Report - ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529

Report Overview

Visited public
2024-12-12 12:40:41
Tags
URL
ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Finishing URL
ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
IP / ASN
199.59.243.227
#16509 AMAZON-02
Title
przvgke.biz

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2024-12-11	991 B	2.1 kB	142.250.74.97
parking3.parklogic.com	unknown	2007-02-28	2023-05-10	2024-12-11	1.0 kB	2.7 kB	170.187.143.93
www.google.com	7	1997-09-15	2015-05-10	2024-12-11	430 B	148 kB	142.250.74.164
ww7.przvgke.biz	unknown	2022-01-11	2024-02-21	2024-12-08	2.2 kB	44 kB	199.59.243.227
syndicatedsearch.goog	unknown	2023-04-14	2023-09-25	2024-12-11	3.1 kB	59 kB	142.250.74.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-12	medium	przvgke.biz	Sinkholed
2024-12-12	medium	przvgke.biz	Sinkholed
2024-12-12	medium	przvgke.biz	Sinkholed
2024-12-12	medium	przvgke.biz	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	ww7.przvgke.biz/bcizbfppJ.js	ScriptElement	35 kB	2024-12-06	2025-01-23
Pretty URL ww7.przvgke.biz/bcizbfppJ.js IP 199.59.243.227 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-06 19:34 Last Seen2025-01-23 17:08 Times Seen3027 Hash 4150be91c2a3cfe950ecd06dfda28bd6 aec65ee382f38ad6e2d4d6f35bbef215b97421b8 a5b590c1b46928f9679900f4943c4caa3cab59fe7ba28645f21c20331ebeb4e6 Loading...

	www.google.com/adsense/domains/caf.js?abp=1&bodis=true	ScriptElement	147 kB	2024-12-11	2024-12-12
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-11 15:10 Last Seen2024-12-12 23:13 Times Seen91 Hash 09b3433c9054e1c2de8a2ddc9efeb697 4809c0de53835790710b56f2f398a20514c06a5d 6356bbaa75a953d430577cd24f1679aa626e8e8a5ebf1bd43ad45ef66a8025f3 Loading...

	syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol112%2Cpid-bodis-gcontrol450%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.przvgke.biz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D24%26utid%3D9485029529&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=2891734007217219&num=0&output=afd_ads&domain_name=ww7.przvgke.biz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1734007217220&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.przvgke.biz%2Ftlkmdvfxym%3Fusid%3D24%26utid%3D9485029529	ScriptElement	610 B	2024-12-12	2024-12-12
Pretty URL syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol112%2Cpid-bodis-gcontrol450%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.przvgke.biz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D24%26utid%3D9485029529&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=2891734007217219&num=0&output=afd_ads&domain_name=ww7.przvgke.biz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1734007217220&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.przvgke.biz%2Ftlkmdvfxym%3Fusid%3D24%26utid%3D9485029529 IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-12 12:40 Last Seen2024-12-12 12:40 Times Seen1 Hash 717dec9fea656f5dd8ef856917b76dbb a64c4827b9eaf86190614e15ea45aca5e6395fe7 b8e8d9068f7665037de446217bedbf0b16c43261ff46bbf75eff07a6387c3437 Loading...

	syndicatedsearch.goog/adsense/domains/caf.js	ScriptElement	147 kB	2024-12-05	2024-12-12
Pretty URL syndicatedsearch.goog/adsense/domains/caf.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 20:53 Last Seen2024-12-12 18:05 Times Seen290 Hash 048f54852d65b9eea6941b842fa64016 a5d222c492fb9ebd22a376c05d0c5e44e2bae025 f38fea1f39505db87438f2e7be2c6dc435f5ee7c335e7662ff37bf358df2a791 Loading...

	parking3.parklogic.com/page/enhance.js?pcId=7&&domain=przvgke.biz	ScriptElement	2.3 kB	2024-12-12	2025-03-31
Pretty URL parking3.parklogic.com/page/enhance.js?pcId=7&&domain=przvgke.biz IP 170.187.143.93 ASN #63949 Akamai Connected Cloud Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 04:07 Last Seen2025-03-31 00:44 Times Seen204 Hash 970b3d918ec4f329aad632ff5f0cc7b1 8d52ba38def75fa2d4630b86112f2dbdfb365c2c 967102fbf118986987aa73aa927db0163273f0dd1bd449ab905df766998c4312 Loading...

	ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529	ScriptElement	395 B	2024-12-12	2024-12-12
Pretty URL ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529 IP 199.59.243.227 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-12 12:40 Last Seen2024-12-12 12:40 Times Seen1 Hash affce7c89fe29712cf709596b74338a3 4d20d6e70177eb67eb406eefb49f8379bfd896fb 3789c96f57e3648067767b89f5d5b0a45154f956da02e116ebb4a3c3d62f846f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6a4435c5df6c8a44e8f871be2d8db6df	411 B	2024-05-02 21:46	2025-06-13 15:35
Pretty Observations First Seen2024-05-02 21:46 Last Seen2025-06-13 15:35 Times Seen3379 Hash 6a4435c5df6c8a44e8f871be2d8db6df dd30da12047c2ea2b12e124b6cd43540e358aa79 f79e97fee9b4881f8fa95aa2033819020eca0e597a94dce1976fcae392397b0a Loading...

		Size	First Seen	Last Seen
	#1 Write - af99d8a27f733d365f3871f9fde23435	177 B	2024-05-02 23:23	2025-06-12 07:51
Pretty Observations First Seen2024-05-02 23:23 Last Seen2025-06-12 07:51 Times Seen832 Hash af99d8a27f733d365f3871f9fde23435 b96a718591f65396dd16591d33ef4033712fe0c5 b90c272e72db1894b64149c336abfd6c06f64814603d2763b9a3cf704dba598a Loading...

HTTP Transactions (13)

URL IP Response Size

ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529

199.59.243.227

200 OK

1.1 kB

URL User Request GET HTTP/1.1
ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
IP
199.59.243.227:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectww7.przvgke.biz
Fingerprint98:45:A0:08:FA:FC:D5:74:52:73:80:79:82:7E:78:6C:36:FF:6C:67
ValidityFri, 01 Nov 2024 13:25:59 GMT - Thu, 30 Jan 2025 13:25:58 GMT

File type
HTML document, ASCII text, with very long lines (410)
Size
1.1 kB (1142 bytes)
Hash
54c0dae37886160db4999f9841b5b795
29af1caa26110b22f7289b8f1ccd118de68cf570
a10d6bad6076fb218710c4eb4ba36025f0e0cbb69e75ee80191e012eb81bf3a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tlkmdvfxym?usid=24&utid=9485029529 HTTP/1.1
Host: ww7.przvgke.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 12 Dec 2024 12:40:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1142
X-Request-Id: bf3f0a6e-37f4-40f7-b215-9c6ee946a97e
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_ifEWB8+NFDRlfvR49Y/LxZ1B0jYeD4XYNOnNNpAi87a0n5EWVSswFW6L/7wecQJxuTrPspL8WS4QZnN4B5rtpw==
Set-Cookie: parking_session=bf3f0a6e-37f4-40f7-b215-9c6ee946a97e; expires=Thu, 12 Dec 2024 12:55:16 GMT; path=/
Connection: close

ww7.przvgke.biz/bcizbfppJ.js

199.59.243.227

200 OK

35 kB

URL GET HTTP/1.1
ww7.przvgke.biz/bcizbfppJ.js
IP
199.59.243.227:443
ASN
#16509 AMAZON-02

Requested by
https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Certificate
IssuerLet's Encrypt
Subjectww7.przvgke.biz
Fingerprint98:45:A0:08:FA:FC:D5:74:52:73:80:79:82:7E:78:6C:36:FF:6C:67
ValidityFri, 01 Nov 2024 13:25:59 GMT - Thu, 30 Jan 2025 13:25:58 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (35078)
Size
35 kB (35081 bytes)
Hash
4150be91c2a3cfe950ecd06dfda28bd6
aec65ee382f38ad6e2d4d6f35bbef215b97421b8
a5b590c1b46928f9679900f4943c4caa3cab59fe7ba28645f21c20331ebeb4e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bcizbfppJ.js HTTP/1.1
Host: ww7.przvgke.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Cookie: parking_session=bf3f0a6e-37f4-40f7-b215-9c6ee946a97e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 12 Dec 2024 12:40:16 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 35081
X-Request-Id: 717b9838-2ce3-4ada-8045-4a2384a3924e
Set-Cookie: parking_session=bf3f0a6e-37f4-40f7-b215-9c6ee946a97e; expires=Thu, 12 Dec 2024 12:55:16 GMT
Connection: close

ww7.przvgke.biz/_fd?usid=24&utid=9485029529

199.59.243.227

200 OK

6.3 kB

URL POST HTTP/1.1
ww7.przvgke.biz/_fd?usid=24&utid=9485029529
IP
199.59.243.227:443
ASN
#16509 AMAZON-02

Requested by
https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Certificate
IssuerLet's Encrypt
Subjectww7.przvgke.biz
Fingerprint98:45:A0:08:FA:FC:D5:74:52:73:80:79:82:7E:78:6C:36:FF:6C:67
ValidityFri, 01 Nov 2024 13:25:59 GMT - Thu, 30 Jan 2025 13:25:58 GMT

File type
ASCII text, with very long lines (6349), with no line terminators
Size
6.3 kB (6349 bytes)
Hash
ac40cca34b44bd41072fdde8155283fc
5785e62da67a92204267c2835ea51e33f6d48f1a
5149cfcbe929772549046023f5705b42d474b38a1ae17d04c6a51cfae820723c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /_fd?usid=24&utid=9485029529 HTTP/1.1
Host: ww7.przvgke.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Content-Type: application/json
Origin: https://ww7.przvgke.biz
DNT: 1
Connection: keep-alive
Cookie: parking_session=bf3f0a6e-37f4-40f7-b215-9c6ee946a97e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
Date: Thu, 12 Dec 2024 12:40:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 6349
X-Request-Id: 39bef723-eb13-456e-8b8d-a58e8bfa7145
Set-Cookie: parking_session=bf3f0a6e-37f4-40f7-b215-9c6ee946a97e; expires=Thu, 12 Dec 2024 12:55:16 GMT
Connection: close

syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol112%2Cpid-bodis-gcontrol450%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.przvgke.biz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D24%26utid%3D9485029529&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=2891734007217219&num=0&output=afd_ads&domain_name=ww7.przvgke.biz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1734007217220&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.przvgke.biz%2Ftlkmdvfxym%3Fusid%3D24%26utid%3D9485029529

142.250.74.110

200 OK

2.7 kB

URL GET HTTP/2
syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol112%2Cpid-bodis-gcontrol450%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.przvgke.biz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D24%26utid%3D9485029529&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=2891734007217219&num=0&output=afd_ads&domain_name=ww7.przvgke.biz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1734007217220&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.przvgke.biz%2Ftlkmdvfxym%3Fusid%3D24%26utid%3D9485029529
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint58:3D:9C:C1:AD:FF:DB:76:C6:A2:47:40:3C:B0:40:4D:0E:9E:28:A8
ValidityMon, 04 Nov 2024 08:40:55 GMT - Mon, 27 Jan 2025 08:40:54 GMT

File type
HTML document, ASCII text, with very long lines (13175)
Size
2.7 kB (2729 bytes)
Hash
a277585e8d926f8768d5e4736a2d9c03
f97a616c39f5ad63fbfecb04c203d1e8a124bb96
5ad19df267133792ff17a2a48d8647ee9cec890dc124fd9a2dd56f33721688ff

HTTP Headers

GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol112%2Cpid-bodis-gcontrol450%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.przvgke.biz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D24%26utid%3D9485029529&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=2891734007217219&num=0&output=afd_ads&domain_name=ww7.przvgke.biz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1734007217220&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.przvgke.biz%2Ftlkmdvfxym%3Fusid%3D24%26utid%3D9485029529 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.przvgke.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 12 Dec 2024 12:40:17 GMT
expires: Thu, 12 Dec 2024 12:40:17 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-hdPnNvy2SqSJPfNpAoK9RA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b

142.250.74.97

200 OK

174 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol112%2Cpid-bodis-gcontrol450%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.przvgke.biz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D24%26utid%3D9485029529&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=2891734007217219&num=0&output=afd_ads&domain_name=ww7.przvgke.biz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1734007217220&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.przvgke.biz%2Ftlkmdvfxym%3Fusid%3D24%26utid%3D9485029529
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint38:49:64:1C:E7:DB:46:FE:EB:37:6F:02:8A:1F:A4:10:71:7B:92:A0
ValidityMon, 04 Nov 2024 08:38:44 GMT - Mon, 27 Jan 2025 08:38:43 GMT

File type
SVG Scalable Vector Graphics image
Size
174 B (174 bytes)
Hash
d47125b2ba92be53dcff07ba322ce1de
e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Dec 2024 18:35:11 GMT
expires: Thu, 12 Dec 2024 17:35:11 GMT
cache-control: public, max-age=82800
age: 65106
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff

142.250.74.97

200 OK

278 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol112%2Cpid-bodis-gcontrol450%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.przvgke.biz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D24%26utid%3D9485029529&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=2891734007217219&num=0&output=afd_ads&domain_name=ww7.przvgke.biz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1734007217220&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.przvgke.biz%2Ftlkmdvfxym%3Fusid%3D24%26utid%3D9485029529
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint38:49:64:1C:E7:DB:46:FE:EB:37:6F:02:8A:1F:A4:10:71:7B:92:A0
ValidityMon, 04 Nov 2024 08:38:44 GMT - Mon, 27 Jan 2025 08:38:43 GMT

File type
SVG Scalable Vector Graphics image
Size
278 B (278 bytes)
Hash
fe7dd8c3c629cc6e9cd6d3e4d3cbe905
59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Dec 2024 14:48:45 GMT
expires: Thu, 12 Dec 2024 13:48:45 GMT
cache-control: public, max-age=82800
age: 78692
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ww7.przvgke.biz/_tr

199.59.243.227

200 OK

2 B

URL POST HTTP/1.1
ww7.przvgke.biz/_tr
IP
199.59.243.227:443
ASN
#16509 AMAZON-02

Requested by
https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Certificate
IssuerLet's Encrypt
Subjectww7.przvgke.biz
Fingerprint98:45:A0:08:FA:FC:D5:74:52:73:80:79:82:7E:78:6C:36:FF:6C:67
ValidityFri, 01 Nov 2024 13:25:59 GMT - Thu, 30 Jan 2025 13:25:58 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /_tr HTTP/1.1
Host: ww7.przvgke.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Content-Type: application/json
Content-Length: 1973
Origin: https://ww7.przvgke.biz
DNT: 1
Connection: keep-alive
Cookie: parking_session=bf3f0a6e-37f4-40f7-b215-9c6ee946a97e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 12 Dec 2024 12:40:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
X-Request-Id: 6a5d5ea0-a08c-40bb-9bcd-249433516339
Set-Cookie: parking_session=bf3f0a6e-37f4-40f7-b215-9c6ee946a97e; expires=Thu, 12 Dec 2024 12:55:17 GMT
Connection: close

parking3.parklogic.com/page/enhance.js?pcId=7&&domain=przvgke.biz

170.187.143.93

200 OK

2.4 kB

URL GET HTTP/2
parking3.parklogic.com/page/enhance.js?pcId=7&&domain=przvgke.biz
IP
170.187.143.93:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Certificate
IssuerSectigo Limited
Subject*.parklogic.com
FingerprintA5:25:E3:1A:B4:C8:32:BD:0D:BA:C8:B4:19:22:F9:75:D4:D3:88:3F
ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT

File type
data
Size
2.4 kB (2351 bytes)
Hash
8e4b00e509d7e6c4fd4cbe645090f83a
074ea786dec0992c8d5146f7cc46c158dc8f1857
356796cba125025a176807ad2a821832d8a7251a83f38c92f1b7accc70e7bf32

HTTP Headers

GET /page/enhance.js?pcId=7&&domain=przvgke.biz HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.przvgke.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 12:40:17 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

syndicatedsearch.goog/adsense/domains/caf.js

142.250.74.110

200 OK

53 kB

URL GET HTTP/3
syndicatedsearch.goog/adsense/domains/caf.js
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol112%2Cpid-bodis-gcontrol450%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol160&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.przvgke.biz%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D24%26utid%3D9485029529&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2348603269777440&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301431%2C17301433%2C17301436%2C17301266%2C72717107&format=r3&nocache=2891734007217219&num=0&output=afd_ads&domain_name=ww7.przvgke.biz&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1734007217220&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=704712957&rurl=https%3A%2F%2Fww7.przvgke.biz%2Ftlkmdvfxym%3Fusid%3D24%26utid%3D9485029529
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint58:3D:9C:C1:AD:FF:DB:76:C6:A2:47:40:3C:B0:40:4D:0E:9E:28:A8
ValidityMon, 04 Nov 2024 08:40:55 GMT - Mon, 27 Jan 2025 08:40:54 GMT

File type
JavaScript source, ASCII text, with very long lines (1932)
Size
53 kB (53055 bytes)
Hash
048f54852d65b9eea6941b842fa64016
a5d222c492fb9ebd22a376c05d0c5e44e2bae025
f38fea1f39505db87438f2e7be2c6dc435f5ee7c335e7662ff37bf358df2a791

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 12 Dec 2024 12:40:17 GMT
expires: Thu, 12 Dec 2024 12:40:17 GMT
cache-control: private, max-age=3600
etag: "9281507903774293386"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=wprwdl7kny7c&aqid=sdlaZ7W9FeqhiM0PjN7UsQY&psid=3113057640&pbt=bv&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=4%7C0%7C281%7C52%7C37&lle=0&ifv=1&hpt=0

142.250.74.110

204 No Content

0 B

URL GET HTTP/3
syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=wprwdl7kny7c&aqid=sdlaZ7W9FeqhiM0PjN7UsQY&psid=3113057640&pbt=bv&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=4%7C0%7C281%7C52%7C37&lle=0&ifv=1&hpt=0
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint58:3D:9C:C1:AD:FF:DB:76:C6:A2:47:40:3C:B0:40:4D:0E:9E:28:A8
ValidityMon, 04 Nov 2024 08:40:55 GMT - Mon, 27 Jan 2025 08:40:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=wprwdl7kny7c&aqid=sdlaZ7W9FeqhiM0PjN7UsQY&psid=3113057640&pbt=bv&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=4%7C0%7C281%7C52%7C37&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.przvgke.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-PtQoQsSpdO8yi5hGS8VkAQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Thu, 12 Dec 2024 12:40:19 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/adsense/domains/caf.js?abp=1&bodis=true

142.250.74.164

200 OK

147 kB

URL GET HTTP/2
www.google.com/adsense/domains/caf.js?abp=1&bodis=true
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
FingerprintC1:EF:1D:9F:32:BB:31:2D:F3:08:D9:D6:97:9C:21:A1:A2:67:F9:C5
ValidityMon, 04 Nov 2024 08:39:37 GMT - Mon, 27 Jan 2025 08:39:36 GMT

File type
JavaScript source, ASCII text, with very long lines (1932)
Size
147 kB (146801 bytes)
Hash
09b3433c9054e1c2de8a2ddc9efeb697
4809c0de53835790710b56f2f398a20514c06a5d
6356bbaa75a953d430577cd24f1679aa626e8e8a5ebf1bd43ad45ef66a8025f3

HTTP Headers

GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.przvgke.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 12 Dec 2024 12:40:17 GMT
expires: Thu, 12 Dec 2024 12:40:17 GMT
cache-control: private, max-age=3600
etag: "739728714176830162"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

parking3.parklogic.com/page/scribe.php?pcId=7&domain=przvgke.biz&pId=2447&usid=24&utid=9485029529&query=null&domainJs=ww7.przvgke.biz&path=/tlkmdvfxym&ss=true&lp=1&tzB=UTC&wd=false&gpu=null

170.187.143.93

200 OK

0 B

URL GET HTTP/2
parking3.parklogic.com/page/scribe.php?pcId=7&domain=przvgke.biz&pId=2447&usid=24&utid=9485029529&query=null&domainJs=ww7.przvgke.biz&path=/tlkmdvfxym&ss=true&lp=1&tzB=UTC&wd=false&gpu=null
IP
170.187.143.93:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Certificate
IssuerSectigo Limited
Subject*.parklogic.com
FingerprintA5:25:E3:1A:B4:C8:32:BD:0D:BA:C8:B4:19:22:F9:75:D4:D3:88:3F
ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /page/scribe.php?pcId=7&domain=przvgke.biz&pId=2447&usid=24&utid=9485029529&query=null&domainJs=ww7.przvgke.biz&path=/tlkmdvfxym&ss=true&lp=1&tzB=UTC&wd=false&gpu=null HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.przvgke.biz/
Origin: https://ww7.przvgke.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Dec 2024 12:40:18 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=ek0if2pcebz&aqid=sdlaZ7W9FeqhiM0PjN7UsQY&psid=3113057640&pbt=bs&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=4%7C0%7C281%7C52%7C37&lle=0&ifv=1&hpt=0

142.250.74.110

204 No Content

0 B

URL GET HTTP/3
syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=ek0if2pcebz&aqid=sdlaZ7W9FeqhiM0PjN7UsQY&psid=3113057640&pbt=bs&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=4%7C0%7C281%7C52%7C37&lle=0&ifv=1&hpt=0
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://ww7.przvgke.biz/tlkmdvfxym?usid=24&utid=9485029529
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
Fingerprint58:3D:9C:C1:AD:FF:DB:76:C6:A2:47:40:3C:B0:40:4D:0E:9E:28:A8
ValidityMon, 04 Nov 2024 08:40:55 GMT - Mon, 27 Jan 2025 08:40:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=ek0if2pcebz&aqid=sdlaZ7W9FeqhiM0PjN7UsQY&psid=3113057640&pbt=bs&adbx=290&adby=193&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=704712957&csala=4%7C0%7C281%7C52%7C37&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.przvgke.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-CFlp1FyfLbFcw620VS0BJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Thu, 12 Dec 2024 12:40:19 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (13)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL POST HTTP/1.1

IP