:1F:2E:22:32:A3:3C:F2:34:F8:BE:3B:E8
ValidityTue, 28 Jan 2025 07:27:44 GMT - Mon, 28 Apr 2025 07:27:43 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /_tr HTTP/1.1
Host: ww25.securityhealthsetup.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
Content-Type: application/json
Content-Length: 2045
Origin: https://ww25.securityhealthsetup.zip
DNT: 1
Connection: keep-alive
Cookie: parking_session=081b3f9e-c396-4aaf-9b80-2c8f95460e66
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 11 Apr 2025 00:53:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
X-Request-Id: 5c339b3d-7153-4048-b920-0064c2a9a7b9
Set-Cookie: parking_session=081b3f9e-c396-4aaf-9b80-2c8f95460e66; expires=Fri, 11 Apr 2025 01:08:51 GMT
Connection: close

syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=rbunt6e2hice&cd_fexp=72717108&aqid=H2j4Z6edEsG4iM0Pr7edgQs&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=744711979&csala=7%7C0%7C449%7C77%7C16&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL GET
syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=rbunt6e2hice&cd_fexp=72717108&aqid=H2j4Z6edEsG4iM0Pr7edgQs&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=744711979&csala=7%7C0%7C449%7C77%7C16&lle=0&ifv=1&hpt=0
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41
ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=rbunt6e2hice&cd_fexp=72717108&aqid=H2j4Z6edEsG4iM0Pr7edgQs&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=744711979&csala=7%7C0%7C449%7C77%7C16&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.securityhealthsetup.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Rmx6-nGVOeyZX9quQdWSdA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Fri, 11 Apr 2025 00:53:53 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

securityhealthsetup.zip/

103.224.182.210

302 Found

1.2 kB

URL User Request GET
securityhealthsetup.zip/
IP
103.224.182.210:80
ASN
#133618 Trellian Pty. Limited

File type

Size
1.2 kB (1202 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET / HTTP/1.1
Host: securityhealthsetup.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
date: Fri, 11 Apr 2025 00:53:49 GMT
server: Apache
set-cookie: __tad=1744332829.1180974; expires=Mon, 09-Apr-2035 00:53:49 GMT; Max-Age=315360000
location: http://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
content-length: 2
content-type: text/html; charset=UTF-8
connection: close

ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b

199.59.243.228

200 OK

1.2 kB

URL User Request GET
ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
IP
199.59.243.228:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectww25.securityhealthsetup.zip
FingerprintE5:6D:6F:D6:FB:83:FB:05:1F:2E:22:32:A3:3C:F2:34:F8:BE:3B:E8
ValidityTue, 28 Jan 2025 07:27:44 GMT - Mon, 28 Apr 2025 07:27:43 GMT

File type
HTML document, ASCII text, with very long lines (470)
Size
1.2 kB (1202 bytes)
Hash
e6be218a641b646e59c6613c8ec4b52f
a7abca0d7608e1357ce8fc3627ee9a6c11ffd92a
0a8b2ad3e34998f6e12f0cd755bae349319ee090f47ac4ad10496618489d7e37

HTTP Headers

GET /?subid1=20250411-1053-49f1-8f10-30d4f7d5919b HTTP/1.1
Host: ww25.securityhealthsetup.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 11 Apr 2025 00:53:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1202
X-Request-Id: 081b3f9e-c396-4aaf-9b80-2c8f95460e66
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_evI9xjxz8XT9G/C86P72I6R9Aq4kBx5GJaq2202SQ7NnL+0pJwsTyxXQUSExbSwTxOV+oHrl/KVmuwUmrqq0Xg==
Set-Cookie: parking_session=081b3f9e-c396-4aaf-9b80-2c8f95460e66; expires=Fri, 11 Apr 2025 01:08:50 GMT; path=/
Connection: close

ww25.securityhealthsetup.zip/_fd?subid1=20250411-1053-49f1-8f10-30d4f7d5919b

199.59.243.228

200 OK

5.2 kB

URL POST
ww25.securityhealthsetup.zip/_fd?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
IP
199.59.243.228:443
ASN
#16509 AMAZON-02

Requested by
https://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
Certificate
IssuerLet's Encrypt
Subjectww25.securityhealthsetup.zip
FingerprintE5:6D:6F:D6:FB:83:FB:05:1F:2E:22:32:A3:3C:F2:34:F8:BE:3B:E8
ValidityTue, 28 Jan 2025 07:27:44 GMT - Mon, 28 Apr 2025 07:27:43 GMT

File type
ASCII text, with very long lines (5245), with no line terminators
Size
5.2 kB (5245 bytes)
Hash
813bdea8bedecb4eb9851a2fa4406de8
87e6ebf96ccf6383661487d33552aadb55522c7b
e741428258d7c29791ba417106964a3c64f9118dded649b40c8b71bfee633b86

HTTP Headers

POST /_fd?subid1=20250411-1053-49f1-8f10-30d4f7d5919b HTTP/1.1
Host: ww25.securityhealthsetup.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww25.securityhealthsetup.zip/?subid1=20250411-1053-49f1-8f10-30d4f7d5919b
Content-Type: application/json
Origin: https://ww25.securityhealthsetup.zip
DNT: 1
Connection: keep-alive
Cookie: parking_session=081b3f9e-c396-4aaf-9b80-2c8f95460e66
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
Date: Fri, 11 Apr 2025 00:53:50 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 5245
X-Request-Id: 2f201e34-72a0-4a9c-bc45-a8335290c9ea
Set-Cookie: parking_session=081b3f9e-c396-4aaf-9b80-2c8f95460e66; expires=Fri, 11 Apr 2025 01:08:50 GMT
Connection: close

syndicatedsearch.goog/adsense/domains/caf.js

216.58.207.238

200 OK

144 kB

URL GET
syndicatedsearch.goog/adsense/domains/caf.js
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol100%2Cpid-bodis-gcontrol403%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250411-1053-49f1-8f10-30d4f7d5919b&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2589285024539458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=2311744332831100&num=0&output=afd_ads&domain_name=ww25.securityhealthsetup.zip&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1744332831103&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=744711979&rurl=https%3A%2F%2Fww25.securityhealthsetup.zip%2F%3Fsubid1%3D20250411-1053-49f1-8f10-30d4f7d5919b
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint40:28:84:65:00:64:ED:A3:1A:C2:1B:45:AA:96:A6:16:CA:BD:37:41
ValidityThu, 20 Mar 2025 11:21:50 GMT - Thu, 12 Jun 2025 11:21:49 GMT

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
144 kB (144079 bytes)
Hash
f267cc78e0c1cc8d90841eda54c2e5de
8d704a7f3d8ce8f9fa04477fc29d917111a081c4
34b1ae29f010cbe8b62ef562af04f6b86924f4747ddaedc3ea2ce4a8dc948f6c

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 11 Apr 2025 00:53:51 GMT
expires: Fri, 11 Apr 2025 00:53:51 GMT
cache-control: private, max-age=3600
etag: "16637348433415361788"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate