| r10.o.lencr.org/ | 23.33.119.27 | | 504 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash8d2e6150f7d0845dc26f5bd5cd6f28dd 6aad5091620585a5f76065c1888456ee70b88257 ed538ea400323f4c987f91c0b0afc79a8526b62f7aa317dd62bd107cb37850a2
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "ED538EA400323F4C987F91C0B0AFC79A8526B62F7AA317DD62BD107CB37850A2"
Last-Modified: Tue, 03 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4933
Expires: Thu, 05 Sep 2024 05:47:05 GMT
Date: Thu, 05 Sep 2024 04:24:52 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.33.119.27 | | 504 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash66fbf7f95cb55f388373a20d4b1a736e afc34259758a563362367848629ff7639982e1fb 41c00088afc20571f6a0c6998324d9517346256ac33696dc706192ec606fe7a7
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "41C00088AFC20571F6A0C6998324D9517346256AC33696DC706192EC606FE7A7"
Last-Modified: Mon, 02 Sep 2024 12:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3627
Expires: Thu, 05 Sep 2024 05:25:19 GMT
Date: Thu, 05 Sep 2024 04:24:52 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.33.119.27 | | 504 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash3b182d2525d361002ced8590b8a9ce07 12cd4e482375e47fdc8cde29fe98a6e3498260df 62ed97a3678824305419366056fd0bee73359522822ca42a16fabdcc3ad982be
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "62ED97A3678824305419366056FD0BEE73359522822CA42A16FABDCC3AD982BE"
Last-Modified: Mon, 02 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3551
Expires: Thu, 05 Sep 2024 05:24:04 GMT
Date: Thu, 05 Sep 2024 04:24:53 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.33.119.27 | | 504 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashcabaaa7c3e6a621cc5836be05eee4924 c4bc6288aed0597ff7ae2dbc5aea340b6c9636b8 2b2a41201a3881bd029ab7161be291b23128d5952e5959092607b98c951fa18c
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2B2A41201A3881BD029AB7161BE291B23128D5952E5959092607B98C951FA18C"
Last-Modified: Mon, 02 Sep 2024 14:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13617
Expires: Thu, 05 Sep 2024 08:11:50 GMT
Date: Thu, 05 Sep 2024 04:24:53 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.33.119.57 | | 504 B |
IP23.33.119.57:0 ASN#20940 Akamai International B.V.
Hashd162637a890a120ea9fe0bf684ef3ac6 b3a7125b1ee77b5530fa4bf0cb5b02d48112e4bf 52f4405623a5c3ee5f112869fa781af221a380c7a29a02b20db65d251b385ffe
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "52F4405623A5C3EE5F112869FA781AF221A380C7A29A02B20DB65D251B385FFE"
Last-Modified: Wed, 04 Sep 2024 22:49:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10515
Expires: Thu, 05 Sep 2024 07:20:08 GMT
Date: Thu, 05 Sep 2024 04:24:53 GMT
Connection: keep-alive
|
|
| ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2 | 199.59.243.226 | 200 OK | 1.2 kB |
URL User Request GET HTTP/1.1ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2 IP199.59.243.226:443
CertificateIssuerLet's Encrypt Subjectww25.lyxynyx.com FingerprintF8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA ValidityWed, 31 Jul 2024 15:00:58 GMT - Tue, 29 Oct 2024 15:00:57 GMT
File typeHTML document, ASCII text, with very long lines (450) Hash531936c0e7239656fe85d2409851f2f4 67296ceca277abae53005d21c0523aae4f5c6658 04aecdbac1faa3505fbf028deed8be1e50d50d20d3cedd9151aba13c38ebe5bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php?subid1=20240905-1419-4525-9f28-34baff643cb2 HTTP/1.1
Host: ww25.lyxynyx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Sep 2024 04:24:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1182
X-Request-Id: a56d9f50-57d2-4bc8-b55b-4e19c35369cb
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_F7qTNk77n3XgfGncFhWtc2ee155h9AHSjWA4QwUXIMOhQv9DQhnbT6XHJAuLh5+mXaJAp6odqtfIbwclBePpcQ==
Set-Cookie: parking_session=a56d9f50-57d2-4bc8-b55b-4e19c35369cb; expires=Thu, 05 Sep 2024 04:39:53 GMT; path=/
Connection: close
|
|
| ww25.lyxynyx.com/bxFSqqhXn.js | 199.59.243.226 | 200 OK | 34 kB |
URL GET HTTP/1.1ww25.lyxynyx.com/bxFSqqhXn.js IP199.59.243.226:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2 CertificateIssuerLet's Encrypt Subjectww25.lyxynyx.com FingerprintF8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA ValidityWed, 31 Jul 2024 15:00:58 GMT - Tue, 29 Oct 2024 15:00:57 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (34190) Hashe2ec36d427fa4a992d76c0ee5e8dfd4d 47ec4ace4851c6c3a4fe23ad2c842885f6d973f2 36488e81afcbc4d7018b8764c18032b10be21aa45521c9671fde0cc77f70b2d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bxFSqqhXn.js HTTP/1.1
Host: ww25.lyxynyx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2
Cookie: parking_session=a56d9f50-57d2-4bc8-b55b-4e19c35369cb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Sep 2024 04:24:53 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 34193
X-Request-Id: 5d2a3023-cc46-42ba-8bc4-4168c38b83d3
Set-Cookie: parking_session=a56d9f50-57d2-4bc8-b55b-4e19c35369cb; expires=Thu, 05 Sep 2024 04:39:53 GMT
Connection: close
|
|
| ww25.lyxynyx.com/_fd?subid1=20240905-1419-4525-9f28-34baff643cb2 | 199.59.243.226 | 200 OK | 5.7 kB |
URL POST HTTP/1.1ww25.lyxynyx.com/_fd?subid1=20240905-1419-4525-9f28-34baff643cb2 IP199.59.243.226:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2 CertificateIssuerLet's Encrypt Subjectww25.lyxynyx.com FingerprintF8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA ValidityWed, 31 Jul 2024 15:00:58 GMT - Tue, 29 Oct 2024 15:00:57 GMT
File typeASCII text, with very long lines (5653), with no line terminators Hashdb385b4f23b0329a3a3eb631b1691a78 1361e480bee3f6dd325e78ffe432dc87f706936a 8e64c54c0d1758c62919b37e599ecc148ff406f6c54cd657e9e78dce695b8add
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_fd?subid1=20240905-1419-4525-9f28-34baff643cb2 HTTP/1.1
Host: ww25.lyxynyx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2
Content-Type: application/json
Origin: https://ww25.lyxynyx.com
DNT: 1
Connection: keep-alive
Cookie: parking_session=a56d9f50-57d2-4bc8-b55b-4e19c35369cb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 OK
Date: Thu, 05 Sep 2024 04:24:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 5653
X-Request-Id: f34e5251-d2a8-430b-ab8f-4327e0720abd
Set-Cookie: parking_session=a56d9f50-57d2-4bc8-b55b-4e19c35369cb; expires=Thu, 05 Sep 2024 04:39:54 GMT
Connection: close
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashd6875ab4d1f40fdd82800bb2916ffdaa 08e6c7376a94fff8a2f866e618ccf0e3c77ec95f 93239f8b1fa17d7455695a59fb32d1b65245bd4977a603f51bd99081d9875068
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Sep 2024 04:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash1f670fa28d5c6ef87e4710463b432ca2 09a24777e21604e22cd405bbe6a8431c941b3004 85b36ccf1ea067b39c6f5d62c9f731307b326c417d2fa020451cbe51a2ad6de7
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Sep 2024 04:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash1ac1d5b146c70db6ae03ff6462c6f44d 259beab043004a9c549375a59c6e15e5d06b64b2 937adb716430d12600166e69ec70e202be5f7ab83319452de4e9a94af2aaedb9
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Sep 2024 04:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol417%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240905-1419-4525-9f28-34baff643cb2&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3&nocache=6401725510294311&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1725510294312&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=667606770&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20240905-1419-4525-9f28-34baff643cb2 | 142.250.74.142 | 200 OK | 2.8 kB |
URL GET HTTP/2syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol417%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240905-1419-4525-9f28-34baff643cb2&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3&nocache=6401725510294311&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1725510294312&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=667606770&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20240905-1419-4525-9f28-34baff643cb2 IP142.250.74.142:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintDE:8D:5C:FE:24:EB:DA:BC:82:53:9F:0F:0E:84:76:6B:17:A1:29:52 ValidityMon, 05 Aug 2024 07:28:52 GMT - Mon, 28 Oct 2024 07:28:51 GMT
File typeHTML document, ASCII text, with very long lines (13270) Hashadab90172fa5c154e6a87e6a6ff96ce7 8ef8a07cd94eb0f31897bcd0da9fd9b0aa1bc846 78cea0f94c9926009e2f223cc6fb0b7eb4c3917b758bdf4dd8f13927053d9d8e
GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol417%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240905-1419-4525-9f28-34baff643cb2&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3&nocache=6401725510294311&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1725510294312&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=667606770&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20240905-1419-4525-9f28-34baff643cb2 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.lyxynyx.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 05 Sep 2024 04:24:54 GMT
expires: Thu, 05 Sep 2024 04:24:54 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-QttX5BXTBknCIBBY0_pS7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2781
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/adsense/domains/caf.js?abp=1&bodis=true | 142.250.74.132 | 200 OK | 56 kB |
URL GET HTTP/2www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP142.250.74.132:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2 CertificateIssuerGoogle Trust Services Subjectwww.google.com FingerprintE5:F5:76:67:A7:F7:FE:5F:BF:24:ED:E2:9A:3C:07:64:0E:70:74:AA ValidityMon, 05 Aug 2024 07:19:58 GMT - Mon, 28 Oct 2024 07:19:57 GMT
File typegzip compressed data, max compression Hashcfa25993e37a7d8d804e54f6f25e4831 0e02be5c86b77df63156673c1988b8b794676d61 93f84e4f46487f27dcfc2b38b07ef87f13597b0175ee39f3068a19b9ef2fad08
GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.lyxynyx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 05 Sep 2024 04:24:54 GMT
expires: Thu, 05 Sep 2024 04:24:54 GMT
cache-control: private, max-age=3600
etag: "18226369613877740351"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash07b513c36c651c31e209c138dc2e2df4 ad48d12abf234e45aabb676048f3f95f9439ff92 552ce487b838e981ca1e2cbccaf0da79dc8525776fb1cea4a64d29c47af6696a
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Sep 2024 04:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff | 142.250.74.97 | 200 OK | 278 B |
URL GET HTTP/2afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff IP142.250.74.97:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol417%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240905-1419-4525-9f28-34baff643cb2&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3&nocache=6401725510294311&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1725510294312&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=667606770&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20240905-1419-4525-9f28-34baff643cb2 CertificateIssuerGoogle Trust Services Subject*.googleusercontent.com Fingerprint6C:DD:E8:38:9C:56:23:58:B5:BF:84:3B:D0:2B:24:C7:10:3E:89:C3 ValidityMon, 05 Aug 2024 07:15:31 GMT - Mon, 28 Oct 2024 07:15:30 GMT
File typeSVG Scalable Vector Graphics image Hashfe7dd8c3c629cc6e9cd6d3e4d3cbe905 59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18 5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Sep 2024 07:30:22 GMT
expires: Thu, 05 Sep 2024 06:30:22 GMT
cache-control: public, max-age=82800
age: 75272
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash07b513c36c651c31e209c138dc2e2df4 ad48d12abf234e45aabb676048f3f95f9439ff92 552ce487b838e981ca1e2cbccaf0da79dc8525776fb1cea4a64d29c47af6696a
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Sep 2024 04:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ww25.lyxynyx.com/_tr | 199.59.243.226 | 200 OK | 2 B |
IP199.59.243.226:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2 CertificateIssuerLet's Encrypt Subjectww25.lyxynyx.com FingerprintF8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA ValidityWed, 31 Jul 2024 15:00:58 GMT - Tue, 29 Oct 2024 15:00:57 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_tr HTTP/1.1
Host: ww25.lyxynyx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2
Content-Type: application/json
Content-Length: 1945
Origin: https://ww25.lyxynyx.com
DNT: 1
Connection: keep-alive
Cookie: parking_session=a56d9f50-57d2-4bc8-b55b-4e19c35369cb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Sep 2024 04:24:54 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
X-Request-Id: c2263871-cd0b-42e7-bbd0-9484c717c3ee
Set-Cookie: parking_session=a56d9f50-57d2-4bc8-b55b-4e19c35369cb; expires=Thu, 05 Sep 2024 04:39:54 GMT
Connection: close
|
|
| afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b | 142.250.74.97 | 200 OK | 174 B |
URL GET HTTP/2afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b IP142.250.74.97:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol417%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240905-1419-4525-9f28-34baff643cb2&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3&nocache=6401725510294311&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1725510294312&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=667606770&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20240905-1419-4525-9f28-34baff643cb2 CertificateIssuerGoogle Trust Services Subject*.googleusercontent.com Fingerprint6C:DD:E8:38:9C:56:23:58:B5:BF:84:3B:D0:2B:24:C7:10:3E:89:C3 ValidityMon, 05 Aug 2024 07:15:31 GMT - Mon, 28 Oct 2024 07:15:30 GMT
File typeSVG Scalable Vector Graphics image Hashd47125b2ba92be53dcff07ba322ce1de e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28 5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Sep 2024 12:03:33 GMT
expires: Thu, 05 Sep 2024 11:03:33 GMT
cache-control: public, max-age=82800
age: 58881
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash07b513c36c651c31e209c138dc2e2df4 ad48d12abf234e45aabb676048f3f95f9439ff92 552ce487b838e981ca1e2cbccaf0da79dc8525776fb1cea4a64d29c47af6696a
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Sep 2024 04:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r11.o.lencr.org/ | 23.33.119.57 | | 504 B |
IP23.33.119.57:0 ASN#20940 Akamai International B.V.
Hashc96a4972e341191f93e963880196f8e1 8318aa6dcbdababe8728023ec9ef3aaac10917a9 dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A"
Last-Modified: Mon, 02 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7549
Expires: Thu, 05 Sep 2024 06:30:44 GMT
Date: Thu, 05 Sep 2024 04:24:55 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.33.119.57 | | 504 B |
IP23.33.119.57:0 ASN#20940 Akamai International B.V.
Hashc96a4972e341191f93e963880196f8e1 8318aa6dcbdababe8728023ec9ef3aaac10917a9 dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A"
Last-Modified: Mon, 02 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7549
Expires: Thu, 05 Sep 2024 06:30:44 GMT
Date: Thu, 05 Sep 2024 04:24:55 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.33.119.57 | | 504 B |
IP23.33.119.57:0 ASN#20940 Akamai International B.V.
Hashc96a4972e341191f93e963880196f8e1 8318aa6dcbdababe8728023ec9ef3aaac10917a9 dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A"
Last-Modified: Mon, 02 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7549
Expires: Thu, 05 Sep 2024 06:30:44 GMT
Date: Thu, 05 Sep 2024 04:24:55 GMT
Connection: keep-alive
|
|
| syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=mzb678bh06pd&aqid=ljLZZq2TG9PIxdwP75rTuQI&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=667606770&csala=5%7C0%7C283%7C69%7C11&lle=0&ifv=1&hpt=0 | 142.250.74.142 | 204 No Content | 0 B |
URL GET HTTP/3syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=mzb678bh06pd&aqid=ljLZZq2TG9PIxdwP75rTuQI&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=667606770&csala=5%7C0%7C283%7C69%7C11&lle=0&ifv=1&hpt=0 IP142.250.74.142:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintDE:8D:5C:FE:24:EB:DA:BC:82:53:9F:0F:0E:84:76:6B:17:A1:29:52 ValidityMon, 05 Aug 2024 07:28:52 GMT - Mon, 28 Oct 2024 07:28:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=mzb678bh06pd&aqid=ljLZZq2TG9PIxdwP75rTuQI&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=667606770&csala=5%7C0%7C283%7C69%7C11&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.lyxynyx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_oIjSoqoOGbW2eH4qLzFag' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Thu, 05 Sep 2024 04:24:56 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=yvt51n7ez7sc&aqid=ljLZZq2TG9PIxdwP75rTuQI&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=667606770&csala=5%7C0%7C283%7C69%7C11&lle=0&ifv=1&hpt=0 | 142.250.74.142 | 204 No Content | 0 B |
URL GET HTTP/3syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=yvt51n7ez7sc&aqid=ljLZZq2TG9PIxdwP75rTuQI&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=667606770&csala=5%7C0%7C283%7C69%7C11&lle=0&ifv=1&hpt=0 IP142.250.74.142:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20240905-1419-4525-9f28-34baff643cb2 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintDE:8D:5C:FE:24:EB:DA:BC:82:53:9F:0F:0E:84:76:6B:17:A1:29:52 ValidityMon, 05 Aug 2024 07:28:52 GMT - Mon, 28 Oct 2024 07:28:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=yvt51n7ez7sc&aqid=ljLZZq2TG9PIxdwP75rTuQI&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=667606770&csala=5%7C0%7C283%7C69%7C11&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.lyxynyx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Qc_AIahzyomNRf4V1_nngQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Thu, 05 Sep 2024 04:24:56 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| syndicatedsearch.goog/adsense/domains/caf.js | 142.250.74.142 | 200 OK | 63 kB |
URL GET HTTP/3syndicatedsearch.goog/adsense/domains/caf.js IP142.250.74.142:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol417%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240905-1419-4525-9f28-34baff643cb2&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3&nocache=6401725510294311&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1725510294312&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=667606770&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20240905-1419-4525-9f28-34baff643cb2 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintDE:8D:5C:FE:24:EB:DA:BC:82:53:9F:0F:0E:84:76:6B:17:A1:29:52 ValidityMon, 05 Aug 2024 07:28:52 GMT - Mon, 28 Oct 2024 07:28:51 GMT
File typegzip compressed data, max compression Hasha7da4c214dcbacb2e13e2b72a737ccdf fbf2c4687b7039c5070611dcf2524eb60f381af0 9e1b8165f8811decf00155b9aa4ebb631c6155ea122df0a79745a037a881f263
GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 05 Sep 2024 04:24:54 GMT
expires: Thu, 05 Sep 2024 04:24:54 GMT
cache-control: private, max-age=3600
etag: "12782951780403774167"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|