{"report_id":"02c21f6b-8e7f-418f-aa8a-0741b863b1e3","version":6,"status":"done","tags":[],"date":"2024-09-05T04:25:20Z","url":{"schema":"http","addr":"ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":0,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"title":"vofycot.com - Dette nettstedet er til salgs! - vofycot Ressurser og informasjon"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-28T22:32:21Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ww16.vofycot.com","ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2011-09-20","domain_rank":0,"first_seen":"2023-11-01 22:38:13","last_seen":"2024-04-18 05:33:25","alert_count":2,"request_count":2,"received_data":26296,"sent_data":1383,"comment":"","tags":null,"fingerprints":null},{"fqdn":"syndicatedsearch.goog","ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":0,"first_seen":"2023-09-25 11:30:59","last_seen":"2024-09-04 22:28:53","alert_count":0,"request_count":6,"received_data":162151,"sent_data":4471,"comment":"","tags":null,"fingerprints":null},{"fqdn":"afs.googleusercontent.com","ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":12123,"first_seen":"2013-05-06 21:11:00","last_seen":"2024-09-04 21:48:41","alert_count":0,"request_count":2,"received_data":2085,"sent_data":977,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-09-04 18:12:09","alert_count":0,"request_count":3,"received_data":2661,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-04 18:12:06","alert_count":0,"request_count":4,"received_data":3549,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.sedoparking.com","ip":{"addr":"205.234.175.175","port":443,"asn":30081,"as":"CACHENETWORKS","country":"United States","country_code":"US"},"domain_registered":"2001-09-18","domain_rank":54200,"first_seen":"2013-04-23 00:23:29","last_seen":"2024-09-04 19:03:41","alert_count":0,"request_count":2,"received_data":18568,"sent_data":904,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-09-04 18:12:03","alert_count":0,"request_count":7,"received_data":4899,"sent_data":2275,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10 13:11:19","last_seen":"2024-09-03 18:22:12","alert_count":0,"request_count":1,"received_data":56614,"sent_data":456,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-04","alert":"Sinkholed","trigger":"vofycot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-04","alert":"Sinkholed","trigger":"vofycot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?adsafe=low\u0026adtest=off\u0026psid=4449419535\u0026channel=exp-0046%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3MjU1MTAyOTQmdGNpZD13dzE2LnZvZnljb3QuY29tNjZkOTMyOTY5YzMyNTEuODc4NDQ1MTgmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPUc1Z3gySVFpRmQyZHlwV1N4LVdx\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266\u0026format=r3%7Cs\u0026nocache=5141725510295225\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1725510295239\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=1479\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=667606770\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20240905-1419-507b-a130-7445afcf7de5","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"02d1cea57efd781614a066d9f1820864","sha1":"caa16f6b4ca777994994c62826bef17b09993962","sha256":"ac7f7936f833e676a0f0266fc00e9322aa9f0d7affcf75eb385e51eb82c09874","sha512":"eff0e15e8969427cc20e0cebc495489deb5845b696c7d818d2dfc77b7aceb85008ca8f4a151a1d967d5e1839aa18f6516a2a00a0043155610543576ef7b2571d","ssdeep":"","tlshash":"32116f831c688360c86721121c5b3f935cbc183122d72288f31d99ca20bcfef6b182bb","size":885,"data":"","first_seen":"2024-09-19T22:32:24.328365Z","last_seen":"2024-09-19T22:32:24.328365Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d20019926893df545dd72d0cac61cb7","sha1":"51f1535cb24ea8b489d1bc4c2156a5e4ea0e4513","sha256":"777a7a4535c637ced6b7467bc55f42dd936506a32d787c678133d22c7193bdef","sha512":"2913270910bd259bb1667a2167d394aa447a955dfb34d16bbc6122174a806cd8fdd78fff9b4d79b818d00686abe88a4b5a58fc88af4b86cdc082290bd2ada397","ssdeep":"1536:LX/xbg4DuPemooPy7WnHPh4a2EwG19OxHRdjhJBjDSc4Y52kovgwlZXqjzsZ1Dsb:w59cjhJB7wkeesZtpmqc+VHu","tlshash":"5fe35c9d73a5703253a394b4603f528fb23af965e80849b4b098c8e47cb5da84277f7d","size":153711,"data":"","first_seen":"2024-08-28T20:12:34Z","last_seen":"2024-09-20T20:15:49.04462Z","times_seen":906,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"3519ae3ff6e4dbf01f12c243e5cbb861","sha1":"6e3228c9ad51a86a38cbcdd34b7ffd18dca31489","sha256":"967121782ec2bdc3255a1c852070d5095ca3cb0a12d9843e2045349c4b8bcbf0","sha512":"c5edb48d30b762d6a106d65f42632004a0ee30241f65df46b8820c3f30db8af59767507dde53c7d61fa4431c4c7bcbbdbc0f1fe369ae93a663989acb68662f1a","ssdeep":"96:rPtNUiE1XzxdLvoN46mawAN46mNUx6h6nFKVGWx6h6nFKkVcLzy/g4Jl0UOs:rPYisXDLvooCoax6h6nF+x6h6nF03+gM","tlshash":"c681f9088dc50beb822448c8f141bc42077d21a3694861edf6668c9f1bfffde11b525b","size":4110,"data":"","first_seen":"2024-09-19T22:32:24.331596Z","last_seen":"2024-09-19T22:32:24.331596Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d60075ca9fc1ccbd9fe84f2410194ad","sha1":"2a4abb2f89ef7f55b39161e7490bf9b535aa6eac","sha256":"8aa97280550e6fbd132775e60031fd3a87ab0765a2a8860b0c2456836f45a76c","sha512":"45c5f3e38f9aaec66ef9f1c7975342d345706fae7754126887188ff6fe5f3971cbaddd5a1eadf371a7afd5cfaeab267d2525d9129fe96b34cf0ecc24330a16ff","ssdeep":"1536:bX/xbg4DuPemooPy7WnHPh4a2EwG19OxHRdjhJBjDSc4Y52kovgwlZXqjzsZ1Dsb:g59cjhJB7wkeesZtpmqc+VHu","tlshash":"13e35c9d73a5703253a394b4603f528fb23af965e80849b4b098c8e47cb5d984277f7d","size":153704,"data":"","first_seen":"2024-08-28T20:12:34Z","last_seen":"2024-09-20T20:16:23.692799Z","times_seen":522,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"8ee03b1bb0fd41ea4bbc3b190a939b00","sha1":"6abdd8f03db1c2e57d9e9cda9a599674dd12230c","sha256":"ecc7b6d0b7e8c98e5fe25d85aecabcd5816a8b45d5e96fbfa3b455ad966c47ee","sha512":"6d2753ad2d4a52f7201f40790cfb8b97814857330fef84a68443640e62411e6c8610462a3d414609fe477f285a81b2b9d9d0abb268650c73b62a038ae5860267","ssdeep":"","tlshash":"21f002b135b10346c632eb67f2db01517d5dc013c040f56371be90100fc89161aa0b96","size":622,"data":"","first_seen":"2023-05-02T12:53:07Z","last_seen":"2025-01-29T07:05:45.698299Z","times_seen":1752,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"978e89b89f929ebbd0a746295eafbcbe","sha1":"6b92ab60432c1e5a8aebc60ebc94f1f24c28cea6","sha256":"848eaac812a5c6ef9f75fc33f2bfbb7169bfea60bc4d4a28a7e77d1737ca42ac","sha512":"c7b6c342a6cc4121c889e38dc07ec85f7b3b1ff7811c0babb5f5abaf39a984424751eb1a7ff400e9bd45f0d49e96be85ff30023dfe9de0b3c0463e1d136e42d1","ssdeep":"96:zQIHrUsXy9Cp1OuKfIqT1M6BXXjgXnB9qPsBJaqJ4uSnx73CUnKVGSrbH:jrUs2nDxQqPJTuIRIESrbH","tlshash":"26c194723145347a4aff0751206f1f14b67ae8533a08b419b028b7e82bebd5744dbb6a","size":5888,"data":"","first_seen":"2024-05-23T11:11:38Z","last_seen":"2026-03-23T00:52:59.161451Z","times_seen":188504,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads/i/iframe.html","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"33839cb72649c81ab58b763c95b4a163","sha1":"0c9b62881e660fded013cee58439ae287690065a","sha256":"cdded269406c9b2b49a3066d12e75913abf338cdd7fa00e31fff299efef1cb76","sha512":"c72011d6bc068615b6a9e4f659c5aeb6c04a889bd4163e4a351d7659c48e715a94002e35637c3e1cb6a9b269271fb43d6b77495000ab1143ee401e2bb68b7357","ssdeep":"","tlshash":"2e218b6e4c50822f6eb63e9e296fba04fb235421e049e1d0c54cf865397df93892d9f4","size":1302,"data":"","first_seen":"2023-04-05T04:36:39Z","last_seen":"2025-03-02T05:25:03.460086Z","times_seen":67768,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:53.970411765Z","timestamp":1725510293970,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"ED538EA400323F4C987F91C0B0AFC79A8526B62F7AA317DD62BD107CB37850A2\"\r\nLast-Modified: Tue, 03 Sep 2024 09:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4932\r\nExpires: Thu, 05 Sep 2024 05:47:05 GMT\r\nDate: Thu, 05 Sep 2024 04:24:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"8d2e6150f7d0845dc26f5bd5cd6f28dd","sha1":"6aad5091620585a5f76065c1888456ee70b88257","sha256":"ed538ea400323f4c987f91c0b0afc79a8526b62f7aa317dd62bd107cb37850a2","sha512":"dd2b8ba0eb764244c92b404bd053d75174a13127c61027fff0a538fa2d3375f480ee774bb73c01010e728b0f9ad66bc3dc9c6a1357e24ef34d10fb84b89bc9a1","ssdeep":"","tlshash":"31f0c0ba27ad7511adf1612025b4e83c2b546cfb74405aa874949041ed10ff8298241c","first_seen":"2024-09-03T15:32:51Z","last_seen":"2024-09-19T22:57:09.758778Z","times_seen":28107,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:54.000904337Z","timestamp":1725510294000,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"41C00088AFC20571F6A0C6998324D9517346256AC33696DC706192EC606FE7A7\"\r\nLast-Modified: Mon, 02 Sep 2024 12:20:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3626\r\nExpires: Thu, 05 Sep 2024 05:25:19 GMT\r\nDate: Thu, 05 Sep 2024 04:24:53 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"66fbf7f95cb55f388373a20d4b1a736e","sha1":"afc34259758a563362367848629ff7639982e1fb","sha256":"41c00088afc20571f6a0c6998324d9517346256ac33696dc706192ec606fe7a7","sha512":"80f0c1a3f29e795722e05ea6260e1ec92780f3f554ace63e7a0e4ad5d030be18b0cde8397bffc652a92306b23ba802aa8a0db463bac3a6827e645816bd5759a0","ssdeep":"","tlshash":"02f00e7956f2e6c3faf8112314a6ed606c227aab780021a279800ac239c67f6678545c","first_seen":"2024-09-02T19:20:57Z","last_seen":"2024-09-19T23:09:36.632755Z","times_seen":35846,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:54.292002381Z","timestamp":1725510294292,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"62ED97A3678824305419366056FD0BEE73359522822CA42A16FABDCC3AD982BE\"\r\nLast-Modified: Mon, 02 Sep 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3550\r\nExpires: Thu, 05 Sep 2024 05:24:04 GMT\r\nDate: Thu, 05 Sep 2024 04:24:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3b182d2525d361002ced8590b8a9ce07","sha1":"12cd4e482375e47fdc8cde29fe98a6e3498260df","sha256":"62ed97a3678824305419366056fd0bee73359522822ca42a16fabdcc3ad982be","sha512":"a9af0e3420d2ef7b1e515e4014c080aa80aca75d801f852b484ac418bafb12eda0ff0e4d2ae943bc5fab828c296a2ec8ec22c6b66222a285f3dd6a5c7fe82cfd","ssdeep":"","tlshash":"4bf005b9a5b5ba148aed1c4468f5c51d9b107efd3cc111c3acc5c1b52e5575c019410d","first_seen":"2024-09-02T21:43:18Z","last_seen":"2024-09-19T23:06:53.189609Z","times_seen":16139,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:54.36114021Z","timestamp":1725510294361,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"2B2A41201A3881BD029AB7161BE291B23128D5952E5959092607B98C951FA18C\"\r\nLast-Modified: Mon, 02 Sep 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13616\r\nExpires: Thu, 05 Sep 2024 08:11:50 GMT\r\nDate: Thu, 05 Sep 2024 04:24:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cabaaa7c3e6a621cc5836be05eee4924","sha1":"c4bc6288aed0597ff7ae2dbc5aea340b6c9636b8","sha256":"2b2a41201a3881bd029ab7161be291b23128d5952e5959092607b98c951fa18c","sha512":"7da36317a8c4f485281c503bcc03813f77f4339dd43124bdba3345414625f7dbb71911cd5eb19e1d4afb482b9ce0ffb5678bd41d4d5e6e77f56069bd2f99817d","ssdeep":"","tlshash":"a0f00efb12f33260dbf59d293989f23a0610ad9ebc2198e624c5d1cb9442fec408890c","first_seen":"2024-09-02T19:36:30Z","last_seen":"2024-09-19T23:09:22.854855Z","times_seen":22244,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.sedoparking.com/templates/bg/multi-arrows.png","fqdn":"img.sedoparking.com","domain":"sedoparking.com","tld":"com"},"ip":{"addr":"205.234.175.175","port":443,"asn":30081,"as":"CACHENETWORKS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:54.946Z","timestamp":1725510294946,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cachefly.net","organization":"Cachenetworks, LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 13 Nov 2023 19:46:02 GMT","end":"Sat, 14 Dec 2024 19:46:01 GMT"},"fingerprint":{"sha1":"0F:4E:B2:D7:96:B9:94:D0:35:66:76:6C:4B:16:18:49:DE:42:80:71","sha256":"B4:3D:3A:B6:67:6B:37:A7:E4:37:72:9C:D8:78:19:54:42:D6:E2:12:1F:92:06:04:F9:E5:21:A9:9D:0F:F1:88"}}},"request":{"raw":"GET /templates/bg/multi-arrows.png HTTP/1.1\r\nHost: img.sedoparking.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 05 Sep 2024 04:24:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 2531\r\naccess-control-allow-origin: *\r\nx-cff: B\r\nlast-modified: Mon, 19 Dec 2022 10:23:48 GMT\r\nx-cf3: H\r\ncf4age: 83049\r\nx-cf-tsc: 1711123655\r\ncf4ttl: 31452950.000\r\nx-cf2: H\r\nserver: CFS 1124\r\nx-cf-reqid: 1c5d928ee61931bf04a63312191e02a0\r\nx-cf1: 11696:fD.arn1:nom:cacheN.arn1-01:H\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2531,"size_decoded":2531,"mime_type":"image/png","magic":"PNG image data, 150 x 699, 8-bit colormap, non-interlaced","md5":"53f75042704429bbc0e7b7f6e85bcb1d","sha1":"f5f38bd2b62556831782ee4c28456c33323926ce","sha256":"bdb38096f60e6d8afd62265287852a6c82a818ec048e0288a88f2b96b4b8f475","sha512":"11df32197ab23677a64bf5d872f35664a895c2cdd73039fbcc2725252ee3ac8116f98d9086de567046c7fa14e8a7033135c5e22ad1ba3fd7147c3a95a302c13e","ssdeep":"","tlshash":"9c51c7d96e5d15e4caedba312a633ab45d5f28440392f0b2aef18c560c34645823ed67","first_seen":"2023-04-25T19:56:26Z","last_seen":"2026-05-10T13:05:59.858438Z","times_seen":9527,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":39,"dns":0,"connect":8,"send":0,"wait":8,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:55.101408652Z","timestamp":1725510295101,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 05 Sep 2024 04:24:55 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"d6875ab4d1f40fdd82800bb2916ffdaa","sha1":"08e6c7376a94fff8a2f866e618ccf0e3c77ec95f","sha256":"93239f8b1fa17d7455695a59fb32d1b65245bd4977a603f51bd99081d9875068","sha512":"ecb26dea87a1ec58ae42c6069f43bb9bb39a8a0050e5d014803d745c09b46322a573b1ba31087e4d1110f80c85b6d768ccbde1a6aa6c3845f0bff31501949c9c","ssdeep":"","tlshash":"39f0d4b152f96d125e63281596ddf3747431688994580cc570328bcd3b97bb54d08355","first_seen":"2024-09-04T18:03:30Z","last_seen":"2024-09-19T22:40:59.429122Z","times_seen":1161,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.132","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:54.944Z","timestamp":1725510294944,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Aug 2024 07:19:58 GMT","end":"Mon, 28 Oct 2024 07:19:57 GMT"},"fingerprint":{"sha1":"E5:F5:76:67:A7:F7:FE:5F:BF:24:ED:E2:9A:3C:07:64:0E:70:74:AA","sha256":"76:5A:1E:F3:AF:91:CF:4A:30:E8:5C:93:C2:E7:83:B6:66:9C:E9:94:56:7F:FB:8E:54:8F:71:05:27:CF:4F:2B"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Thu, 05 Sep 2024 04:24:55 GMT\r\nexpires: Thu, 05 Sep 2024 04:24:55 GMT\r\ncache-control: private, max-age=3600\r\netag: \"5000624163598899228\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55773,"size_decoded":55773,"mime_type":"text/javascript; charset=UTF-8","magic":"gzip compressed data, max compression","md5":"86ee868d6edc48ae341ce103240fff1c","sha1":"5c3678dec1bdc9aa6e777a7ca3442c350f483156","sha256":"4905ab3b3789139410497b9faad96a2cf4e184b23163edb37e608dea11587a8b","sha512":"94a7f9b1a57bc8c17c4feaa656d17c9bc8cc997db3402bf22274fdf78f3fbed8ab0c534ab365cef047c26331d2693ebf375f5a36b9d621486f03d6a034a6ee92","ssdeep":"1536:PDymkxzOb4f/Dxshc62zgHn/4JTNCEnjFWUO4soS1jYYtO:6z5yc6+gHn/4JJzjsUssIO","tlshash":"9d43029212e4aa1e84ddc4228b6659d23c0fcf66a4cb7946fa1d57d21c243ce10bb9e7","first_seen":"2024-09-04T21:46:41Z","last_seen":"2024-09-19T22:38:15.0659Z","times_seen":17,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":156,"dns":1,"connect":23,"send":0,"wait":34,"receive":0,"ssl":130},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww16.vofycot.com/search/tsc.php?ses=ogcdssBp-aBUPGVZ7yECHjc_1X41EM-HbvXdooSCpkziYsLcTPfcbm5D_ITnrzsXoY3gwcKt1NDtuEsk0WHu4sZqwcbGZbDFsyWaXhY27u86QQImAAD21nImIdEEskrrfKOIt_YekBcsoyxKsHXBerEatqUWqvdRNeoLQC4t0j8NgzVEHbPdBisXuTAXnvuhHHjZohXOpriwkDgETK2gwTYOSAvVqNWiOI0I7PJS4JuBdW86X7yxWmBkMSV7ROPn44xinL23yMyVJcRvUCKeU9Xw2Im8drHOeFj3sxEa9PZRYdFHSxsgsk4NemREx0Q6zewBSTNr6drTf91KWC1d0YwA1zG9GvlqK0k-Yh6jeaYyZzqC6falZ7vyS4JSg\u0026cv=2","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:55.257Z","timestamp":1725510295257,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww16.vofycot.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Thu, 02 Nov 2023 00:00:00 GMT","end":"Sat, 02 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"77:E9:D4:A2:BA:16:65:DB:42:BE:75:37:14:8C:76:AC:69:F6:79:69","sha256":"35:FC:2C:4E:46:BE:81:6A:DF:9F:FD:53:6B:0C:DA:1C:B9:F1:BF:8B:45:09:D0:DE:8A:54:86:04:AF:F1:84:43"}}},"request":{"raw":"GET /search/tsc.php?ses=ogcdssBp-aBUPGVZ7yECHjc_1X41EM-HbvXdooSCpkziYsLcTPfcbm5D_ITnrzsXoY3gwcKt1NDtuEsk0WHu4sZqwcbGZbDFsyWaXhY27u86QQImAAD21nImIdEEskrrfKOIt_YekBcsoyxKsHXBerEatqUWqvdRNeoLQC4t0j8NgzVEHbPdBisXuTAXnvuhHHjZohXOpriwkDgETK2gwTYOSAvVqNWiOI0I7PJS4JuBdW86X7yxWmBkMSV7ROPn44xinL23yMyVJcRvUCKeU9Xw2Im8drHOeFj3sxEa9PZRYdFHSxsgsk4NemREx0Q6zewBSTNr6drTf91KWC1d0YwA1zG9GvlqK0k-Yh6jeaYyZzqC6falZ7vyS4JSg\u0026cv=2 HTTP/1.1\r\nHost: ww16.vofycot.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Thu, 05 Sep 2024 04:24:55 GMT\r\nserver: Parking/1.0\r\nx-cache-miss-from: parking-fb7ffd9b7-4t4x4\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T00:28:25.325726Z","times_seen":14980871,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-04","alert":"Sinkholed","trigger":"vofycot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.sedoparking.com/templates/logos/sedo_logo.png","fqdn":"img.sedoparking.com","domain":"sedoparking.com","tld":"com"},"ip":{"addr":"205.234.175.175","port":443,"asn":30081,"as":"CACHENETWORKS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:55.305Z","timestamp":1725510295305,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cachefly.net","organization":"Cachenetworks, LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 13 Nov 2023 19:46:02 GMT","end":"Sat, 14 Dec 2024 19:46:01 GMT"},"fingerprint":{"sha1":"0F:4E:B2:D7:96:B9:94:D0:35:66:76:6C:4B:16:18:49:DE:42:80:71","sha256":"B4:3D:3A:B6:67:6B:37:A7:E4:37:72:9C:D8:78:19:54:42:D6:E2:12:1F:92:06:04:F9:E5:21:A9:9D:0F:F1:88"}}},"request":{"raw":"GET /templates/logos/sedo_logo.png HTTP/1.1\r\nHost: img.sedoparking.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 05 Sep 2024 04:24:55 GMT\r\ncontent-type: image/png\r\ncontent-length: 15086\r\naccess-control-allow-origin: *\r\ncache-control: max-age=604800\r\nexpires: Thu, 12 Sep 2024 04:24:55 GMT\r\nx-cfhash: \"def00c11b1596db4efee6a9fbe64fc27\"\r\nx-cff: B\r\nlast-modified: Mon, 11 Jan 2021 07:44:34 GMT\r\nx-cf3: H\r\ncf4age: 21299\r\nx-cf-tsc: 1711144658\r\ncf4ttl: 31514700.000\r\nx-cf2: H\r\nserver: CFS 1124\r\nx-cf-reqid: 4fabbb66df75929f83ffd2b8b4ae35de\r\nx-cf1: 11696:fD.arn1:cf:nom:cacheN.arn1-01:H\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15086,"size_decoded":15086,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"def00c11b1596db4efee6a9fbe64fc27","sha1":"bd298981e6d8d7e4ffa18abcf687041f4246672d","sha256":"95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4","sha512":"c056e95dbfa1aab3a50dff18c6d577dbffea72c93316ffc53b6b7aa41dcc7707a810d563894589a7305de0b76610f88150b2034670de368773b2b356f14ad30f","ssdeep":"192:jiHSINqv0tJ30DezSfPAXTZwC3D2N2xp1Fd/ar/+zi3LHZNwkQH0iWpXDt3TN8rB:jzAnP9j","tlshash":"31623e0bfd4bc358ce50b23ae67c4bfb6361d8c1b090a7e257d9d51aafa7b014c9a011","first_seen":"2023-04-14T07:11:21Z","last_seen":"2026-05-11T00:27:33.502837Z","times_seen":229746,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:55.336839618Z","timestamp":1725510295336,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 05 Sep 2024 04:24:55 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"1ac1d5b146c70db6ae03ff6462c6f44d","sha1":"259beab043004a9c549375a59c6e15e5d06b64b2","sha256":"937adb716430d12600166e69ec70e202be5f7ab83319452de4e9a94af2aaedb9","sha512":"ebf8f29cfbd84e5cb285af39576b613276eceef2818ffca8e7b5544e780e248f52a730708550144ab9e29ffaeeb24f29a564c980c9cd480e3a2fafb9e6db30cf","ssdeep":"","tlshash":"2df0549a63f87b48dc325d1871f8f5b6145008581809340c203a03d5378f78e0e1873c","first_seen":"2024-09-04T18:30:05Z","last_seen":"2024-09-19T22:40:37.463479Z","times_seen":491,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:55.337959861Z","timestamp":1725510295337,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 05 Sep 2024 04:24:55 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"1ac1d5b146c70db6ae03ff6462c6f44d","sha1":"259beab043004a9c549375a59c6e15e5d06b64b2","sha256":"937adb716430d12600166e69ec70e202be5f7ab83319452de4e9a94af2aaedb9","sha512":"ebf8f29cfbd84e5cb285af39576b613276eceef2818ffca8e7b5544e780e248f52a730708550144ab9e29ffaeeb24f29a564c980c9cd480e3a2fafb9e6db30cf","ssdeep":"","tlshash":"2df0549a63f87b48dc325d1871f8f5b6145008581809340c203a03d5378f78e0e1873c","first_seen":"2024-09-04T18:30:05Z","last_seen":"2024-09-19T22:40:37.463479Z","times_seen":491,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads/i/iframe.html","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:55.242Z","timestamp":1725510295242,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Aug 2024 07:28:52 GMT","end":"Mon, 28 Oct 2024 07:28:51 GMT"},"fingerprint":{"sha1":"DE:8D:5C:FE:24:EB:DA:BC:82:53:9F:0F:0E:84:76:6B:17:A1:29:52","sha256":"44:AF:5D:6A:79:40:9A:8C:26:82:91:EF:65:CE:6A:06:1A:40:54:7B:B1:31:6A:F4:83:CD:20:9B:31:C8:5C:28"}}},"request":{"raw":"GET /afs/ads/i/iframe.html HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/html\r\ncontent-security-policy: script-src 'nonce-_MIda8a43AqQMDAzZyQZzQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ncontent-length: 729\r\ndate: Thu, 05 Sep 2024 04:24:55 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, must-revalidate\r\nlast-modified: Tue, 12 Mar 2024 06:00:00 GMT\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":729,"size_decoded":1560,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1559)","md5":"da2960c0e30939c9476210d06c16063b","sha1":"f630cdfb1d4477561b1fdddbf8dec3ccb9d882a3","sha256":"be3d3dd5b840e7eddde5da96310672cfa5a0badd6508b2641f06efd9782ad560","sha512":"00871ed0496157cd9b646aed9d68e77da251f90ffd50fb919ef355aac43e0981d4fc7095c3f5efb2df8505453c27dbe293bfde0f6628ae76606cd5f3dfaddf74","ssdeep":"","tlshash":"bd31b1af4c94812e2e723d9d2d9bb604fa139424e445e5d0c58cf46939b9fc3882a9f4","first_seen":"2024-09-19T22:32:24.320339Z","last_seen":"2024-09-19T22:32:24.320339Z","times_seen":1,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":99,"dns":0,"connect":21,"send":0,"wait":16,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?adsafe=low\u0026adtest=off\u0026psid=4449419535\u0026channel=exp-0046%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3MjU1MTAyOTQmdGNpZD13dzE2LnZvZnljb3QuY29tNjZkOTMyOTY5YzMyNTEuODc4NDQ1MTgmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPUc1Z3gySVFpRmQyZHlwV1N4LVdx\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266\u0026format=r3%7Cs\u0026nocache=5141725510295225\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1725510295239\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=1479\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=667606770\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20240905-1419-507b-a130-7445afcf7de5","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:55.253Z","timestamp":1725510295253,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Aug 2024 07:28:52 GMT","end":"Mon, 28 Oct 2024 07:28:51 GMT"},"fingerprint":{"sha1":"DE:8D:5C:FE:24:EB:DA:BC:82:53:9F:0F:0E:84:76:6B:17:A1:29:52","sha256":"44:AF:5D:6A:79:40:9A:8C:26:82:91:EF:65:CE:6A:06:1A:40:54:7B:B1:31:6A:F4:83:CD:20:9B:31:C8:5C:28"}}},"request":{"raw":"GET /afs/ads?adsafe=low\u0026adtest=off\u0026psid=4449419535\u0026channel=exp-0046%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3MjU1MTAyOTQmdGNpZD13dzE2LnZvZnljb3QuY29tNjZkOTMyOTY5YzMyNTEuODc4NDQ1MTgmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPUc1Z3gySVFpRmQyZHlwV1N4LVdx\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266\u0026format=r3%7Cs\u0026nocache=5141725510295225\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1725510295239\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=1479\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=667606770\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20240905-1419-507b-a130-7445afcf7de5 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-disposition: inline\r\ndate: Thu, 05 Sep 2024 04:24:55 GMT\r\nexpires: Thu, 05 Sep 2024 04:24:55 GMT\r\ncache-control: private, max-age=3600\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-7P7wlLyoDzfWAa0lt-RzGg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 3072\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3072,"size_decoded":14610,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (13779)","md5":"b2c6373042faad551565e65a3bd9494c","sha1":"b3e945f496db5271d3fc020180c7c40bfb667473","sha256":"18697d9a2a48df9b09faee892ce8eaa1cf489bb475cb1f6941df0b1163cdd29a","sha512":"6495f66012e54270c898c794f7bc22b3277d18287751cd514b1e2b3d4edd200f127f716603d0a8fa771780f2d122488922e9b9e40c28f08f9c200b3045760fa1","ssdeep":"192:GE12iMpgnx0BBhKVgWruoH6oEzoa906+zMkDi:Gni0VKq19906hkDi","tlshash":"4862653764a1271d49039c541b166f6ed191d43ac4ab31f848e31f26c7ebf828fe628d","first_seen":"2024-09-19T22:32:24.321867Z","last_seen":"2024-09-19T22:32:24.321867Z","times_seen":1,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":87,"dns":8,"connect":8,"send":0,"wait":81,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:55.428523074Z","timestamp":1725510295428,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 05 Sep 2024 04:24:55 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"1ac1d5b146c70db6ae03ff6462c6f44d","sha1":"259beab043004a9c549375a59c6e15e5d06b64b2","sha256":"937adb716430d12600166e69ec70e202be5f7ab83319452de4e9a94af2aaedb9","sha512":"ebf8f29cfbd84e5cb285af39576b613276eceef2818ffca8e7b5544e780e248f52a730708550144ab9e29ffaeeb24f29a564c980c9cd480e3a2fafb9e6db30cf","ssdeep":"","tlshash":"2df0549a63f87b48dc325d1871f8f5b6145008581809340c203a03d5378f78e0e1873c","first_seen":"2024-09-04T18:30:05Z","last_seen":"2024-09-19T22:40:37.463479Z","times_seen":491,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:55.725225598Z","timestamp":1725510295725,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 05 Sep 2024 04:24:55 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"07b513c36c651c31e209c138dc2e2df4","sha1":"ad48d12abf234e45aabb676048f3f95f9439ff92","sha256":"552ce487b838e981ca1e2cbccaf0da79dc8525776fb1cea4a64d29c47af6696a","sha512":"f7af54461176717a931e639cc5b6ef07e72f5d5e0620379835c81095852c9c80401d74b975cfb89ed814d323593fcee73aa70bbd899927b987020365b20579fe","ssdeep":"","tlshash":"c2f0d4a963f0794eb815172412dceaf51d310a041db83a05267e98c757586fd050ce7e","first_seen":"2024-09-04T18:06:59Z","last_seen":"2024-09-19T22:40:53.184891Z","times_seen":738,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:55.73677966Z","timestamp":1725510295736,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 05 Sep 2024 04:24:55 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"07b513c36c651c31e209c138dc2e2df4","sha1":"ad48d12abf234e45aabb676048f3f95f9439ff92","sha256":"552ce487b838e981ca1e2cbccaf0da79dc8525776fb1cea4a64d29c47af6696a","sha512":"f7af54461176717a931e639cc5b6ef07e72f5d5e0620379835c81095852c9c80401d74b975cfb89ed814d323593fcee73aa70bbd899927b987020365b20579fe","ssdeep":"","tlshash":"c2f0d4a963f0794eb815172412dceaf51d310a041db83a05267e98c757586fd050ce7e","first_seen":"2024-09-04T18:06:59Z","last_seen":"2024-09-19T22:40:53.184891Z","times_seen":738,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23000000","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?adsafe=low\u0026adtest=off\u0026psid=4449419535\u0026channel=exp-0046%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3MjU1MTAyOTQmdGNpZD13dzE2LnZvZnljb3QuY29tNjZkOTMyOTY5YzMyNTEuODc4NDQ1MTgmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPUc1Z3gySVFpRmQyZHlwV1N4LVdx\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266\u0026format=r3%7Cs\u0026nocache=5141725510295225\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1725510295239\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=1479\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=667606770\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:55.626Z","timestamp":1725510295626,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Aug 2024 07:15:31 GMT","end":"Mon, 28 Oct 2024 07:15:30 GMT"},"fingerprint":{"sha1":"6C:DD:E8:38:9C:56:23:58:B5:BF:84:3B:D0:2B:24:C7:10:3E:89:C3","sha256":"47:8D:1A:C6:01:94:5F:62:7D:06:07:FE:6F:6D:76:F6:FB:C2:99:03:8E:F9:B9:52:AB:16:A0:13:55:AF:56:22"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23000000 HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 270\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 04 Sep 2024 15:23:55 GMT\r\nexpires: Thu, 05 Sep 2024 14:23:55 GMT\r\ncache-control: public, max-age=82800\r\nage: 46860\r\nlast-modified: Thu, 20 Jul 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":270,"size_decoded":391,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"78d29b2362fcb5dee6fe8111c4f1c53b","sha1":"5019bfbd17efb89c68be43d489ebf98d7d707119","sha256":"008270530fe4a3f4bcbec41da05d40361aca8edf374a464c70d5cacfb8e06fd4","sha512":"af58e57cff86442af1f0b258276a751c0d0499b4b0d1379e8405069af078bb31bb7522cd63f3b0b0f6d02c1dd883189d3511866fe303fba302aa76982cd54a18","ssdeep":"","tlshash":"9fe061fb81446d048a4543b0ed09b7a846eff076539d91b7c1e0e6fcb0448da6cd2745","first_seen":"2023-05-08T11:49:16Z","last_seen":"2026-03-01T19:00:52.58765Z","times_seen":11625,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":100,"dns":2,"connect":23,"send":0,"wait":22,"receive":0,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23000000","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?adsafe=low\u0026adtest=off\u0026psid=4449419535\u0026channel=exp-0046%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3MjU1MTAyOTQmdGNpZD13dzE2LnZvZnljb3QuY29tNjZkOTMyOTY5YzMyNTEuODc4NDQ1MTgmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPUc1Z3gySVFpRmQyZHlwV1N4LVdx\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266\u0026format=r3%7Cs\u0026nocache=5141725510295225\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1725510295239\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=1479\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=667606770\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:55.624Z","timestamp":1725510295624,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Aug 2024 07:15:31 GMT","end":"Mon, 28 Oct 2024 07:15:30 GMT"},"fingerprint":{"sha1":"6C:DD:E8:38:9C:56:23:58:B5:BF:84:3B:D0:2B:24:C7:10:3E:89:C3","sha256":"47:8D:1A:C6:01:94:5F:62:7D:06:07:FE:6F:6D:76:F6:FB:C2:99:03:8E:F9:B9:52:AB:16:A0:13:55:AF:56:22"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23000000 HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 173\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 04 Sep 2024 21:18:26 GMT\r\nexpires: Thu, 05 Sep 2024 20:18:26 GMT\r\ncache-control: public, max-age=82800\r\nage: 25589\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":173,"size_decoded":200,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a12df2436667e359ab4623080d0a6fed","sha1":"e62f87b1d55545c0836af1cd8d849b41d9ed5f4f","sha256":"245be54e1421d7f071cc82866858258d5be20e08b1ffaeb4d7f59106d1805fd6","sha512":"e73926bbc4f11c6245517744c42e80635951f4ec2352eeebdb07a3a1e808f1cd08db838c54596728f4c1346fb4b6cde76851662bbe16cb6f409f7b274268e152","ssdeep":"","tlshash":"d8d02292c2186d28c51e82f0c37c712a00ea70a2238c00ccfa81a300720c8abb861668","first_seen":"2023-05-09T10:40:20Z","last_seen":"2026-03-01T19:00:52.571164Z","times_seen":68919,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":114,"dns":1,"connect":21,"send":0,"wait":21,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:55.957266075Z","timestamp":1725510295957,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 05 Sep 2024 04:24:55 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"07b513c36c651c31e209c138dc2e2df4","sha1":"ad48d12abf234e45aabb676048f3f95f9439ff92","sha256":"552ce487b838e981ca1e2cbccaf0da79dc8525776fb1cea4a64d29c47af6696a","sha512":"f7af54461176717a931e639cc5b6ef07e72f5d5e0620379835c81095852c9c80401d74b975cfb89ed814d323593fcee73aa70bbd899927b987020365b20579fe","ssdeep":"","tlshash":"c2f0d4a963f0794eb815172412dceaf51d310a041db83a05267e98c757586fd050ce7e","first_seen":"2024-09-04T18:06:59Z","last_seen":"2024-09-19T22:40:53.184891Z","times_seen":738,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:56.53309511Z","timestamp":1725510296533,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A\"\r\nLast-Modified: Mon, 02 Sep 2024 14:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7576\r\nExpires: Thu, 05 Sep 2024 06:31:12 GMT\r\nDate: Thu, 05 Sep 2024 04:24:56 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c96a4972e341191f93e963880196f8e1","sha1":"8318aa6dcbdababe8728023ec9ef3aaac10917a9","sha256":"dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a","sha512":"421ac0df88874013ca3d60effb579ccd6e51ef8474cd8656e2632446e6706ce125bd3044bf5ed5826ba1bc65a9b4464617a17758a343c993914c3b07368940cb","ssdeep":"","tlshash":"16f00eb326717a418cf84c21d8cac02e0e28777d058341670a169af36aa17fe150040c","first_seen":"2024-09-02T19:32:31Z","last_seen":"2024-09-19T23:09:22.857014Z","times_seen":21388,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:56.534222992Z","timestamp":1725510296534,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A\"\r\nLast-Modified: Mon, 02 Sep 2024 14:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7576\r\nExpires: Thu, 05 Sep 2024 06:31:12 GMT\r\nDate: Thu, 05 Sep 2024 04:24:56 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c96a4972e341191f93e963880196f8e1","sha1":"8318aa6dcbdababe8728023ec9ef3aaac10917a9","sha256":"dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a","sha512":"421ac0df88874013ca3d60effb579ccd6e51ef8474cd8656e2632446e6706ce125bd3044bf5ed5826ba1bc65a9b4464617a17758a343c993914c3b07368940cb","ssdeep":"","tlshash":"16f00eb326717a418cf84c21d8cac02e0e28777d058341670a169af36aa17fe150040c","first_seen":"2024-09-02T19:32:31Z","last_seen":"2024-09-19T23:09:22.857014Z","times_seen":21388,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:24:56.535298472Z","timestamp":1725510296535,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A\"\r\nLast-Modified: Mon, 02 Sep 2024 14:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7576\r\nExpires: Thu, 05 Sep 2024 06:31:12 GMT\r\nDate: Thu, 05 Sep 2024 04:24:56 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c96a4972e341191f93e963880196f8e1","sha1":"8318aa6dcbdababe8728023ec9ef3aaac10917a9","sha256":"dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a","sha512":"421ac0df88874013ca3d60effb579ccd6e51ef8474cd8656e2632446e6706ce125bd3044bf5ed5826ba1bc65a9b4464617a17758a343c993914c3b07368940cb","ssdeep":"","tlshash":"16f00eb326717a418cf84c21d8cac02e0e28777d058341670a169af36aa17fe150040c","first_seen":"2024-09-02T19:32:31Z","last_seen":"2024-09-19T23:09:22.857014Z","times_seen":21388,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=xd3p15u4e1v5\u0026aqid=lzLZZuvSFvKAxdwP1YKtkAs\u0026pbt=bs\u0026adbx=490\u0026adby=1287.6500244140625\u0026adbh=17\u0026adbw=300\u0026adbn=slave-1-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=667606770\u0026csala=11%7C0%7C234%7C94%7C45\u0026lle=0\u0026ifv=0\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:57.107Z","timestamp":1725510297107,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Aug 2024 07:28:52 GMT","end":"Mon, 28 Oct 2024 07:28:51 GMT"},"fingerprint":{"sha1":"DE:8D:5C:FE:24:EB:DA:BC:82:53:9F:0F:0E:84:76:6B:17:A1:29:52","sha256":"44:AF:5D:6A:79:40:9A:8C:26:82:91:EF:65:CE:6A:06:1A:40:54:7B:B1:31:6A:F4:83:CD:20:9B:31:C8:5C:28"}}},"request":{"raw":"GET /afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=xd3p15u4e1v5\u0026aqid=lzLZZuvSFvKAxdwP1YKtkAs\u0026pbt=bs\u0026adbx=490\u0026adby=1287.6500244140625\u0026adbh=17\u0026adbw=300\u0026adbn=slave-1-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=667606770\u0026csala=11%7C0%7C234%7C94%7C45\u0026lle=0\u0026ifv=0\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_m6FxunLm5mWTStfvn6l4w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Thu, 05 Sep 2024 04:24:57 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T00:28:25.325726Z","times_seen":14980871,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=mbcljuxm7er3\u0026aqid=lzLZZuvSFvKAxdwP1YKtkAs\u0026psid=4449419535\u0026pbt=bs\u0026adbx=232\u0026adby=151.64999389648438\u0026adbh=530\u0026adbw=816\u0026adbah=161%2C161%2C161\u0026adbn=master-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=667606770\u0026csala=26%7C0%7C219%7C94%7C45\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:57.105Z","timestamp":1725510297105,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Aug 2024 07:28:52 GMT","end":"Mon, 28 Oct 2024 07:28:51 GMT"},"fingerprint":{"sha1":"DE:8D:5C:FE:24:EB:DA:BC:82:53:9F:0F:0E:84:76:6B:17:A1:29:52","sha256":"44:AF:5D:6A:79:40:9A:8C:26:82:91:EF:65:CE:6A:06:1A:40:54:7B:B1:31:6A:F4:83:CD:20:9B:31:C8:5C:28"}}},"request":{"raw":"GET /afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=mbcljuxm7er3\u0026aqid=lzLZZuvSFvKAxdwP1YKtkAs\u0026psid=4449419535\u0026pbt=bs\u0026adbx=232\u0026adby=151.64999389648438\u0026adbh=530\u0026adbw=816\u0026adbah=161%2C161%2C161\u0026adbn=master-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=667606770\u0026csala=26%7C0%7C219%7C94%7C45\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-FuO8zld7W3yOxZ5HnHfpbA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Thu, 05 Sep 2024 04:24:57 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T00:28:25.325726Z","times_seen":14980871,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=6cc92uyiookg\u0026aqid=lzLZZuvSFvKAxdwP1YKtkAs\u0026psid=4449419535\u0026pbt=bv\u0026adbx=232\u0026adby=151.64999389648438\u0026adbh=530\u0026adbw=816\u0026adbah=161%2C161%2C161\u0026adbn=master-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=667606770\u0026csala=26%7C0%7C219%7C94%7C45\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:57.606Z","timestamp":1725510297606,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Aug 2024 07:28:52 GMT","end":"Mon, 28 Oct 2024 07:28:51 GMT"},"fingerprint":{"sha1":"DE:8D:5C:FE:24:EB:DA:BC:82:53:9F:0F:0E:84:76:6B:17:A1:29:52","sha256":"44:AF:5D:6A:79:40:9A:8C:26:82:91:EF:65:CE:6A:06:1A:40:54:7B:B1:31:6A:F4:83:CD:20:9B:31:C8:5C:28"}}},"request":{"raw":"GET /afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=6cc92uyiookg\u0026aqid=lzLZZuvSFvKAxdwP1YKtkAs\u0026psid=4449419535\u0026pbt=bv\u0026adbx=232\u0026adby=151.64999389648438\u0026adbh=530\u0026adbw=816\u0026adbah=161%2C161%2C161\u0026adbn=master-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=667606770\u0026csala=26%7C0%7C219%7C94%7C45\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-SvRI9rwPycJPHkctQ6aJVw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Thu, 05 Sep 2024 04:24:57 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T00:28:25.325726Z","times_seen":14980871,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww16.vofycot.com/login.php?sub1=20240905-1419-507b-a130-7445afcf7de5","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-05T04:24:54.439Z","timestamp":1725510294439,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww16.vofycot.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Thu, 02 Nov 2023 00:00:00 GMT","end":"Sat, 02 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"77:E9:D4:A2:BA:16:65:DB:42:BE:75:37:14:8C:76:AC:69:F6:79:69","sha256":"35:FC:2C:4E:46:BE:81:6A:DF:9F:FD:53:6B:0C:DA:1C:B9:F1:BF:8B:45:09:D0:DE:8A:54:86:04:AF:F1:84:43"}}},"request":{"raw":"GET /login.php?sub1=20240905-1419-507b-a130-7445afcf7de5 HTTP/1.1\r\nHost: ww16.vofycot.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Thu, 05 Sep 2024 04:24:54 GMT\r\nexpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nlast-modified: Thu, 05 Sep 2024 04:24:54 GMT\r\npragma: no-cache\r\nserver: Parking/1.0\r\nvary: Accept-Encoding\r\nx-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_D33CHcRb/H/d0WFGn1XKsLY1o2L0w7DhWAaNk0IjvodExx1V0a+TdKGvqnAl0M5Tyld7HgJrJpvB+P1WwteUkw==\r\nx-cache-miss-from: parking-fb7ffd9b7-czb9t\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25457,"size_decoded":25457,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T00:28:25.325726Z","times_seen":14980871,"resource_available":true,"data":null}},"time_used":407,"timings":{"blocked":173,"dns":1,"connect":24,"send":0,"wait":57,"receive":0,"ssl":147},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-04","alert":"Sinkholed","trigger":"vofycot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://syndicatedsearch.goog/afs/ads?adsafe=low\u0026adtest=off\u0026psid=4449419535\u0026channel=exp-0046%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3MjU1MTAyOTQmdGNpZD13dzE2LnZvZnljb3QuY29tNjZkOTMyOTY5YzMyNTEuODc4NDQ1MTgmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPUc1Z3gySVFpRmQyZHlwV1N4LVdx\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266\u0026format=r3%7Cs\u0026nocache=5141725510295225\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1725510295239\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=1479\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=667606770\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20240905-1419-507b-a130-7445afcf7de5","date":"2024-09-05T04:24:55.459Z","timestamp":1725510295459,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Aug 2024 07:28:52 GMT","end":"Mon, 28 Oct 2024 07:28:51 GMT"},"fingerprint":{"sha1":"DE:8D:5C:FE:24:EB:DA:BC:82:53:9F:0F:0E:84:76:6B:17:A1:29:52","sha256":"44:AF:5D:6A:79:40:9A:8C:26:82:91:EF:65:CE:6A:06:1A:40:54:7B:B1:31:6A:F4:83:CD:20:9B:31:C8:5C:28"}}},"request":{"raw":"GET /adsense/domains/caf.js HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Thu, 05 Sep 2024 04:24:55 GMT\r\nexpires: Thu, 05 Sep 2024 04:24:55 GMT\r\ncache-control: private, max-age=3600\r\netag: \"5040061370915620560\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":153711,"size_decoded":153711,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1618)","md5":"2d20019926893df545dd72d0cac61cb7","sha1":"51f1535cb24ea8b489d1bc4c2156a5e4ea0e4513","sha256":"777a7a4535c637ced6b7467bc55f42dd936506a32d787c678133d22c7193bdef","sha512":"2913270910bd259bb1667a2167d394aa447a955dfb34d16bbc6122174a806cd8fdd78fff9b4d79b818d00686abe88a4b5a58fc88af4b86cdc082290bd2ada397","ssdeep":"1536:LX/xbg4DuPemooPy7WnHPh4a2EwG19OxHRdjhJBjDSc4Y52kovgwlZXqjzsZ1Dsb:w59cjhJB7wkeesZtpmqc+VHu","tlshash":"5fe35c9d73a5703253a394b4603f528fb23af965e80849b4b098c8e47cb5da84277f7d","first_seen":"2024-08-28T20:12:34Z","last_seen":"2024-09-20T20:15:49.04462Z","times_seen":906,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}