| ww1.passas.us/?usid=27&utid=5737125449 | 64.190.63.136 | 200 OK | 7.1 kB |
URL User Request GET HTTP/1.1ww1.passas.us/?usid=27&utid=5737125449 IP64.190.63.136:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (10567) Hash5dbe54dbcaeef81e910cff30c0ee3043 4d56217b17c73c31ce4249183624ef8341a6d191 ee1e133537d3a86b409598f26f99b487fedfdb298a86c3b8a5aa9b85c39ababa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to *.passas.us Domain (Sitelutions) |
GET /?usid=27&utid=5737125449 HTTP/1.1
Host: ww1.passas.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 10:37:08 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.17
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_hJFoR35lxj3ODFXtJp0S7re2sNnovhvyjCCOnE1rB2I/uTLbvCsXyHq0e9oOr0bj7Z3LE+PSydWAlwhg80wWyg==
last-modified: Thu, 18 Apr 2024 10:37:08 GMT
x-cache-miss-from: parking-d5776bf9c-sqjzl
server: NginX
content-encoding: gzip
|
|
| www.google.com/adsense/domains/caf.js | 142.250.74.164 | 200 OK | 74 kB |
URL GET HTTP/1.1www.google.com/adsense/domains/caf.js IP142.250.74.164:80
Requested byhttp://ww1.passas.us/?usid=27&utid=5737125449
File typeJavaScript source, ASCII text, with very long lines (2247) Hashb3392f1ceb5b4390e2513062f96c6f64 fcf8bb53156d0042957386fa4c3986e430fa6405 f10e8318b21c5d1ac38f2b83f35cdcd6448f228fc6b89113bc9d093648ee20f1
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.passas.us/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Thu, 18 Apr 2024 10:37:08 GMT
Expires: Thu, 18 Apr 2024 10:37:08 GMT
Cache-Control: private, max-age=3600
ETag: "784717859970832342"
X-Content-Type-Options: nosniff
Link: <https://syndicatedsearch.goog>; rel="preconnect"
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
|
|
| img.sedoparking.com/templates/bg/arrows-curved.png | 205.234.175.175 | 200 OK | 14 kB |
URL GET HTTP/1.1img.sedoparking.com/templates/bg/arrows-curved.png IP205.234.175.175:80
Requested byhttp://ww1.passas.us/?usid=27&utid=5737125449
File typePNG image data, 413 x 594, 8-bit/color RGBA, non-interlaced Hash107694ee1e94990d97b7e58651ffd6a0 7dd9ae7badf78be01ea0623df1e90171348716ff 7aa2a3e9a9575a27f5593c3b0357423128c468a46ed20d284ce5a21555ee67bc
GET /templates/bg/arrows-curved.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.passas.us/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 10:37:08 GMT
Content-Type: image/png
Content-Length: 13502
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Thu, 25 Apr 2024 10:37:08 GMT
X-CFHash: "107694ee1e94990d97b7e58651ffd6a0"
X-CFF: B
Last-Modified: Tue, 12 Oct 2021 05:19:02 GMT
X-CF3: H
CF4Age: 238283
x-cf-tsc: 1711139574
CF4ttl: 31297716.000
X-CF2: H
Server: CFS 1124
X-CF-ReqID: afa176efd784fd06a809c18257c1fab7
X-CF1: 11696:fB.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
|
|
| parking.parklogic.com/page/enhance.js?pcId=2&domain=passas.us | 67.225.218.50 | 200 OK | 1.1 kB |
URL GET HTTP/1.1parking.parklogic.com/page/enhance.js?pcId=2&domain=passas.us IP67.225.218.50:80
Requested byhttp://ww1.passas.us/?usid=27&utid=5737125449
File typeJavaScript source, ASCII text Hash989a98c208e85f21b3e5ebf5e59a3b26 bb1372ce73c6c7ee547030e4340464d8d893e61e 491f5611044a8e4c1b8921bfdd70de5cc084c83d59ad2db25883796822f3e258
GET /page/enhance.js?pcId=2&domain=passas.us HTTP/1.1
Host: parking.parklogic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.passas.us/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 10:37:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/javascript
|
|
| ww1.passas.us/search/tsc.php?200=NDg5NDExODg3&21=OTEuOTAuNDIuMTU0&681=MTcxMzQzNjYyOGU4NDU0MmQ1NWVlYWZmZmZmNWM3YzBjOGM4OGI0MDk0&crc=8b3df3f178db4c379e880bbc1a542ca3e17c4110&cv=1 | 64.190.63.136 | 200 OK | 0 B |
URL GET HTTP/1.1ww1.passas.us/search/tsc.php?200=NDg5NDExODg3&21=OTEuOTAuNDIuMTU0&681=MTcxMzQzNjYyOGU4NDU0MmQ1NWVlYWZmZmZmNWM3YzBjOGM4OGI0MDk0&crc=8b3df3f178db4c379e880bbc1a542ca3e17c4110&cv=1 IP64.190.63.136:80
Requested byhttp://ww1.passas.us/?usid=27&utid=5737125449
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to *.passas.us Domain (Sitelutions) |
GET /search/tsc.php?200=NDg5NDExODg3&21=OTEuOTAuNDIuMTU0&681=MTcxMzQzNjYyOGU4NDU0MmQ1NWVlYWZmZmZmNWM3YzBjOGM4OGI0MDk0&crc=8b3df3f178db4c379e880bbc1a542ca3e17c4110&cv=1 HTTP/1.1
Host: ww1.passas.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.passas.us/?usid=27&utid=5737125449
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 10:37:09 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.17
x-cache-miss-from: parking-d5776bf9c-jtrhh
server: NginX
|
|
| syndicatedsearch.goog/afs/ads/i/iframe.html | 142.250.74.78 | 200 OK | 728 B |
URL GET HTTP/2syndicatedsearch.goog/afs/ads/i/iframe.html IP142.250.74.78:443
Requested byhttp://ww1.passas.us/?usid=27&utid=5737125449 CertificateIssuerGoogle Trust Services LLC Subjectsyndicatedsearch.goog Fingerprint11:F3:4F:46:25:BD:42:30:18:9B:BA:23:35:18:C2:17:F8:9E:52:98 ValidityMon, 04 Mar 2024 07:27:32 GMT - Mon, 27 May 2024 07:27:31 GMT
File typeHTML document, ASCII text, with very long lines (1559) Hash781b79ea6341a5818f1e75bebb086bdc a9314c1f9e7851d962c3372f839c835fdda99b0c dcc91082c3af23895c58a3aecb88813a06387e8a944f83c2580a66b3c49c2dd9
GET /afs/ads/i/iframe.html HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.passas.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-ydlM5Z7LNhgUeNPPsgU5UQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 728
date: Thu, 18 Apr 2024 10:37:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 06:00:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C516795&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.passas.us%2Fcaf%2F%3Fses%3DY3JlPTE3MTM0MzY2MjgmdGNpZD13dzEucGFzc2FzLnVzNjYyMGY3ZDQ4OTc1MjkuNjUzNTE1MTEmdGFzaz1zZWFyY2gmZG9tYWluPXBhc3Nhcy51cyZhX2lkPTMmc2Vzc2lvbj1QZUZuMEptZm1HYlAtZE9pWVdqZw%3D%3D&type=3&uiopt=false&swp=as-drid-2486365152940696&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301447%2C17301454%2C17301466%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=3501713436629074&num=0&output=afd_ads&domain_name=ww1.passas.us&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713436629085&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=http%3A%2F%2Fww1.passas.us%2F%3Fusid%3D27%26utid%3D5737125449 | 142.250.74.78 | 200 OK | 561 B |
URL GET HTTP/2syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C516795&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.passas.us%2Fcaf%2F%3Fses%3DY3JlPTE3MTM0MzY2MjgmdGNpZD13dzEucGFzc2FzLnVzNjYyMGY3ZDQ4OTc1MjkuNjUzNTE1MTEmdGFzaz1zZWFyY2gmZG9tYWluPXBhc3Nhcy51cyZhX2lkPTMmc2Vzc2lvbj1QZUZuMEptZm1HYlAtZE9pWVdqZw%3D%3D&type=3&uiopt=false&swp=as-drid-2486365152940696&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301447%2C17301454%2C17301466%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=3501713436629074&num=0&output=afd_ads&domain_name=ww1.passas.us&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713436629085&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=http%3A%2F%2Fww1.passas.us%2F%3Fusid%3D27%26utid%3D5737125449 IP142.250.74.78:443
Requested byhttp://ww1.passas.us/?usid=27&utid=5737125449 CertificateIssuerGoogle Trust Services LLC Subjectsyndicatedsearch.goog Fingerprint11:F3:4F:46:25:BD:42:30:18:9B:BA:23:35:18:C2:17:F8:9E:52:98 ValidityMon, 04 Mar 2024 07:27:32 GMT - Mon, 27 May 2024 07:27:31 GMT
File typeHTML document, ASCII text, with very long lines (580) Hash30cad833b3257fde082125c4b4d88d7b b3bf5e536aef92e38318435a73b6626dba6ab561 79019f1580b0f05a3b9f621b381f0094137123a367212d6b168fef696c73675e
GET /afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C516795&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.passas.us%2Fcaf%2F%3Fses%3DY3JlPTE3MTM0MzY2MjgmdGNpZD13dzEucGFzc2FzLnVzNjYyMGY3ZDQ4OTc1MjkuNjUzNTE1MTEmdGFzaz1zZWFyY2gmZG9tYWluPXBhc3Nhcy51cyZhX2lkPTMmc2Vzc2lvbj1QZUZuMEptZm1HYlAtZE9pWVdqZw%3D%3D&type=3&uiopt=false&swp=as-drid-2486365152940696&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301447%2C17301454%2C17301466%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=3501713436629074&num=0&output=afd_ads&domain_name=ww1.passas.us&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713436629085&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=http%3A%2F%2Fww1.passas.us%2F%3Fusid%3D27%26utid%3D5737125449 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.passas.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 18 Apr 2024 10:37:09 GMT
expires: Thu, 18 Apr 2024 10:37:09 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-fwCAt3_5Qambwrsknzrlsw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 561
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| parking.parklogic.com/page/scribe.php?pcId=2&domain=passas.us&pId=130&usid=27&utid=5737125449&query=null&domainJs=ww1.passas.us&path=/&ss=true&lp=1 | 67.225.218.50 | 200 OK | 50 B |
URL GET HTTP/1.1parking.parklogic.com/page/scribe.php?pcId=2&domain=passas.us&pId=130&usid=27&utid=5737125449&query=null&domainJs=ww1.passas.us&path=/&ss=true&lp=1 IP67.225.218.50:80
Requested byhttp://ww1.passas.us/?usid=27&utid=5737125449
Hash6c49fabfb0085d5601e8f4f9c31f148f b8084ecc8573ef572e52175eb219146e22b27a91 65677216950b148bb05b4e820f53dde24a0ee43782262849abe5069c9ceb7fae
GET /page/scribe.php?pcId=2&domain=passas.us&pId=130&usid=27&utid=5737125449&query=null&domainJs=ww1.passas.us&path=/&ss=true&lp=1 HTTP/1.1
Host: parking.parklogic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.passas.us/
Origin: http://ww1.passas.us
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 10:37:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| img.sedoparking.com/templates/logos/sedo_logo.png | 205.234.175.175 | 200 OK | 15 kB |
URL GET HTTP/1.1img.sedoparking.com/templates/logos/sedo_logo.png IP205.234.175.175:80
Requested byhttp://ww1.passas.us/?usid=27&utid=5737125449
File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hashdef00c11b1596db4efee6a9fbe64fc27 bd298981e6d8d7e4ffa18abcf687041f4246672d 95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4
GET /templates/logos/sedo_logo.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.passas.us/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 10:37:09 GMT
Content-Type: image/png
Content-Length: 15086
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Thu, 25 Apr 2024 10:37:09 GMT
X-CFHash: "def00c11b1596db4efee6a9fbe64fc27"
X-CFF: B
Last-Modified: Mon, 11 Jan 2021 07:44:34 GMT
X-CF3: H
CF4Age: 741679
x-cf-tsc: 1711642967
CF4ttl: 30794320.000
X-CF2: H
Server: CFS 1124
X-CF-ReqID: 518f7b6f066d95f3d0bb2cb87f18c25f
X-CF1: 11696:fB.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
|
|
| syndicatedsearch.goog/adsense/domains/caf.js | 142.250.74.78 | 200 OK | 191 kB |
URL GET HTTP/3syndicatedsearch.goog/adsense/domains/caf.js IP142.250.74.78:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C516795&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fww1.passas.us%2Fcaf%2F%3Fses%3DY3JlPTE3MTM0MzY2MjgmdGNpZD13dzEucGFzc2FzLnVzNjYyMGY3ZDQ4OTc1MjkuNjUzNTE1MTEmdGFzaz1zZWFyY2gmZG9tYWluPXBhc3Nhcy51cyZhX2lkPTMmc2Vzc2lvbj1QZUZuMEptZm1HYlAtZE9pWVdqZw%3D%3D&type=3&uiopt=false&swp=as-drid-2486365152940696&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301447%2C17301454%2C17301466%2C17301266&client_gdprApplies=1&format=r3%7Cs&nocache=3501713436629074&num=0&output=afd_ads&domain_name=ww1.passas.us&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713436629085&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=962&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=http%3A%2F%2Fww1.passas.us%2F%3Fusid%3D27%26utid%3D5737125449 CertificateIssuerGoogle Trust Services LLC Subjectsyndicatedsearch.goog Fingerprint11:F3:4F:46:25:BD:42:30:18:9B:BA:23:35:18:C2:17:F8:9E:52:98 ValidityMon, 04 Mar 2024 07:27:32 GMT - Mon, 27 May 2024 07:27:31 GMT
File typeJavaScript source, ASCII text, with very long lines (2247) Size191 kB (191022 bytes) Hash7c748195391da71093b3f5579405a3af 5b853f6ab6edd6988a206a15b4320d598dc5bd78 50cce44d0107fdb1fbb2dfd9cb4515031be44d0c296226f7a60f32e2f2fe5493
GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 18 Apr 2024 10:37:09 GMT
expires: Thu, 18 Apr 2024 10:37:09 GMT
cache-control: private, max-age=3600
etag: "9912750840716823867"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|