Report - ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde

Report Overview

Visited public
2023-12-04 21:44:43
Tags
Submit Tags
URL
ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde
Finishing URL
ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde
IP / ASN
199.59.243.225
#16509 AMAZON-02
Title
Ibc4d.cc

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ww25.ibc4d.cc	unknown	unknown	No data	No data	2.0 kB	38 kB	199.59.243.225
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	3.5 kB	117 kB	142.250.74.100
afs.googleusercontent.com	12123	2008-11-17	2013-05-06 21:11:00	2023-12-04 05:11:59	1.0 kB	2.1 kB	142.250.74.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-04 21:44:31	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-04 21:44:31	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	www.google.com/adsense/domains/caf.js	ScriptElement	150 kB	2023-11-09	2024-08-20
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-09 14:10 Last Seen2024-08-20 20:17 Times Seen2217 Hash 8a76c49bbeb49fa874cb415fe2b10d0c 76de9796dbe01e64d77fccd00d0b19cf382493b8 a1f85a8b9c0ae7e01a01780b44c447ebbadb5d856c6ff826e2cd9fe19f15135f Loading...

	www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol486&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.ibc4d.cc%3Fcaf%26subid1%3D20231205-0844-068f-b6a8-844c5e0e6bde&terms=slot%20gacor&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r3&nocache=8271701726272714&num=0&output=afd_ads&domain_name=ww25.ibc4d.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701726272715&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww25.ibc4d.cc%2F%3Fsubid1%3D20231205-0844-068f-b6a8-844c5e0e6bde	ScriptElement	659 B	2024-08-20	2024-08-20
Pretty URL www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol486&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.ibc4d.cc%3Fcaf%26subid1%3D20231205-0844-068f-b6a8-844c5e0e6bde&terms=slot%20gacor&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r3&nocache=8271701726272714&num=0&output=afd_ads&domain_name=ww25.ibc4d.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701726272715&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww25.ibc4d.cc%2F%3Fsubid1%3D20231205-0844-068f-b6a8-844c5e0e6bde IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:46 Last Seen2024-08-20 16:46 Times Seen1 Hash 87656122d7267adbe9dc093bc39dfd13 bddd783a929a786c1c233236487c7e14d80d4cc5 838bc2f5e07fc244b8750de221e70e4c135945980d3f743d1797a748eac9f6e2 Loading...

	www.google.com/adsense/domains/caf.js	ScriptElement	150 kB	2023-11-08	2024-08-20
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 15:49 Last Seen2024-08-20 20:24 Times Seen502 Hash f042887909710712d03d43beea6c947b 71d780acc2e3f4fbc27ad9cb928cd86c9504a336 616e207f56a08512d063276aca47feb1f2e34a9b1890fe7eb104c04bdf022508 Loading...

	ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde	ScriptElement	415 B	2024-08-20	2024-08-20
Pretty URL ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde IP 199.59.243.225 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:46 Last Seen2024-08-20 16:46 Times Seen1 Hash 2dda025d7ff9bf5f1777c84d99d02567 88a0e7a92529fa48a4075a610fda1970c3c98833 682d9148ed022abea761e72fd83d7ef526171de60fa5db60edbc9f3e7f4022ab Loading...

	ww25.ibc4d.cc/bzzjTPIUE.js	ScriptElement	32 kB	2023-11-14	2024-08-20
Pretty URL ww25.ibc4d.cc/bzzjTPIUE.js IP 199.59.243.225 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 16:51 Last Seen2024-08-20 19:38 Times Seen5630 Hash 136bc91b923c115f678c13f3740bf8fa d8044de6e6a8b05f087f9fb73545d5b2e9666d61 46e2c2af87720b7ae5a86434547bd9bef9ff21fab2956b64bc48f17dc73c63a7 Loading...

HTTP Transactions (11)

	URL	IP	Response	Size
	GET ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde	199.59.243.225		1.1 kB
URL User Request GET ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde IP 199.59.243.225:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430) Size 1.1 kB (1133 bytes) Hash 1f31168ffb1497e4c60c489d831cb44d ea144741bbf8a59d753f18a6529c9c311b8db122 092544a551179d320e1f34e207e24c56f7793cd8c49eadb7184ba68589db1202 HTTP Headers `GET /?subid1=20231205-0844-068f-b6a8-844c5e0e6bde HTTP/1.1 Host: ww25.ibc4d.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK date: Mon, 04 Dec 2023 21:44:26 GMT content-type: text/html; charset=utf-8 content-length: 1133 x-request-id: 1596161a-ceb2-474f-9597-7e9f8f2811d7 cache-control: no-store, max-age=0 accept-ch: sec-ch-prefers-color-scheme critical-ch: sec-ch-prefers-color-scheme vary: sec-ch-prefers-color-scheme x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_xsPAIcnWuUDx/ocDU2j2z1bIX5o/jl6ZGQOGPZBc6I4l14sCb0h34LMxxX3INucOZjHES1S2jO4VXDJ8m3N+5A== set-cookie: parking_session=1596161a-ceb2-474f-9597-7e9f8f2811d7; expires=Mon, 04 Dec 2023 21:59:26 GMT; path=/

	GET ww25.ibc4d.cc/bzzjTPIUE.js	199.59.243.225	200 OK	32 kB
URL GET HTTP/1.1 ww25.ibc4d.cc/bzzjTPIUE.js IP 199.59.243.225:80 ASN #16509 AMAZON-02 Requested by http://ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde File type Unicode text, UTF-8 text, with very long lines (32051) Size 32 kB (32054 bytes) Hash 136bc91b923c115f678c13f3740bf8fa d8044de6e6a8b05f087f9fb73545d5b2e9666d61 46e2c2af87720b7ae5a86434547bd9bef9ff21fab2956b64bc48f17dc73c63a7 HTTP Headers `GET /bzzjTPIUE.js HTTP/1.1 Host: ww25.ibc4d.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde Cookie: parking_session=1596161a-ceb2-474f-9597-7e9f8f2811d7 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK date: Mon, 04 Dec 2023 21:44:25 GMT content-type: application/javascript; charset=utf-8 content-length: 32054 x-request-id: 0916809c-641d-4c8e-ac62-32f09c07c2a3 set-cookie: parking_session=1596161a-ceb2-474f-9597-7e9f8f2811d7; expires=Mon, 04 Dec 2023 21:59:26 GMT`

	POST ww25.ibc4d.cc/_fd?subid1=20231205-0844-068f-b6a8-844c5e0e6bde	199.59.243.225	200 OK	2.5 kB
URL POST HTTP/1.1 ww25.ibc4d.cc/_fd?subid1=20231205-0844-068f-b6a8-844c5e0e6bde IP 199.59.243.225:80 ASN #16509 AMAZON-02 Requested by http://ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde File type ASCII text, with very long lines (4789), with no line terminators Size 2.5 kB (2547 bytes) Hash 9551bd0307398c6ed0b849c4a759f9a8 a95bf8f2b099589b7e3aa51727536a75d556896f b1379352095282e993c0ca4f47d3691754de0f3593bf304919fd750aac25ad32 HTTP Headers POST /_fd?subid1=20231205-0844-068f-b6a8-844c5e0e6bde HTTP/1.1 Host: ww25.ibc4d.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde Content-Type: application/json Origin: http://ww25.ibc4d.cc DNT: 1 Connection: keep-alive Cookie: parking_session=1596161a-ceb2-474f-9597-7e9f8f2811d7 Pragma: no-cache Cache-Control: no-cache Content-Length: 0 `HTTP/1.1 200 OK server: openresty date: Mon, 04 Dec 2023 21:44:26 GMT content-type: text/html; charset=UTF-8 content-encoding: gzip content-length: 2547 x-version: 2.110.4 expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma: no-cache set-cookie: parking_session=1596161a-ceb2-474f-9597-7e9f8f2811d7; expires=Mon, 04 Dec 2023 21:59:26 GMT; Max-Age=900; path=/; httponly`

	GET www.google.com/adsense/domains/caf.js	142.250.74.100	200 OK	55 kB
URL GET HTTP/3 www.google.com/adsense/domains/caf.js IP 142.250.74.100:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol486&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.ibc4d.cc%3Fcaf%26subid1%3D20231205-0844-068f-b6a8-844c5e0e6bde&terms=slot%20gacor&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r3&nocache=8271701726272714&num=0&output=afd_ads&domain_name=ww25.ibc4d.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701726272715&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww25.ibc4d.cc%2F%3Fsubid1%3D20231205-0844-068f-b6a8-844c5e0e6bde Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT File type gzip compressed data, max compression\012- data Size 55 kB (54827 bytes) Hash 1b7103fd76274e7d9e82e1f559b9ad9d 6f17c0e6f2ceb79ea4f779453a03a34aa7db90a5 c9d50779d910d66a9f4be8507eaa528f1f4c4b83e0a6bcb5b7d57a62f9f7c137 HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww25.ibc4d.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Mon, 04 Dec 2023 21:44:26 GMT expires: Mon, 04 Dec 2023 21:44:26 GMT cache-control: private, max-age=3600 etag: "3100330882123301848" x-content-type-options: nosniff link: <https://www.adsensecustomsearchads.com>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol486&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.ibc4d.cc%3Fcaf%26subid1%3D20231205-0844-068f-b6a8-844c5e0e6bde&terms=slot%20gacor&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r3&nocache=8271701726272714&num=0&output=afd_ads&domain_name=ww25.ibc4d.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701726272715&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww25.ibc4d.cc%2F%3Fsubid1%3D20231205-0844-068f-b6a8-844c5e0e6bde	142.250.74.100	200 OK	2.6 kB
URL GET HTTP/3 www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol486&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.ibc4d.cc%3Fcaf%26subid1%3D20231205-0844-068f-b6a8-844c5e0e6bde&terms=slot%20gacor&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r3&nocache=8271701726272714&num=0&output=afd_ads&domain_name=ww25.ibc4d.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701726272715&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww25.ibc4d.cc%2F%3Fsubid1%3D20231205-0844-068f-b6a8-844c5e0e6bde IP 142.250.74.100:443 ASN #15169 GOOGLE Requested by http://ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13094) Size 2.6 kB (2564 bytes) Hash e3b7cd27b0dcb7c88273c48a1fe26c7b c1ee690c5f5c46f40ce215fdbf0706238c18a4ea 9458c3d3b2f93aea96ae0ea050ea7c46c9ee8d29c5b3a705b9c1a3786c313f8e HTTP Headers GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol486&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.ibc4d.cc%3Fcaf%26subid1%3D20231205-0844-068f-b6a8-844c5e0e6bde&terms=slot%20gacor&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r3&nocache=8271701726272714&num=0&output=afd_ads&domain_name=ww25.ibc4d.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701726272715&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww25.ibc4d.cc%2F%3Fsubid1%3D20231205-0844-068f-b6a8-844c5e0e6bde HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww25.ibc4d.cc/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Mon, 04 Dec 2023 21:44:27 GMT expires: Mon, 04 Dec 2023 21:44:27 GMT cache-control: private, max-age=3600 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-hKhtPDOJeXVk0WPiR6Kvpw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-encoding: br server: gws content-length: 2564 x-xss-protection: 0 set-cookie: CONSENT=PENDING+000; expires=Wed, 03-Dec-2025 21:44:27 GMT; path=/; domain=.google.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	POST ww25.ibc4d.cc/_tr	199.59.243.225	200 OK	22 B
URL POST HTTP/1.1 ww25.ibc4d.cc/_tr IP 199.59.243.225:80 ASN #16509 AMAZON-02 Requested by http://ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde File type ASCII text, with no line terminators Size 22 B (22 bytes) Hash 444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df HTTP Headers POST /_tr HTTP/1.1 Host: ww25.ibc4d.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde Content-Type: application/json Content-Length: 1721 Origin: http://ww25.ibc4d.cc DNT: 1 Connection: keep-alive Cookie: parking_session=1596161a-ceb2-474f-9597-7e9f8f2811d7 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK server: openresty date: Mon, 04 Dec 2023 21:44:27 GMT content-type: text/html; charset=UTF-8 content-encoding: gzip content-length: 22 x-version: 2.110.4 expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma: no-cache set-cookie: parking_session=1596161a-ceb2-474f-9597-7e9f8f2811d7; expires=Mon, 04 Dec 2023 21:59:27 GMT; Max-Age=900; path=/; httponly`

	GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff	142.250.74.97	200 OK	278 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol486&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.ibc4d.cc%3Fcaf%26subid1%3D20231205-0844-068f-b6a8-844c5e0e6bde&terms=slot%20gacor&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r3&nocache=8271701726272714&num=0&output=afd_ads&domain_name=ww25.ibc4d.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701726272715&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww25.ibc4d.cc%2F%3Fsubid1%3D20231205-0844-068f-b6a8-844c5e0e6bde Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306) Size 278 B (278 bytes) Hash fe7dd8c3c629cc6e9cd6d3e4d3cbe905 59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18 5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e HTTP Headers `GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 278 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 04 Dec 2023 02:30:27 GMT expires: Tue, 05 Dec 2023 01:30:27 GMT cache-control: public, max-age=82800 age: 69240 last-modified: Tue, 27 Jun 2023 17:28:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET www.google.com/adsense/domains/caf.js	142.250.74.100	200 OK	54 kB
URL GET HTTP/3 www.google.com/adsense/domains/caf.js IP 142.250.74.100:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol486&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.ibc4d.cc%3Fcaf%26subid1%3D20231205-0844-068f-b6a8-844c5e0e6bde&terms=slot%20gacor&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r3&nocache=8271701726272714&num=0&output=afd_ads&domain_name=ww25.ibc4d.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701726272715&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww25.ibc4d.cc%2F%3Fsubid1%3D20231205-0844-068f-b6a8-844c5e0e6bde Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT File type ASCII text, with very long lines (1888) Size 54 kB (54515 bytes) Hash d20b5e07644f1c6868e2ce6cf32abaa7 66adebfdd8693587c4ed1cff1c9eb782ccd29afd 037bf94e96ca193c590f928999b44fec67d9b622caeb378567027ceba1e5370a HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Mon, 04 Dec 2023 21:44:27 GMT expires: Mon, 04 Dec 2023 21:44:27 GMT cache-control: private, max-age=3600 etag: "17475542206741012606" x-content-type-options: nosniff link: <https://www.adsensecustomsearchads.com>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=dglxneipzx67&aqid=O0huZYmFBquExdwPq8OW6A8&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=579967862&csala=8%7C0%7C387%7C92%7C16&lle=0&ifv=1&hpt=0	142.250.74.100	204 No Content	0 B
URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=dglxneipzx67&aqid=O0huZYmFBquExdwPq8OW6A8&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=579967862&csala=8%7C0%7C387%7C92%7C16&lle=0&ifv=1&hpt=0 IP 142.250.74.100:443 ASN #15169 GOOGLE Requested by http://ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=dglxneipzx67&aqid=O0huZYmFBquExdwPq8OW6A8&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=579967862&csala=8%7C0%7C387%7C92%7C16&lle=0&ifv=1&hpt=0 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww25.ibc4d.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-xB_Dt8tM_ewKAe1tWO4oIA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Mon, 04 Dec 2023 21:44:29 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: NID=511=ZYuLwPtOK96mggMzsuoLAOcULI90FmBCD4Q9gUJ5fTPW7Fb1fT5Enif9OqQKUBPAtBMAET3HtS6W3LUiS43CtUCKvLh54s88Q5S0Dn6izoRQH3yMGDm3RFWOMqMGd7GYv3I6aepA5vHHQLTsAfvf-JB2z-yNZxPnsvCs1d-lCcA; expires=Tue, 04-Jun-2024 21:44:29 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+061; expires=Wed, 03-Dec-2025 21:44:29 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=w0xrhqunbi3j&aqid=O0huZYmFBquExdwPq8OW6A8&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=579967862&csala=8%7C0%7C387%7C92%7C16&lle=0&ifv=1&hpt=0	142.250.74.100	204 No Content	0 B
URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=w0xrhqunbi3j&aqid=O0huZYmFBquExdwPq8OW6A8&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=579967862&csala=8%7C0%7C387%7C92%7C16&lle=0&ifv=1&hpt=0 IP 142.250.74.100:443 ASN #15169 GOOGLE Requested by http://ww25.ibc4d.cc/?subid1=20231205-0844-068f-b6a8-844c5e0e6bde Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=w0xrhqunbi3j&aqid=O0huZYmFBquExdwPq8OW6A8&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=579967862&csala=8%7C0%7C387%7C92%7C16&lle=0&ifv=1&hpt=0 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww25.ibc4d.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ZngS7Pfmt_fkJ4Ecuqr6dQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Mon, 04 Dec 2023 21:44:29 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: NID=511=ds6JqmVyQtAsOEOZwBcg34wxkbm60re2JRG8_HysqASa9uckNBWGKlq1txY3gT0Mloq1_1Klt8jZI0WkVxL_UwZOkT4vezwvs613NMib1o0cMzVY_zeLtYLlCDTodqHxCgxEWuruaZNgXTyovGAAEw1XQ86YHZy6H98GDlqbYWU; expires=Tue, 04-Jun-2024 21:44:29 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+660; expires=Wed, 03-Dec-2025 21:44:29 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b	142.250.74.97	200 OK	200 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol486&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.ibc4d.cc%3Fcaf%26subid1%3D20231205-0844-068f-b6a8-844c5e0e6bde&terms=slot%20gacor&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r3&nocache=8271701726272714&num=0&output=afd_ads&domain_name=ww25.ibc4d.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701726272715&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww25.ibc4d.cc%2F%3Fsubid1%3D20231205-0844-068f-b6a8-844c5e0e6bde Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 200 B (200 bytes) Hash e81eb30a6c5589e7f39436e40b400822 ca2513ede010b3db00099335b809ca693c2cd65c 055ae1fef3be182534069c718e2dc0ab07d7464bcc3ded19553da07d37333657 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 04 Dec 2023 07:40:52 GMT expires: Tue, 05 Dec 2023 06:40:52 GMT cache-control: public, max-age=82800 age: 50615 last-modified: Thu, 02 Nov 2023 22:48:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL User Request GET

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL POST HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash