Report - ww38.mail.bettersalud.info/

Report Overview

Submitted URL
ww38.mail.bettersalud.info/
IP
199.115.115.102
ASN
#30633 LEASEWEB-USA-WDC
Submitted
2023-04-17 22:07:38
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
afs.googleusercontent.com	12123	2013-05-06	2023-04-17	967 B	2.1 kB	142.250.74.97
fonts.googleapis.com	8877	2013-06-10	2023-04-17	427 B	15 kB	142.250.74.106
fonts.gstatic.com	unknown	2014-09-09	2023-04-17	543 B	15 kB	142.250.74.3
ww38.mail.bettersalud.info	unknown	No data	No data	391 B	370 B	199.115.115.102
ww1.bettersalud.info	unknown	No data	No data	3.4 kB	29 kB	199.59.243.223
ocsp.pki.goog	175	2018-07-01	2023-04-17	3.3 kB	7.0 kB	142.250.74.131
www.google.com	7	2015-05-10	2023-04-17	3.5 kB	115 kB	142.250.74.132
partner.googleadservices.com	798	2012-10-03	2023-04-16	500 B	791 B	216.58.207.194

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-04-17	medium	ww38.mail.bettersalud.info/
2023-04-17	medium	ww1.bettersalud.info/
2023-04-17	medium	ww1.bettersalud.info/js/parking.2.104.1.js
2023-04-17	medium	ww1.bettersalud.info/_fd
2023-04-17	medium	ww1.bettersalud.info/_tr

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	ww1.bettersalud.info/	315 B	2023-04-18	2023-04-18
Pretty URL ww1.bettersalud.info/ IP 199.59.243.223 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 00:07:38 Last Seen2023-04-18 00:07:38 Times Seen1 Hash a70b8d859957ef1dc1b73c60ea8a0e6e 2291ddfffee8be26e52773367b64ac212a973053 1a8b4a8b1934b03be32e780885e616b35685e201021af3a8a1bd59abba33e597 Loading...

	ww1.bettersalud.info/js/parking.2.104.1.js	69 kB	2023-04-01	2023-04-19
Pretty URL ww1.bettersalud.info/js/parking.2.104.1.js IP 199.59.243.223 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:26:26 Last Seen2023-04-19 18:19:24 Times Seen3503 Hash 9043a4bbd1e344df0adda5ffa46f7577 19a196a4b3ad633ad8b292bccf9d9d4afda9348a 2e74eb2b5a15b5b0a117ae97cdf08ae768f0886ebc2b58c1596a6ced8095a8f4 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-04-12	2023-04-20
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-12 18:01:04 Last Seen2023-04-20 15:58:52 Times Seen814 Hash 429706f9511216323354fe5fb500214f e1b5e1f1d007743bfdce15a9266695f80c677828 679f8e197066001eb2d3a857397eaf55219ff3fe73dac59cc6a28770302339d0 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=ww1.bettersalud.info&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie	372 B	2023-04-18	2023-04-18
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=ww1.bettersalud.info&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie IP 216.58.207.194 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 00:07:38 Last Seen2023-04-18 00:07:38 Times Seen2 Hash ab50a01356c8f8c4aaeb2d74037dc078 127f0cdbc0cbee39cbfbff8c1b6d2c3eb3a0fc9f ef93c1c37e89ccc9440a5556fb8236e9fcccea11281189fc8d8712de2c30c9a8 Loading...

	www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.bettersalud.info%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8701681769364612&num=0&output=afd_ads&domain_name=ww1.bettersalud.info&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681769364613&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.bettersalud.info%2F&adbw=master-1%3A1264	6.3 kB	2023-04-18	2023-04-18
Pretty URL www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.bettersalud.info%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8701681769364612&num=0&output=afd_ads&domain_name=ww1.bettersalud.info&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681769364613&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.bettersalud.info%2F&adbw=master-1%3A1264 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 00:07:38 Last Seen2023-04-18 00:07:38 Times Seen1 Hash 90a90efa5c5b145f1fd9ae263d142db5 69c015c72afbfd5b7b67e0c5d965d8bffb7fb751 80f1f19429360d755571f509eb0e0f166626a282dbefd660fc8866f4b609b015 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-04-13	2023-04-20
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-13 00:44:12 Last Seen2023-04-20 15:58:52 Times Seen81 Hash 3e2b2f5c62ab427a379942ed1345fe66 881b426d509c409df2526c2c014faecab6e9d8d4 1ad93bc3e1d46eaed48159182ddf9f945e2467c16f754deff21e8c75707f1ad6 Loading...

HTTP Transactions (28)

URL IP Response Size

ww38.mail.bettersalud.info/

199.115.115.102

302 Found

11 B

URL User Request GET HTTP/1.1
ww38.mail.bettersalud.info/
IP
199.115.115.102:80
ASN
#30633 LEASEWEB-USA-WDC

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: ww38.mail.bettersalud.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 17 Apr 2023 22:07:23 GMT
location: http://ww1.bettersalud.info
server: nginx
set-cookie: sid=3afc3bb8-dd6c-11ed-b188-20ed7fc03ab4; path=/; domain=.bettersalud.info; expires=Sun, 06 May 2091 01:21:31 GMT; max-age=2147483647; HttpOnly

ww1.bettersalud.info/

199.59.243.223

200 OK

675 B

URL User Request GET HTTP/1.1
ww1.bettersalud.info/
IP
199.59.243.223:80
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (863), with no line terminators
Size
675 B (675 bytes)
Hash
8a0a8a06bf251753c5afb02a7aa99aa1
f01f61cded4e6556b8a65834b45e997f6f186315
98931f1ace0f8fe1082c631ee12647af92675109b480977affe9e2637756d2af

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: ww1.bettersalud.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=3afc3bb8-dd6c-11ed-b188-20ed7fc03ab4
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 17 Apr 2023 22:07:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=444915e1-475f-5c10-8d8c-b739b2ccf756; expires=Mon, 17-Apr-2023 22:22:24 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_A0dEWmWLVl8bvaylL/hgwp1+et/ziKITOckfkFCPtrvxGI8P6/b69PaLSGvoaiXg0WNCVThVmHHsCzj5DN71Cw==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

ww1.bettersalud.info/js/parking.2.104.1.js

199.59.243.223

200 OK

22 kB

URL GET HTTP/1.1
ww1.bettersalud.info/js/parking.2.104.1.js
IP
199.59.243.223:80
ASN
#16509 AMAZON-02

Requested by
http://ww1.bettersalud.info/

File type
HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (22192 bytes)
Hash
c90bb88c05245a2d88ccf715f68f07fb
01d44c146ec4877eac9ceac21d18fd48388bdcdc
c6fba917f12371964e2826d512a6d7572f9a62dc530cd58a3a17a2b96dd96d07

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/parking.2.104.1.js HTTP/1.1
Host: ww1.bettersalud.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.bettersalud.info/
Cookie: sid=3afc3bb8-dd6c-11ed-b188-20ed7fc03ab4; parking_session=444915e1-475f-5c10-8d8c-b739b2ccf756
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 17 Apr 2023 22:07:24 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 29 Mar 2023 20:49:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

ww1.bettersalud.info/_fd

199.59.243.223

200 OK

2.6 kB

URL POST HTTP/1.1
ww1.bettersalud.info/_fd
IP
199.59.243.223:80
ASN
#16509 AMAZON-02

Requested by
http://ww1.bettersalud.info/

File type
ASCII text, with very long lines (4905), with no line terminators
Size
2.6 kB (2617 bytes)
Hash
ea2452db89fdde8ab8e6c2248ac44132
42c33197c7f863e7123b7b30aa70c49f16568801
f656e818fd6404989ae3e26552b81ae4b225e9a53e0d3687f244e726afa5823f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /_fd HTTP/1.1
Host: ww1.bettersalud.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.bettersalud.info/
Content-Type: application/json
Origin: http://ww1.bettersalud.info
Connection: keep-alive
Cookie: sid=3afc3bb8-dd6c-11ed-b188-20ed7fc03ab4; parking_session=444915e1-475f-5c10-8d8c-b739b2ccf756
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 17 Apr 2023 22:07:24 GMT
X-Version: 2.104.1
Set-Cookie: parking_session=444915e1-475f-5c10-8d8c-b739b2ccf756; expires=Mon, 17-Apr-2023 22:22:24 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

ww1.bettersalud.info/px.gif?ch=1&rn=9.462490038504

199.59.243.223

200 OK

42 B

URL GET HTTP/1.1
ww1.bettersalud.info/px.gif?ch=1&rn=9.462490038504
IP
199.59.243.223:80
ASN
#16509 AMAZON-02

Requested by
http://ww1.bettersalud.info/

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /px.gif?ch=1&rn=9.462490038504 HTTP/1.1
Host: ww1.bettersalud.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.bettersalud.info/
Cookie: sid=3afc3bb8-dd6c-11ed-b188-20ed7fc03ab4; parking_session=444915e1-475f-5c10-8d8c-b739b2ccf756
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 17 Apr 2023 22:07:24 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes

ww1.bettersalud.info/px.gif?ch=2&rn=9.462490038504

199.59.243.223

200 OK

42 B

URL GET HTTP/1.1
ww1.bettersalud.info/px.gif?ch=2&rn=9.462490038504
IP
199.59.243.223:80
ASN
#16509 AMAZON-02

Requested by
http://ww1.bettersalud.info/

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /px.gif?ch=2&rn=9.462490038504 HTTP/1.1
Host: ww1.bettersalud.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.bettersalud.info/
Cookie: sid=3afc3bb8-dd6c-11ed-b188-20ed7fc03ab4; parking_session=444915e1-475f-5c10-8d8c-b739b2ccf756
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 17 Apr 2023 22:07:24 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b105900cb9f9b7c132fc24081551f8dc
02ce5e83ca84d5180b85993af662054f2bfcb3e9
82dbfc7dd1b3d02c82b205f018b248807162f8f709907e8b788b12133e468382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 22:07:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ww1.bettersalud.info/favicon.ico

199.59.243.223

200 OK

0 B

URL GET HTTP/1.1
ww1.bettersalud.info/favicon.ico
IP
199.59.243.223:80
ASN
#16509 AMAZON-02

Requested by
http://ww1.bettersalud.info/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ww1.bettersalud.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.bettersalud.info/
Cookie: sid=3afc3bb8-dd6c-11ed-b188-20ed7fc03ab4; parking_session=444915e1-475f-5c10-8d8c-b739b2ccf756
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 17 Apr 2023 22:07:24 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
ETag: "61424bb6-0"
x-backend-server: ip-10-201-16-141.ec2.internal
Accept-Ranges: bytes

www.google.com/adsense/domains/caf.js

142.250.74.132

200 OK

54 kB

URL GET HTTP/3
www.google.com/adsense/domains/caf.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.bettersalud.info%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8701681769364612&num=0&output=afd_ads&domain_name=ww1.bettersalud.info&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681769364613&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.bettersalud.info%2F&adbw=master-1%3A1264
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT

File type
data
Size
54 kB (54439 bytes)
Hash
88cb5b3afe0a44b9817ea9622d49a5a6
847024577b86128f5c952fadfb90c87c8641c29b
1a1723c0f208f60830124fa567d26136c3411a4dc55ea1c5bd3e3a87b280c043

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.bettersalud.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Mon, 17 Apr 2023 22:07:24 GMT
expires: Mon, 17 Apr 2023 22:07:24 GMT
cache-control: private, max-age=3600
etag: "12919843540965609039"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eec2f11c2e107e124a8690cf9a42df7f
c0c25ab7db92e51882559e8428a9061eebae7144
2803666d6cb51e49f0bdf0f4ab0d544114ba332954888a151d9df52634a40dfa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 22:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=ww1.bettersalud.info&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie

216.58.207.194

200 OK

244 B

URL GET HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=ww1.bettersalud.info&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie
IP
216.58.207.194:443
ASN
#15169 GOOGLE

Requested by
http://ww1.bettersalud.info/
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
Fingerprint4B:CB:DB:D2:14:E4:F5:46:FA:69:7D:5D:7F:77:3E:7B:A4:87:E2:E7
ValidityTue, 28 Mar 2023 16:51:59 GMT - Tue, 20 Jun 2023 16:51:58 GMT

File type
ASCII text, with very long lines (372), with no line terminators
Size
244 B (244 bytes)
Hash
ac21e4e926a8a8efa850e4fb16107d63
b28ebb95e250866d83677e1f68f0061b08281db1
adac4398e1b49cf7cf9787df82b4ab7164d8da0b121c55767871483167246f16

HTTP Headers

GET /gampad/cookie.js?domain=ww1.bettersalud.info&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.bettersalud.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 17 Apr 2023 22:07:25 GMT
server: cafe
cache-control: private
content-length: 244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.bettersalud.info%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8701681769364612&num=0&output=afd_ads&domain_name=ww1.bettersalud.info&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681769364613&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.bettersalud.info%2F&adbw=master-1%3A1264

142.250.74.132

200 OK

2.1 kB

URL GET HTTP/3
www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.bettersalud.info%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8701681769364612&num=0&output=afd_ads&domain_name=ww1.bettersalud.info&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681769364613&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.bettersalud.info%2F&adbw=master-1%3A1264
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
http://ww1.bettersalud.info/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5416)
Size
2.1 kB (2104 bytes)
Hash
40bcc6b47c4ae39105b54726a58e2990
cc0b7904c2c38602e943da10e28404c692634900
b22c83a41c2f45117eb0b2dd85ca169868d769d2a1ab08ffbc93103b54f1d4ee

HTTP Headers

GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.bettersalud.info%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8701681769364612&num=0&output=afd_ads&domain_name=ww1.bettersalud.info&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681769364613&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.bettersalud.info%2F&adbw=master-1%3A1264 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww1.bettersalud.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Mon, 17 Apr 2023 22:07:25 GMT
expires: Mon, 17 Apr 2023 22:07:25 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Y2k9qKMnif9yvEHFf6b9Pw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2104
x-xss-protection: 0
set-cookie: CONSENT=PENDING+650; expires=Wed, 16-Apr-2025 22:07:25 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eec2f11c2e107e124a8690cf9a42df7f
c0c25ab7db92e51882559e8428a9061eebae7144
2803666d6cb51e49f0bdf0f4ab0d544114ba332954888a151d9df52634a40dfa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 22:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bb6db5e565d55f4f9fc6ca13dadbf107
9117820fc0d86b5277a9b5df7521797854fc90d8
bc5da0a10af0249ab05ec82ec173d2569354e5a09e5b48745fdd7c4ce9b830ac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 22:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bb6db5e565d55f4f9fc6ca13dadbf107
9117820fc0d86b5277a9b5df7521797854fc90d8
bc5da0a10af0249ab05ec82ec173d2569354e5a09e5b48745fdd7c4ce9b830ac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 22:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/adsense/domains/caf.js

142.250.74.132

200 OK

54 kB

URL GET HTTP/3
www.google.com/adsense/domains/caf.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.bettersalud.info%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8701681769364612&num=0&output=afd_ads&domain_name=ww1.bettersalud.info&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681769364613&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.bettersalud.info%2F&adbw=master-1%3A1264
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT

File type
ASCII text, with very long lines (2193)
Size
54 kB (54150 bytes)
Hash
fc222591cc3fbce135e1dfbeffd14eb7
dcda5346306dab0082829d8444a84d2260e89d38
b494e84c220185ee217f5334e811dcdc71c96a9605cc0f15fdc518cd793e22da

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Alt-Used: www.google.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Mon, 17 Apr 2023 22:07:25 GMT
expires: Mon, 17 Apr 2023 22:07:25 GMT
cache-control: private, max-age=3600
etag: "5313095107005355673"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff

142.250.74.97

200 OK

278 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.bettersalud.info%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8701681769364612&num=0&output=afd_ads&domain_name=ww1.bettersalud.info&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681769364613&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.bettersalud.info%2F&adbw=master-1%3A1264
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306)
Size
278 B (278 bytes)
Hash
bb7fc36f627255dd4783f849dca0932e
80e89ef8f3c2c8ee982523757fce214ea7323a69
735f48c2876099e6a731c65fc46ec1ec133c316e0997d04eb0ee246741bee647

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 17 Apr 2023 17:55:24 GMT
expires: Tue, 18 Apr 2023 16:55:24 GMT
cache-control: public, max-age=82800
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 15121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d946ecd85a4e6cb0baef36c5f5f4828
52b475dbe3db533416db4c872d570da32071b20d
d7d0c1b6ac1561730aa74001ce93c6a4a89326698ee5a005845468bf06c465d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 22:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bb6db5e565d55f4f9fc6ca13dadbf107
9117820fc0d86b5277a9b5df7521797854fc90d8
bc5da0a10af0249ab05ec82ec173d2569354e5a09e5b48745fdd7c4ce9b830ac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 22:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d946ecd85a4e6cb0baef36c5f5f4828
52b475dbe3db533416db4c872d570da32071b20d
d7d0c1b6ac1561730aa74001ce93c6a4a89326698ee5a005845468bf06c465d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 22:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4862c45df9dee1fd8e7cdcfee5995fcc
9c1a79c2a7aad86e625896edd512948df0891e2c
29900d322073fcc6803f7db55a05ff291bb14a6aa80c4cec4cd6abc7616570e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 22:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Quicksand

142.250.74.106

200 OK

14 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Quicksand
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://ww1.bettersalud.info/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:74:DC:A1:79:64:AB:97:A4:EA:AB:80:90:A6:E2:B9:D4:16:79:64
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT

File type
data
Size
14 kB (14296 bytes)
Hash
c47664964edf3826cf37ab36c69c044c
8160f2d09b40c503bcf662c5b01e89892bf7c736
bb5e882ca305f76d0cb66001e643aa5ac65e14cbf8e55a64e96babc9c6d7883f

HTTP Headers

GET /css?family=Quicksand HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.bettersalud.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 17 Apr 2023 22:07:25 GMT
date: Mon, 17 Apr 2023 22:07:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ww1.bettersalud.info/_tr

199.59.243.223

200 OK

22 B

URL POST HTTP/1.1
ww1.bettersalud.info/_tr
IP
199.59.243.223:80
ASN
#16509 AMAZON-02

Requested by
http://ww1.bettersalud.info/

File type
ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
5cfde9b47de2d84bd26fc473632647c0
fd53c70631b6068328be57daec71bd94bf004d41
47fd05ef74fef5da03fa22483e63fc977cad8e026ae41dadbbcc3745907f306b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /_tr HTTP/1.1
Host: ww1.bettersalud.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.bettersalud.info/
Content-Type: application/json
Content-Length: 1601
Origin: http://ww1.bettersalud.info
Connection: keep-alive
Cookie: sid=3afc3bb8-dd6c-11ed-b188-20ed7fc03ab4; parking_session=444915e1-475f-5c10-8d8c-b739b2ccf756; __gsas=ID=eb2923893a7ab89f:T=1681769245:S=ALNI_Ma2ECf_w3ZqGahtbiOnGruO-rWWaQ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 17 Apr 2023 22:07:25 GMT
X-Version: 2.104.1
Set-Cookie: parking_session=444915e1-475f-5c10-8d8c-b739b2ccf756; expires=Mon, 17-Apr-2023 22:22:25 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4862c45df9dee1fd8e7cdcfee5995fcc
9c1a79c2a7aad86e625896edd512948df0891e2c
29900d322073fcc6803f7db55a05ff291bb14a6aa80c4cec4cd6abc7616570e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 17 Apr 2023 22:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=68q9wfffsh86&aqid=HcM9ZOyRCcHwY_zdtrAF&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=523105112&csala=8%7C0%7C231%7C45%7C47&lle=0&ifv=1&usr=1

142.250.74.132

204 No Content

0 B

URL GET HTTP/3
www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=68q9wfffsh86&aqid=HcM9ZOyRCcHwY_zdtrAF&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=523105112&csala=8%7C0%7C231%7C45%7C47&lle=0&ifv=1&usr=1
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
http://ww1.bettersalud.info/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=68q9wfffsh86&aqid=HcM9ZOyRCcHwY_zdtrAF&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=523105112&csala=8%7C0%7C231%7C45%7C47&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww1.bettersalud.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-31wKBWeLBg84ndIaDzxLYw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Mon, 17 Apr 2023 22:07:26 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=C5NlSFlxt8SEe-XPVuld45XlqicBk2vxbWrllNCO0AbdDa7CMPSSNCpQEu3m4Zy9fNuc8pF1S0TW1IrsRJSClDjijj_muA-WMJp80ADFAI8Nxz2Um5wXfuGtWuf-Rl_vLxuAD7X-eSF7zLJNHEOVEm90mjKr_tyDsEL-DVVfqi0; expires=Tue, 17-Oct-2023 22:07:26 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+875; expires=Wed, 16-Apr-2025 22:07:26 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=561qc4iu76or&aqid=HcM9ZOyRCcHwY_zdtrAF&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=523105112&csala=8%7C0%7C231%7C45%7C47&lle=0&ifv=1&usr=1

142.250.74.132

204 No Content

0 B

URL GET HTTP/3
www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=561qc4iu76or&aqid=HcM9ZOyRCcHwY_zdtrAF&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=523105112&csala=8%7C0%7C231%7C45%7C47&lle=0&ifv=1&usr=1
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
http://ww1.bettersalud.info/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=561qc4iu76or&aqid=HcM9ZOyRCcHwY_zdtrAF&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=523105112&csala=8%7C0%7C231%7C45%7C47&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww1.bettersalud.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-qEi1n9WUoFHlWrXaF81IZQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Mon, 17 Apr 2023 22:07:27 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=vwz8J2-_OUwCgT_-Udj1xqFcs3JuKtDL10GJEpMpCx-m2vkh_uuul2SNpGyY6XE5WlkineJEmeOpWdlQzsgcShXv2JLwSvuHJ71ULA7BaSgRySgQBNlaGCEayFyrp9CIZF7ie1yO_HUZHPLFP5qHxtD7f51hXO1lnXq5NuLjiKA; expires=Tue, 17-Oct-2023 22:07:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+661; expires=Wed, 16-Apr-2025 22:07:27 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b

142.250.74.97

200 OK

200 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.bettersalud.info%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8701681769364612&num=0&output=afd_ads&domain_name=ww1.bettersalud.info&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681769364613&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1264&psh=79&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.bettersalud.info%2F&adbw=master-1%3A1264
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
200 B (200 bytes)
Hash
e81eb30a6c5589e7f39436e40b400822
ca2513ede010b3db00099335b809ca693c2cd65c
055ae1fef3be182534069c718e2dc0ab07d7464bcc3ded19553da07d37333657

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 17 Apr 2023 22:07:25 GMT
expires: Tue, 18 Apr 2023 21:07:25 GMT
cache-control: public, max-age=82800
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

142.250.74.3

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
http://ww1.bettersalud.info/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13888, version 1.0\012- data
Size
14 kB (13888 bytes)
Hash
099548fac114f5f6498c5c75b943581d
7505fcaf9f4fe36634352b322a9f5fed1256a9f6
e36165510050fc4ef1d87cc430dd4d1d0f6a705c5f4aa7b3a97493921884bb05

HTTP Headers

GET /s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ww1.bettersalud.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13888
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Apr 2023 14:37:18 GMT
expires: Wed, 10 Apr 2024 14:37:18 GMT
cache-control: public, max-age=31536000
age: 545407
last-modified: Mon, 18 Jul 2022 19:12:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (28)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN