{"report_id":"8debfd1f-edd7-4e30-9b75-8bdcbabc74e8","version":6,"status":"done","tags":[],"date":"2026-01-27T16:07:09Z","url":{"schema":"http","addr":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","domain":"exodus-request.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","domain":"exodus-request.com","tld":"com"},"title":"exodus-request.com","dom":{"size":13924,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (13472)","md5":"0252acf7543c77b7c0a339835eea733d","sha1":"8b44889867b979ebc3651f9b9a5660cbbdf6eca1","sha256":"323dd9af97a2efa06ead6c4650c4fe3e62ecc8b0f3e474d5dd124dae4edf94d1","sha512":"cf82750965bb02fab0fa77afecd4a75af20467b42955fb503f074b3cc3a3cf4089dd7217b2ce99e572171d530a7730ac50ec7b900070759a0c63adb986567bd3","ssdeep":"96:GE/yk2iIlb5lphMzwronbo4tm0yXqM6vH5NKBrWjoOihMwDXw96DDMwDFw96D2rn:GE12iMpgbogm0yXqMcH5YBrJOiuuLZkN","tlshash":"af525437706227295507dc54172a6f6dd181d43ac4af36e848e35b25c7ebf828be228d","dom_hash":"domhash2ed4585b04f24e40a8cc74bea79526d0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","domain":"exodus-request.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-03T16:07:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.google.com","ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-01-25T22:25:49.134356Z","alert_count":0,"request_count":1,"received_data":136856,"sent_data":482,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ep1.adtrafficquality.google","ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3093,"first_seen":"2024-07-24T04:17:49Z","last_seen":"2026-01-25T22:51:34.492386Z","alert_count":0,"request_count":1,"received_data":11227,"sent_data":611,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ep2.adtrafficquality.google","ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3229,"first_seen":"2024-08-13T12:56:28Z","last_seen":"2026-01-26T00:42:12.655339Z","alert_count":0,"request_count":2,"received_data":34546,"sent_data":1068,"comment":"","tags":null,"fingerprints":null},{"fqdn":"park-3rd.dynadot.com","ip":{"addr":"166.88.19.68","port":443,"asn":18779,"as":"EGIHOSTING","country":"United States","country_code":"US"},"domain_registered":"2002-10-30","domain_rank":0,"first_seen":"2024-03-26T19:30:33Z","last_seen":"2026-01-21T12:29:06.667747Z","alert_count":0,"request_count":6,"received_data":80999,"sent_data":3006,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"afs.googleusercontent.com","ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":65181,"first_seen":"2013-05-06T19:11:00Z","last_seen":"2026-01-25T22:51:37.689135Z","alert_count":0,"request_count":2,"received_data":2045,"sent_data":1006,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","ip":{"addr":"199.59.243.228","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":20,"request_count":4,"received_data":52983,"sent_data":2454,"comment":"","tags":null,"fingerprints":null},{"fqdn":"syndicatedsearch.goog","ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":5365,"first_seen":"2023-09-25T09:30:59Z","last_seen":"2026-01-25T23:02:46.359879Z","alert_count":0,"request_count":4,"received_data":152916,"sent_data":3359,"comment":"","tags":null,"fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?sjk=ky%2BPixnIRvq%2Bnr63GCXRTw%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol116%2Cpid-bodis-gcontrol464%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497123494338338\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107\u0026format=r3\u0026nocache=3151769530008680\u0026num=0\u0026output=afd_ads\u0026domain_name=cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1769530008681\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=858536381\u0026rurl=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9169ff913a080bb635f7846fd2692a26","sha1":"186844fa4de846508e159f33c0e161aca70d885e","sha256":"18bc248b20114e46b4ddaf18687008633aa973be3be515f61e1d31d794195280","sha512":"69e929f514b6c0149b553c25a7d9d8086d8af0aed4fa59ba884c881312b22e220fc8a666dd1f2ed67910fdc41b26af50ec7c09e0bade771ff7beffffe6533471","ssdeep":"","tlshash":"f7f0c0d51d640132d86b20250c0f3fd12c5a69b133876640919fb48e307ebde61184ba","size":529,"data":"","first_seen":"2026-01-27T16:07:13.713094Z","last_seen":"2026-01-27T16:07:13.713094Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"park-3rd.dynadot.com/hp_script.js","fqdn":"park-3rd.dynadot.com","domain":"dynadot.com","tld":"com"},"ip":{"addr":"166.88.19.68","port":443,"asn":18779,"as":"EGIHOSTING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3a38f9f90665f041fc2f74a7783d11f","sha1":"36a00e17f15f30e9bb864d42acf2614f0a6085af","sha256":"76b055d98452d34162573203254cbdaa9938774e55fae84d7e8a41b912522687","sha512":"fb6f924de583713b6c28699d7fbbf74afb85a748589de184ae0ee81daee90f9ee65289afa23e21cd8d0d27969b5a0ce4cfc6ca5afcf6d1add372b4f8e9c8b81e","ssdeep":"48:EVs9CntfQvSwXwRA7wTfwErWX0wR4tT0iWjv0CrrtreAf1JbgrzrH02cwTxWwEWh:tWadgRA7C3rMpZtgPrUGvERRjPMv3","tlshash":"fa9152be3246b7b35ea714d9f8abcc566870a7f2f10a8c70d090e492757cce91672d48","size":4289,"data":"","first_seen":"2023-03-07T01:03:14Z","last_seen":"2026-06-08T22:31:32.645657Z","times_seen":3545,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"82e5899d16442abb06e8b7117671685c","sha1":"78484c1aa7c7d9280a34dec759f0040e099fca64","sha256":"9e57082261fb1e75fa243ecee0b6ca16d1c204d5d04aab9e94e70314cef36ab4","sha512":"5e94b39e0b18585ed67c718ea0b8f5683691c6b149217e9f98c254b59fb5fb7155d9ab513f6aba1e896731faa508de7e19acf68f06f8b0b40a97f5535ab9c69e","ssdeep":"1536:zdCPHJJqchHyS0khmVfb9KUBl6c1OqYOuoXA2MyQOpXhgyX9USJaGs+0IoNYKS3j:Dbf8U6fqptXAEQSf7oN+3ld3P","tlshash":"68d34ccdb7a1302243a3a5b5607f414fb13ab869a40c84a4f199d8e87c74dad4237fbd","size":136147,"data":"","first_seen":"2026-01-26T17:52:48.62128Z","last_seen":"2026-01-27T18:22:31.962792Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/bHBhUQvVe.js","fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","domain":"exodus-request.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d6292838cdc9e2f07cf9ebcb6c5572ed","sha1":"cddac2c57fb63838cc59f3c5888df4487c983dc5","sha256":"9f0c2b4ac0f8a6ff3a79ffbfc06582977987d0865777e644431a83613a563525","sha512":"9e505566c45136445f2fd4794974368481c941b366a08d29e86fe239bd2afb56f64812ee7d1d2b791fe35dc9408d16c151857ee93fc63a269594710023b00f14","ssdeep":"768:TP2y1aNVc67n85NdxBB5gPAJOJ3GIqNMalnEE0xNE2X0Ddem+euROgvMzLXWI+6o:mLalnEE0xNEGR+4l","tlshash":"d3134c667ab3d07046e2c9dae9b75215f238315a3006c06cf96cc8cb374e947d63a779","size":44626,"data":"","first_seen":"2026-01-14T16:56:54.59831Z","last_seen":"2026-02-01T02:48:24.724438Z","times_seen":3706,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"774f004c5f36130d4ee08601eccfe66f","sha1":"f305a52c114b7351ed8baf73f9db646e8b2a9581","sha256":"ce05d5f52d1308d9c3c3112fd6ecb136a3c3882ec7132bb3108ea3aae342fdae","sha512":"618cff31bc4ee7baa591589096cb7b36d072666f66aac2c5301ec2697ab1375fcad44ad7377faec11f2ced7038e2881d2b761b39b7492cd8e49b7b3921546bde","ssdeep":"1536:jdCPHJJqchHyS0khmVfb9KUBl6c1OqYOuoXA2MyQOpXhgyX9USJaGs+0IoNYKS3j:Tbf8U6fqptXAEQSf7oN+3ld3P","tlshash":"a9d34ccdb7a1302243a3a5b5607f414fb13ab869a40c84a4f199d8e87c74dad4237fbd","size":136140,"data":"","first_seen":"2026-01-26T16:05:32.888656Z","last_seen":"2026-01-27T18:22:56.897059Z","times_seen":83,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"25e6119e62d1ba8afd52ec0f623a82bd","sha1":"5a880ff68e376984e4bcd6a646026c67438ecbac","sha256":"dec2ecd2607f2e892cd7041307752b509b1ea8db61ec38cc3a5bb9664ac48f62","sha512":"31ca39bd744be12fc88109f84a02d66290fb50829c5f41c31f938fabeb121eb2463366edfdf6ba4ef5898cc922b1bcda29658506e4162f4f3044428db4b5ca40","ssdeep":"","tlshash":"5911cbc577a2e441813615abd50f144bf575e47758acb410e6a1c4e4acb0abb443ab06","size":956,"data":"","first_seen":"2025-03-12T19:00:14.122018Z","last_seen":"2026-02-26T17:00:03.80743Z","times_seen":79470,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","domain":"exodus-request.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-08T22:15:03.619319Z","times_seen":213771,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","domain":"exodus-request.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"965303eee6035e7de07fd2b3d9756d9e","sha1":"4c73e2a18da6c8ffc98f66f97514af13c6f7677c","sha256":"b0478b6cbbd4eee879c8e5123f1c3a1f35fa6314f4c6634790c59df64a8ef6e7","sha512":"b30adc2e7d015cae8fbd00b6dd179e084b8b1558fac11056ef67c979f867f1f793c59fbc3e98b23210f9b139112ab305658920ac30a69a1c07492a9e82db2cf2","ssdeep":"","tlshash":"1de0f13914523e0da63739420fdf1f5d73d3904204742e97ebd05df3399c6592888581","size":405,"data":"","first_seen":"2026-01-27T16:07:13.715288Z","last_seen":"2026-01-27T16:07:13.715288Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","size":19990,"data":"","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:48.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:54:19 GMT","end":"Mon, 23 Mar 2026 19:54:18 GMT"},"fingerprint":{"sha1":"DE:97:03:23:1F:2A:0D:35:BC:AD:5B:0D:3A:8D:F7:46:24:F2:13:83","sha256":"92:22:77:78:24:45:44:5C:99:0D:7E:12:0F:61:27:E9:A4:73:0B:17:67:3A:8E:DF:5D:39:AE:9D:D6:EA:29:8E"}}},"request":{"raw":"GET /sodar/sodar2.js HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 7188\r\ndate: Tue, 27 Jan 2026 16:06:48 GMT\r\nexpires: Tue, 27 Jan 2026 16:06:48 GMT\r\ncache-control: private, max-age=3000\r\netag: \"1747411493688989\"\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19990,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1398)","md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":34,"dns":0,"connect":8,"send":0,"wait":20,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"park-3rd.dynadot.com/dynadot_logo.png","fqdn":"park-3rd.dynadot.com","domain":"dynadot.com","tld":"com"},"ip":{"addr":"166.88.19.68","port":443,"asn":18779,"as":"EGIHOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://park-3rd.dynadot.com/bodis_banner.html","date":"2026-01-27T16:06:48.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"park-3rd.dynadot.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 15 Jan 2026 23:54:37 GMT","end":"Wed, 15 Apr 2026 23:54:36 GMT"},"fingerprint":{"sha1":"E2:F0:D0:08:38:ED:59:AC:7E:0A:82:00:FF:D1:55:4A:61:D3:3E:67","sha256":"5C:7B:8D:4F:99:20:EA:DD:92:6B:3E:45:30:DB:BC:B1:1C:A3:8D:37:98:56:D2:64:A4:D7:F0:ED:2F:2E:23:3A"}}},"request":{"raw":"GET /dynadot_logo.png HTTP/1.1\r\nHost: park-3rd.dynadot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://park-3rd.dynadot.com/bodis_banner.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 27 Jan 2026 16:06:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 6328\r\nConnection: keep-alive\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: max-age=1209600\r\nExpires: Tue, 10 Feb 2026 16:06:49 GMT\r\nETag: 1761240483431\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6328,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 60, 8-bit/color RGBA, non-interlaced","md5":"5cb392f6833c1e67df4a5bc58d47f218","sha1":"e70bc7bf9d074970888e0ce423fa208c8041bde2","sha256":"c04fcc252da85c741bc4c8100539d6c29eb848d9f78fedb833c5f7e191bcb1fe","sha512":"27359e95f26e35c89ae69092b347ca277fd44730aeda59e59ed70d11e3dd90ae70d0b9a77cf5411b883ff8b6028c731415887b22b19d8dbe9143a9a8f78f73f1","ssdeep":"192:0gYKHylgDUMk0R9jMo2+iWJ1u6DIubZOirfBXOgSr:xYKHyi19Hi41uKbZe1r","tlshash":"f3d19e5a34a3a2bdc0e64766ae1315d0f27719c0c99672d05175bbfec5f82d0b0fa25c","first_seen":"2024-01-25T20:31:56Z","last_seen":"2026-01-31T11:23:37.037151Z","times_seen":2015,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":194,"dns":0,"connect":0,"send":0,"wait":158,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"park-3rd.dynadot.com/switzer/fonts/Switzer-Variable.woff2","fqdn":"park-3rd.dynadot.com","domain":"dynadot.com","tld":"com"},"ip":{"addr":"166.88.19.68","port":443,"asn":18779,"as":"EGIHOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://park-3rd.dynadot.com/bodis_banner.html","date":"2026-01-27T16:06:49.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"park-3rd.dynadot.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 15 Jan 2026 23:54:37 GMT","end":"Wed, 15 Apr 2026 23:54:36 GMT"},"fingerprint":{"sha1":"E2:F0:D0:08:38:ED:59:AC:7E:0A:82:00:FF:D1:55:4A:61:D3:3E:67","sha256":"5C:7B:8D:4F:99:20:EA:DD:92:6B:3E:45:30:DB:BC:B1:1C:A3:8D:37:98:56:D2:64:A4:D7:F0:ED:2F:2E:23:3A"}}},"request":{"raw":"GET /switzer/fonts/Switzer-Variable.woff2 HTTP/1.1\r\nHost: park-3rd.dynadot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://park-3rd.dynadot.com/switzer/css/switzer.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 27 Jan 2026 16:06:49 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 43220\r\nConnection: keep-alive\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: max-age=1209600\r\nExpires: Tue, 10 Feb 2026 16:06:49 GMT\r\nETag: 1761240483427\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43220,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 43220, version 1.0","md5":"4523d2c62663a8cf267dafbc456e5e98","sha1":"2a46d02291560d570407d0853baf711dd2f79a22","sha256":"d1bf801ffb1a6096def70a7c532255722ad87d948b13a8a586e342f7091f8ee4","sha512":"948af7a8c443b5651af5e20d0fef25338cabfe1c8fbbc593c3b8eb3f0138de26619de93d398b1e47ddc02f1e4027bf043d413639a603b808687cabdc1fc76ca1","ssdeep":"768:WbqDNK0akIHfDE+D7rE0zm4R0YN/FZM0TX0aQv/3giGENXis:/DNJaP/DE87I0afQFRTVJiys","tlshash":"b113020bbfc83d6d989288b937eab5b65cee33517a50200e382d3d5c53075ecde19619","first_seen":"2023-06-01T13:52:06Z","last_seen":"2026-06-08T22:31:32.637437Z","times_seen":4974,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":143,"dns":0,"connect":0,"send":0,"wait":357,"receive":157,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=ky%2BPixnIRvq%2Bnr63GCXRTw%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol116%2Cpid-bodis-gcontrol464%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497123494338338\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107\u0026format=r3\u0026nocache=3151769530008680\u0026num=0\u0026output=afd_ads\u0026domain_name=cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1769530008681\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=858536381\u0026rurl=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F","date":"2026-01-27T16:06:49.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:19 GMT","end":"Mon, 23 Mar 2026 19:52:18 GMT"},"fingerprint":{"sha1":"D7:C1:50:3A:11:E3:C8:E7:F2:5B:60:F3:9C:59:72:5D:F4:96:F9:59","sha256":"BE:6E:88:B4:65:AE:9C:C6:5D:EB:49:CD:32:9F:F9:53:53:20:88:32:AB:4E:FF:B6:AF:38:5B:A3:8A:FC:B7:76"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 27 Jan 2026 15:40:38 GMT\r\nexpires: Wed, 28 Jan 2026 14:40:38 GMT\r\ncache-control: public, max-age=82800\r\nage: 1571\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d47125b2ba92be53dcff07ba322ce1de","sha1":"e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28","sha256":"5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6","sha512":"78a1bf7547b1c28f600163689161955bc56a621ace3228c9169143be933ccf789fc6106bbf729f2e9483bcaa03271529d3913088094c7fb906b44673e13f1f92","ssdeep":"","tlshash":"72d02291d2286d38441e82e0c37c712200ee70a2230c10ccfa81a700720c8abb8a1668","first_seen":"2023-04-07T07:55:51Z","last_seen":"2026-02-01T02:48:24.72202Z","times_seen":175105,"resource_available":false,"data":null}},"time_used":444,"timings":{"blocked":216,"dns":2,"connect":20,"send":0,"wait":9,"receive":0,"ssl":193},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","domain":"exodus-request.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-27T16:06:47.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 12:44:35 GMT","end":"Mon, 27 Apr 2026 12:44:34 GMT"},"fingerprint":{"sha1":"C3:6F:E9:AD:6C:66:94:6D:AC:89:B4:0D:2F:67:CC:29:EA:86:CD:A2","sha256":"B7:90:A2:E2:4C:55:84:98:6F:40:37:93:B7:1F:C2:7A:94:05:F9:CC:A3:F3:CC:2A:DC:E2:98:59:ED:0B:90:C8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 27 Jan 2026 16:06:47 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 1154\r\nX-Request-Id: 4f026521-6556-4e7d-a023-322b008bce14\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: sec-ch-prefers-color-scheme\r\nCritical-Ch: sec-ch-prefers-color-scheme\r\nVary: sec-ch-prefers-color-scheme\r\nX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_KU20hJhkrsNoszXnD4L6PGlsaHbYETBL3r7bBUeP7bU8QwooafR3xRuEKg2dolgw9UdXw0lEW1vH7kELovHIiA==\r\nSet-Cookie: parking_session=4f026521-6556-4e7d-a023-322b008bce14; expires=Tue, 27 Jan 2026 16:21:47 GMT; path=/\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1154,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (422)","md5":"f5b57c37a2b3712d102ccd53a75b021b","sha1":"9203dbc09f52c75cf439894f9ecdc4e50a268c5b","sha256":"a4ff1d6326507d5decdab941b90be241823c4e6f90f7ecf807755af2aa62fa93","sha512":"200cef595e2a0bbea5b957db353f90e30c081039b7e77b70b2cb47807d31214974077068a043e9b9a09c392f8e8c366c2d5a00d9e3b4f847deb02d8bab8f5e21","ssdeep":"","tlshash":"5721c63508525c0a35f10a800ef2ea0c8d43924a46202c92ffd8e8b76cccb95bc9d6c8","first_seen":"2026-01-27T16:07:13.69743Z","last_seen":"2026-01-27T16:07:13.69743Z","times_seen":1,"resource_available":false,"data":null}},"time_used":675,"timings":{"blocked":319,"dns":239,"connect":1,"send":0,"wait":37,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/bHBhUQvVe.js","fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","domain":"exodus-request.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:48.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 12:44:35 GMT","end":"Mon, 27 Apr 2026 12:44:34 GMT"},"fingerprint":{"sha1":"C3:6F:E9:AD:6C:66:94:6D:AC:89:B4:0D:2F:67:CC:29:EA:86:CD:A2","sha256":"B7:90:A2:E2:4C:55:84:98:6F:40:37:93:B7:1F:C2:7A:94:05:F9:CC:A3:F3:CC:2A:DC:E2:98:59:ED:0B:90:C8"}}},"request":{"raw":"GET /bHBhUQvVe.js HTTP/1.1\r\nHost: cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nCookie: parking_session=4f026521-6556-4e7d-a023-322b008bce14\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 27 Jan 2026 16:06:48 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 44626\r\nX-Request-Id: 2a416056-dff0-458e-b807-c6c461d30758\r\nSet-Cookie: parking_session=4f026521-6556-4e7d-a023-322b008bce14; expires=Tue, 27 Jan 2026 16:21:48 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44626,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (44622)","md5":"d6292838cdc9e2f07cf9ebcb6c5572ed","sha1":"cddac2c57fb63838cc59f3c5888df4487c983dc5","sha256":"9f0c2b4ac0f8a6ff3a79ffbfc06582977987d0865777e644431a83613a563525","sha512":"9e505566c45136445f2fd4794974368481c941b366a08d29e86fe239bd2afb56f64812ee7d1d2b791fe35dc9408d16c151857ee93fc63a269594710023b00f14","ssdeep":"768:TP2y1aNVc67n85NdxBB5gPAJOJ3GIqNMalnEE0xNE2X0Ddem+euROgvMzLXWI+6o:mLalnEE0xNEGR+4l","tlshash":"d3134c667ab3d07046e2c9dae9b75215f238315a3006c06cf96cc8cb374e947d63a779","first_seen":"2026-01-14T16:56:54.59831Z","last_seen":"2026-02-01T02:48:24.724438Z","times_seen":3706,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"park-3rd.dynadot.com/bodis_banner.html","fqdn":"park-3rd.dynadot.com","domain":"dynadot.com","tld":"com"},"ip":{"addr":"166.88.19.68","port":443,"asn":18779,"as":"EGIHOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:48.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"park-3rd.dynadot.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 15 Jan 2026 23:54:37 GMT","end":"Wed, 15 Apr 2026 23:54:36 GMT"},"fingerprint":{"sha1":"E2:F0:D0:08:38:ED:59:AC:7E:0A:82:00:FF:D1:55:4A:61:D3:3E:67","sha256":"5C:7B:8D:4F:99:20:EA:DD:92:6B:3E:45:30:DB:BC:B1:1C:A3:8D:37:98:56:D2:64:A4:D7:F0:ED:2F:2E:23:3A"}}},"request":{"raw":"GET /bodis_banner.html HTTP/1.1\r\nHost: park-3rd.dynadot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 27 Jan 2026 16:06:48 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 583\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nCache-Control: max-age=86400\r\nExpires: Wed, 28 Jan 2026 16:06:48 GMT\r\nContent-Security-Policy: frame-ancestors *\r\nAccess-Control-Allow-Origin: *\r\nX-Frame-Options: SAMEORIGIN, ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1006,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (409)","md5":"ccc9ff22846f80dcbc78e19fb6d3dc14","sha1":"77aced6ad228ce1a7e145168f334ddf39f8d81ee","sha256":"88cc90e8d8a1fed708afeae6dbd796cd9b752df10e8e5908f394d5ae0d49e2e6","sha512":"126dfe6c25983e8aae68e30f1d5daec125282a5ab13ab69b2733e77686f454694bfba73a79ce1a4a1778e68202af6b85132f9eac14d8ab3f94c69027c3fe71b1","ssdeep":"","tlshash":"d211ed0ec920a27aa00fdad8b6f1628d2103f65ac74acdd46fa15131c5dd24c44336ed","first_seen":"2024-03-26T20:31:06Z","last_seen":"2026-01-31T11:23:37.040094Z","times_seen":1964,"resource_available":false,"data":null}},"time_used":838,"timings":{"blocked":319,"dns":1,"connect":153,"send":0,"wait":197,"receive":0,"ssl":165},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?sjk=ky%2BPixnIRvq%2Bnr63GCXRTw%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol116%2Cpid-bodis-gcontrol464%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497123494338338\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107\u0026format=r3\u0026nocache=3151769530008680\u0026num=0\u0026output=afd_ads\u0026domain_name=cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1769530008681\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=858536381\u0026rurl=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:48.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:54:22 GMT","end":"Mon, 23 Mar 2026 19:54:21 GMT"},"fingerprint":{"sha1":"9D:BB:26:CF:7B:0E:A1:95:A7:F4:DC:7B:2B:D7:90:ED:05:55:09:37","sha256":"2D:F0:B6:0B:EF:E5:95:E9:3E:0F:4C:FD:BA:F7:72:EA:0C:8A:6E:61:53:27:0B:20:18:A7:36:7D:E1:A8:06:C6"}}},"request":{"raw":"GET /afs/ads?sjk=ky%2BPixnIRvq%2Bnr63GCXRTw%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol116%2Cpid-bodis-gcontrol464%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497123494338338\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107\u0026format=r3\u0026nocache=3151769530008680\u0026num=0\u0026output=afd_ads\u0026domain_name=cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1769530008681\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=858536381\u0026rurl=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-disposition: inline\r\ndate: Tue, 27 Jan 2026 16:06:48 GMT\r\nexpires: Tue, 27 Jan 2026 16:06:48 GMT\r\ncache-control: private, max-age=3600\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-0k-yBMGfpZrgrrCpSuonZw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 2871\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":13949,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (13475)","md5":"d26b7291e3a1128ac8b5dce36967753b","sha1":"a58c1932037164c77b64294e81fb7c20398d418f","sha256":"ad6354e57287cd1fda587d9ce28ff9ffc86adc7c4bc1b3ad6bc927d51ce8678f","sha512":"e14761fc81e7c0b5b8f40b011c2164ceec99d4022ee8163537b5df2bbbc82f742343b0d290d4798be4fe32aa38a1d459d919379e65946a526d715e96c9332484","ssdeep":"96:GE/yk2iIlb5lphMzwronbo4tm0yXqM6vH5NYrWCoOiHMwDXw96DEMwDFw96DJrUb:GE12iMpgbogm0yXqMcH5WrsOioaLZk+","tlshash":"f05254376062272d5507dc541b2a6f6dd181d43bc4ab36e848e35b25c7ebf828bf228d","first_seen":"2026-01-27T16:07:13.70116Z","last_seen":"2026-01-27T16:07:13.70116Z","times_seen":1,"resource_available":false,"data":null}},"time_used":782,"timings":{"blocked":141,"dns":0,"connect":20,"send":0,"wait":500,"receive":0,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"park-3rd.dynadot.com/switzer/fonts/Switzer-Regular.woff2","fqdn":"park-3rd.dynadot.com","domain":"dynadot.com","tld":"com"},"ip":{"addr":"166.88.19.68","port":443,"asn":18779,"as":"EGIHOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://park-3rd.dynadot.com/bodis_banner.html","date":"2026-01-27T16:06:49.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"park-3rd.dynadot.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 15 Jan 2026 23:54:37 GMT","end":"Wed, 15 Apr 2026 23:54:36 GMT"},"fingerprint":{"sha1":"E2:F0:D0:08:38:ED:59:AC:7E:0A:82:00:FF:D1:55:4A:61:D3:3E:67","sha256":"5C:7B:8D:4F:99:20:EA:DD:92:6B:3E:45:30:DB:BC:B1:1C:A3:8D:37:98:56:D2:64:A4:D7:F0:ED:2F:2E:23:3A"}}},"request":{"raw":"GET /switzer/fonts/Switzer-Regular.woff2 HTTP/1.1\r\nHost: park-3rd.dynadot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://park-3rd.dynadot.com/switzer/css/switzer.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 27 Jan 2026 16:06:49 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 16728\r\nConnection: keep-alive\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: max-age=1209600\r\nExpires: Tue, 10 Feb 2026 16:06:49 GMT\r\nETag: 1761240483420\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16728,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 16728, version 1.0","md5":"e23161fd661d68acd57b789a9480e91c","sha1":"4ee6034ab8db8f6ae87f82ba2919574005dc91d2","sha256":"ddd9595560c35725e00d01667ce9bee519d245620e610844f0dd149df10b5d5f","sha512":"cfaa87e0974980fcb0e353db0a68deb3907846a6966e46fa21b2b637edd29071baf13825bb9ca2f10f457cd94baf3684d68b4c41af3a8353b14d21ea538f4e65","ssdeep":"384:6pTkKBpsb+Kkz953yu1mrwtzaYIAH6coLs9gLGwNnCPIRKRaaj9FG1ZU:6pTkKJ3yALtza/upE3nCgKaaJFG1ZU","tlshash":"1972b0295b80530fd91df5a270a4dfff61ae1ee4593ef8c23590b0b1284597a04b2db8","first_seen":"2023-06-01T13:52:06Z","last_seen":"2026-06-08T22:31:32.636469Z","times_seen":4283,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":106,"dns":0,"connect":0,"send":0,"wait":310,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=ky%2BPixnIRvq%2Bnr63GCXRTw%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol116%2Cpid-bodis-gcontrol464%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497123494338338\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107\u0026format=r3\u0026nocache=3151769530008680\u0026num=0\u0026output=afd_ads\u0026domain_name=cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1769530008681\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=858536381\u0026rurl=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F","date":"2026-01-27T16:06:49.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:19 GMT","end":"Mon, 23 Mar 2026 19:52:18 GMT"},"fingerprint":{"sha1":"D7:C1:50:3A:11:E3:C8:E7:F2:5B:60:F3:9C:59:72:5D:F4:96:F9:59","sha256":"BE:6E:88:B4:65:AE:9C:C6:5D:EB:49:CD:32:9F:F9:53:53:20:88:32:AB:4E:FF:B6:AF:38:5B:A3:8A:FC:B7:76"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 26 Jan 2026 21:33:27 GMT\r\nexpires: Tue, 27 Jan 2026 20:33:27 GMT\r\ncache-control: public, max-age=82800\r\nage: 66802\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"11b3089d616633ca6b73b57aa877eeb4","sha1":"07632f63e06b30d9b63c97177d3a8122629bda9b","sha256":"809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1","sha512":"079b0e35b479dfdbe64a987661000f4a034b10688e26f2a5fe6aaa807e81ccc5593d40609b731ab3340e687d83dd08de4b8b1e01cdac9d4523a9f6bb3acfcba0","ssdeep":"","tlshash":"d9d02291c2182d28441e82e0c37c312600fab0a2634c00dcfa80e300b20c9abb861669","first_seen":"2023-04-06T23:53:06Z","last_seen":"2026-06-08T02:25:10.760968Z","times_seen":412190,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":77,"dns":1,"connect":7,"send":0,"wait":9,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=g8lax43rz0hs\u0026cd_fexp=72717107\u0026aqid=mOJ4aaHAN8aUiM0Pl--nsAE\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=313\u0026adbh=373\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=858536381\u0026csala=5%7C0%7C741%7C84%7C13\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:51.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:54:22 GMT","end":"Mon, 23 Mar 2026 19:54:21 GMT"},"fingerprint":{"sha1":"9D:BB:26:CF:7B:0E:A1:95:A7:F4:DC:7B:2B:D7:90:ED:05:55:09:37","sha256":"2D:F0:B6:0B:EF:E5:95:E9:3E:0F:4C:FD:BA:F7:72:EA:0C:8A:6E:61:53:27:0B:20:18:A7:36:7D:E1:A8:06:C6"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=g8lax43rz0hs\u0026cd_fexp=72717107\u0026aqid=mOJ4aaHAN8aUiM0Pl--nsAE\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=313\u0026adbh=373\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=858536381\u0026csala=5%7C0%7C741%7C84%7C13\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-AMnR66FTlAD5dG66fl06xw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Tue, 27 Jan 2026 16:06:51 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:48.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:53:15 GMT","end":"Mon, 23 Mar 2026 19:53:14 GMT"},"fingerprint":{"sha1":"9C:37:F9:BF:35:57:46:D5:34:37:23:71:DE:BD:66:5E:77:DA:8A:62","sha256":"37:EA:A6:C5:A2:9F:7B:7E:6E:78:CF:38:EA:C5:EA:56:BD:FF:08:67:85:50:6B:BC:AC:6E:E6:19:76:0A:6A:97"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026bodis=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Tue, 27 Jan 2026 16:06:48 GMT\r\nexpires: Tue, 27 Jan 2026 16:06:48 GMT\r\ncache-control: private, max-age=3600\r\netag: \"2510613799098442491\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":136140,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2840)","md5":"774f004c5f36130d4ee08601eccfe66f","sha1":"f305a52c114b7351ed8baf73f9db646e8b2a9581","sha256":"ce05d5f52d1308d9c3c3112fd6ecb136a3c3882ec7132bb3108ea3aae342fdae","sha512":"618cff31bc4ee7baa591589096cb7b36d072666f66aac2c5301ec2697ab1375fcad44ad7377faec11f2ced7038e2881d2b761b39b7492cd8e49b7b3921546bde","ssdeep":"1536:jdCPHJJqchHyS0khmVfb9KUBl6c1OqYOuoXA2MyQOpXhgyX9USJaGs+0IoNYKS3j:Tbf8U6fqptXAEQSf7oN+3ld3P","tlshash":"a9d34ccdb7a1302243a3a5b5607f414fb13ab869a40c84a4f199d8e87c74dad4237fbd","first_seen":"2026-01-26T16:05:32.888656Z","last_seen":"2026-01-27T18:22:56.897059Z","times_seen":83,"resource_available":true,"data":null}},"time_used":354,"timings":{"blocked":154,"dns":3,"connect":28,"send":0,"wait":42,"receive":0,"ssl":124},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.251.142.225","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:48.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:54:19 GMT","end":"Mon, 23 Mar 2026 19:54:18 GMT"},"fingerprint":{"sha1":"DE:97:03:23:1F:2A:0D:35:BC:AD:5B:0D:3A:8D:F7:46:24:F2:13:83","sha256":"92:22:77:78:24:45:44:5C:99:0D:7E:12:0F:61:27:E9:A4:73:0B:17:67:3A:8E:DF:5D:39:AE:9D:D6:EA:29:8E"}}},"request":{"raw":"GET /sodar/sodar2/237/runner.html HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 5044\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 27 Jan 2026 16:00:28 GMT\r\nexpires: Tue, 27 Jan 2026 16:50:28 GMT\r\ncache-control: public, max-age=3000\r\nage: 380\r\nlast-modified: Tue, 13 May 2025 23:17:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2024)","md5":"0120a1d624ff8fc3ec792d93a7133947","sha1":"1e3bd23df78ff2c60b187b40a0c6505be9ab889f","sha256":"14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966","sha512":"84286e299ebc6690ee904b5581cd6aaf6b59d06200b61156923301484d1b75fa517894167c4f4777553ba09c840a2d74a723e3ff112448f00514d910dfd172c5","ssdeep":"192:pl/6xS2OASROqI3wgh5MXDc9EAOaK3qzfaGDCiMgIcTa1mx:rz2NQJIVsTiMH3qzfcOIr1mx","tlshash":"4842a7ccbad2b0210353b4f1a13f400ff13ea8aae44c9954b181e8e17cb56a94667f7d","first_seen":"2025-05-19T23:59:48.478548Z","last_seen":"2026-02-26T18:27:55.136579Z","times_seen":169945,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"park-3rd.dynadot.com/switzer/css/switzer.css","fqdn":"park-3rd.dynadot.com","domain":"dynadot.com","tld":"com"},"ip":{"addr":"166.88.19.68","port":443,"asn":18779,"as":"EGIHOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://park-3rd.dynadot.com/bodis_banner.html","date":"2026-01-27T16:06:48.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"park-3rd.dynadot.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 15 Jan 2026 23:54:37 GMT","end":"Wed, 15 Apr 2026 23:54:36 GMT"},"fingerprint":{"sha1":"E2:F0:D0:08:38:ED:59:AC:7E:0A:82:00:FF:D1:55:4A:61:D3:3E:67","sha256":"5C:7B:8D:4F:99:20:EA:DD:92:6B:3E:45:30:DB:BC:B1:1C:A3:8D:37:98:56:D2:64:A4:D7:F0:ED:2F:2E:23:3A"}}},"request":{"raw":"GET /switzer/css/switzer.css HTTP/1.1\r\nHost: park-3rd.dynadot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://park-3rd.dynadot.com/bodis_banner.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 27 Jan 2026 16:06:49 GMT\r\nContent-Type: text/css\r\nContent-Length: 819\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: max-age=1209600\r\nExpires: Tue, 10 Feb 2026 16:06:49 GMT\r\nETag: 1761240483386\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7650,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"168d1566dc57c30aa03a6aa4b90634ab","sha1":"24d1224b37d571dcabee52645ecdbb81cbc55955","sha256":"c1bac1b5447b443ccb97c6453329ac8997d8fbef799fa48d357e3dafeb35d2dd","sha512":"b424f88aac7e6311c035de3d9d8b56ab460e52666d52be95b958d2847a55666a86bf89c8c71094e7da32991ba32b6ca47e8b8f4716ce07e430a6898347709e1d","ssdeep":"192:TaYMGupu/1xcyf1kj1V61aH1i11Tsnon1hG1eBI:TaYMGSSX1f6K8OOwOMI","tlshash":"2ef1b0c9588a31c1a9221d4d33fb6e25bd7d24532016bd273b6d28949ffaa684350f3f","first_seen":"2023-06-01T13:52:06Z","last_seen":"2026-06-08T22:31:32.640663Z","times_seen":3649,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"park-3rd.dynadot.com/hp_script.js","fqdn":"park-3rd.dynadot.com","domain":"dynadot.com","tld":"com"},"ip":{"addr":"166.88.19.68","port":443,"asn":18779,"as":"EGIHOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://park-3rd.dynadot.com/bodis_banner.html","date":"2026-01-27T16:06:48.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"park-3rd.dynadot.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 15 Jan 2026 23:54:37 GMT","end":"Wed, 15 Apr 2026 23:54:36 GMT"},"fingerprint":{"sha1":"E2:F0:D0:08:38:ED:59:AC:7E:0A:82:00:FF:D1:55:4A:61:D3:3E:67","sha256":"5C:7B:8D:4F:99:20:EA:DD:92:6B:3E:45:30:DB:BC:B1:1C:A3:8D:37:98:56:D2:64:A4:D7:F0:ED:2F:2E:23:3A"}}},"request":{"raw":"GET /hp_script.js HTTP/1.1\r\nHost: park-3rd.dynadot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://park-3rd.dynadot.com/bodis_banner.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 27 Jan 2026 16:06:49 GMT\r\nContent-Type: application/x-javascript\r\nContent-Length: 1689\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: max-age=1209600\r\nExpires: Tue, 10 Feb 2026 16:06:49 GMT\r\nETag: 1769530009372\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4289,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (4289), with no line terminators","md5":"e3a38f9f90665f041fc2f74a7783d11f","sha1":"36a00e17f15f30e9bb864d42acf2614f0a6085af","sha256":"76b055d98452d34162573203254cbdaa9938774e55fae84d7e8a41b912522687","sha512":"fb6f924de583713b6c28699d7fbbf74afb85a748589de184ae0ee81daee90f9ee65289afa23e21cd8d0d27969b5a0ce4cfc6ca5afcf6d1add372b4f8e9c8b81e","ssdeep":"48:EVs9CntfQvSwXwRA7wTfwErWX0wR4tT0iWjv0CrrtreAf1JbgrzrH02cwTxWwEWh:tWadgRA7C3rMpZtgPrUGvERRjPMv3","tlshash":"fa9152be3246b7b35ea714d9f8abcc566870a7f2f10a8c70d090e492757cce91672d48","first_seen":"2023-03-07T01:03:14Z","last_seen":"2026-06-08T22:31:32.645657Z","times_seen":3545,"resource_available":true,"data":null}},"time_used":780,"timings":{"blocked":309,"dns":1,"connect":152,"send":0,"wait":158,"receive":0,"ssl":158},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://syndicatedsearch.goog/afs/ads?sjk=ky%2BPixnIRvq%2Bnr63GCXRTw%3D%3D\u0026adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol116%2Cpid-bodis-gcontrol464%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis31_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497123494338338\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107\u0026format=r3\u0026nocache=3151769530008680\u0026num=0\u0026output=afd_ads\u0026domain_name=cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1769530008681\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=858536381\u0026rurl=https%3A%2F%2Fcea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com%2F","date":"2026-01-27T16:06:49.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:54:22 GMT","end":"Mon, 23 Mar 2026 19:54:21 GMT"},"fingerprint":{"sha1":"9D:BB:26:CF:7B:0E:A1:95:A7:F4:DC:7B:2B:D7:90:ED:05:55:09:37","sha256":"2D:F0:B6:0B:EF:E5:95:E9:3E:0F:4C:FD:BA:F7:72:EA:0C:8A:6E:61:53:27:0B:20:18:A7:36:7D:E1:A8:06:C6"}}},"request":{"raw":"GET /adsense/domains/caf.js HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Tue, 27 Jan 2026 16:06:49 GMT\r\nexpires: Tue, 27 Jan 2026 16:06:49 GMT\r\ncache-control: private, max-age=3600\r\netag: \"7797818988727318715\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":136147,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2840)","md5":"82e5899d16442abb06e8b7117671685c","sha1":"78484c1aa7c7d9280a34dec759f0040e099fca64","sha256":"9e57082261fb1e75fa243ecee0b6ca16d1c204d5d04aab9e94e70314cef36ab4","sha512":"5e94b39e0b18585ed67c718ea0b8f5683691c6b149217e9f98c254b59fb5fb7155d9ab513f6aba1e896731faa508de7e19acf68f06f8b0b40a97f5535ab9c69e","ssdeep":"1536:zdCPHJJqchHyS0khmVfb9KUBl6c1OqYOuoXA2MyQOpXhgyX9USJaGs+0IoNYKS3j:Dbf8U6fqptXAEQSf7oN+3ld3P","tlshash":"68d34ccdb7a1302243a3a5b5607f414fb13ab869a40c84a4f199d8e87c74dad4237fbd","first_seen":"2026-01-26T17:52:48.62128Z","last_seen":"2026-01-27T18:22:31.962792Z","times_seen":47,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=15mtd5l1xupl\u0026cd_fexp=72717107\u0026aqid=mOJ4aaHAN8aUiM0Pl--nsAE\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=313\u0026adbh=373\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=858536381\u0026csala=5%7C0%7C741%7C84%7C13\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:51.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:54:22 GMT","end":"Mon, 23 Mar 2026 19:54:21 GMT"},"fingerprint":{"sha1":"9D:BB:26:CF:7B:0E:A1:95:A7:F4:DC:7B:2B:D7:90:ED:05:55:09:37","sha256":"2D:F0:B6:0B:EF:E5:95:E9:3E:0F:4C:FD:BA:F7:72:EA:0C:8A:6E:61:53:27:0B:20:18:A7:36:7D:E1:A8:06:C6"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis31_3ph\u0026output=uds_ads_only\u0026zx=15mtd5l1xupl\u0026cd_fexp=72717107\u0026aqid=mOJ4aaHAN8aUiM0Pl--nsAE\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=313\u0026adbh=373\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis31_3ph\u0026errv=858536381\u0026csala=5%7C0%7C741%7C84%7C13\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-VMUUMdS9akRMS6D9994ixg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Tue, 27 Jan 2026 16:06:51 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/_fd","fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","domain":"exodus-request.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:48.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 12:44:35 GMT","end":"Mon, 27 Apr 2026 12:44:34 GMT"},"fingerprint":{"sha1":"C3:6F:E9:AD:6C:66:94:6D:AC:89:B4:0D:2F:67:CC:29:EA:86:CD:A2","sha256":"B7:90:A2:E2:4C:55:84:98:6F:40:37:93:B7:1F:C2:7A:94:05:F9:CC:A3:F3:CC:2A:DC:E2:98:59:ED:0B:90:C8"}}},"request":{"raw":"POST /_fd HTTP/1.1\r\nHost: cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nContent-Type: application/json\r\nOrigin: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=4f026521-6556-4e7d-a023-322b008bce14\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 27 Jan 2026 16:06:48 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 5681\r\nX-Request-Id: 9a40854b-10ca-4897-b862-4d2fa59b22d1\r\nSet-Cookie: parking_session=4f026521-6556-4e7d-a023-322b008bce14; expires=Tue, 27 Jan 2026 16:21:48 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5681,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with very long lines (5681), with no line terminators","md5":"d58483691c098cbc20beb844ae7ed729","sha1":"5d0bce6acab5a22d228aa766633896a96f773b37","sha256":"75ae59e814515b616a9c5b9a2967cdca36f247a7455d02585a6f4b9dc3d48796","sha512":"e558366d7d2d160a813e8a96126443455e151bb2c8931113c51316f7395bfe29dac45a5bdb6a6d4b4817049ad411b9859f749689b10c9523079c06cfe39af9ac","ssdeep":"96:N9SSvSSS2pYgIIYhzX9WERyXyRCP4yb3fQNRcMRn:CtOY5rzX9WgCADM+n","tlshash":"fdc1a5ebcb19389ac75a840376ce17da634e837f3369625c515fca448619a0f79e022b","first_seen":"2026-01-27T16:07:13.71019Z","last_seen":"2026-01-27T16:07:13.71019Z","times_seen":1,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/_tr","fqdn":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","domain":"exodus-request.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:49.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 27 Jan 2026 12:44:35 GMT","end":"Mon, 27 Apr 2026 12:44:34 GMT"},"fingerprint":{"sha1":"C3:6F:E9:AD:6C:66:94:6D:AC:89:B4:0D:2F:67:CC:29:EA:86:CD:A2","sha256":"B7:90:A2:E2:4C:55:84:98:6F:40:37:93:B7:1F:C2:7A:94:05:F9:CC:A3:F3:CC:2A:DC:E2:98:59:ED:0B:90:C8"}}},"request":{"raw":"POST /_tr HTTP/1.1\r\nHost: cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nContent-Type: application/json\r\nContent-Length: 1993\r\nOrigin: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=4f026521-6556-4e7d-a023-322b008bce14\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1993,"data":"{\"signature\":\"UxFdVMwNFNwN0wzODEybVeyJhZF9sb2FkZWRfY2FsbGJhY2siOnsiY29udGFpbmVyTmFtZSI6InJzIiwiYWRzTG9hZGVkIjp0cnVlLCJjYWxsYmFja09wdGlvbnMiOnsiY2FmUmVxdWVzdEFjY2VwdGVkIjp0cnVlLCJjYWZTdGF0dXMiOnsiY2xpZW50IjoicGFydG5lci1kcC1ib2RpczMxXzNwaCIsImFkdWx0IjpmYWxzZX19fSwiYXBwX3ZlcnNpb24iOiIwLjkuNCIsImNhZl9jbGllbnRfaWQiOiJwYXJ0bmVyLWRwLWJvZGlzMzFfM3BoIiwiY2FmX3RpbWVkX291dCI6ZmFsc2UsImNhZl9sb2FkZWRfbXMiOjg5MywiY2hhbm5lbCI6InBpZC1ib2Rpcy1nY29udHJvbDQ3LHBpZC1ib2Rpcy1nY29udHJvbDExNixwaWQtYm9kaXMtZ2NvbnRyb2w0NjQscGlkLWJvZGlzLWdjb250cm9sMTUxLHBpZC1ib2Rpcy1nY29udHJvbDE2MiIsImRlc2t0b3AiOnRydWUsInRlcm1zIjoiIiwiZmRfc2VydmVyX2RhdGV0aW1lIjoxNzY5NTMwMDA4LCJmZF9zZXJ2ZXIiOiJpcC0xMC0yMDEtNDAtNTIuZXUtd2VzdC0xLmNvbXB1dGUuaW50ZXJuYWwiLCJmbGV4X3J1bGUiOnsiYWN0aW9uIjoiIiwiY3VzdG9tX3JlYXNvbiI6IiIsImZsZXhfaWQiOjAsIm1pc21hdGNoIjpmYWxzZX0sImhvc3QiOiJjZWEzNGJiMC0yNWIxLTQzYTItOGM3NS1jZjQyNTM5Mzg5NGYuZXhvZHVzLXJlcXVlc3QuY29tIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJpdnQiOmZhbHNlLCJtb2JpbGUiOmZhbHNlLCJwYWdlX2hlYWRlcnMiOnt9LCJwYWdlX2xvYWRlZF9jYWxsYmFjayI6eyJyZXF1ZXN0QWNjZXB0ZWQiOnRydWUsInN0YXR1cyI6eyJjbGllbnQiOiJwYXJ0bmVyLWRwLWJvZGlzMzFfM3BoIiwiYWR1bHQiOmZhbHNlfX0sInBhZ2VfbWV0aG9kIjoiR0VUIiwicGFnZV9yZXF1ZXN0Ijp7fSwicGFnZV90aW1lIjoxNzY5NTMwMDA3LCJwYWdlX3VybCI6Imh0dHBzOi8vY2VhMzRiYjAtMjViMS00M2EyLThjNzUtY2Y0MjUzOTM4OTRmLmV4b2R1cy1yZXF1ZXN0LmNvbS8iLCJ0YWJsZXQiOmZhbHNlLCJ0ZW1wbGF0ZV9pZCI6MzQ1LCJ0eXBlIjoidmlzaXQiLCJ1c2VyX2hhc19hZF9ibG9ja2VyIjpudWxsLCJ1c2VyX2lkIjo2MTIxMiwidXVpZCI6IjRmMDI2NTIxLTY1NTYtNGU3ZC1hMDIzLTMyMmIwMDhiY2UxNCIsInplcm9jbGljayI6e30sInBvcHVwIjpmYWxzZSwidGltZXpvbmVfb2Zmc2V0IjowLCJ1c2VyX3ByZWZlcmVuY2UiOnsibG9jYWxlIjoiZW4tVVMiLCJjYWxlbmRhciI6ImdyZWdvcnkiLCJudW1iZXJpbmdTeXN0ZW0iOiJsYXRuIiwidGltZVpvbmUiOiJVVEMiLCJ5ZWFyIjoibnVtZXJpYyIsIm1vbnRoIjoibnVtZXJpYyIsImRheSI6Im51bWVyaWMifSwidXNlcl91c2luZ19kYXJrbW9kZSI6ZmFsc2UsInVzZXJfc3VwcG9ydHNfZGFya21vZGUiOnRydWUsIndpbmRvd19yZXNvbHV0aW9uIjp7IndpZHRoIjoxMjgwLCJoZWlnaHQiOjEwMjR9LCJzY3JlZW5fcmVzb2x1dGlvbiI6eyJ3aWR0aCI6MTI4MCwiaGVpZ2h0IjoxMDI0fSwiZnJhbWUiOm51bGx9\"}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 27 Jan 2026 16:06:49 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 2\r\nX-Request-Id: f5353a16-8cc0-4008-927c-9d6e11ad73b2\r\nSet-Cookie: parking_session=4f026521-6556-4e7d-a023-322b008bce14; expires=Tue, 27 Jan 2026 16:21:49 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-06-08T22:05:16.580961Z","times_seen":423625,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ep1.adtrafficquality.google/getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=ky+PixnIRvq+nr63GCXRTw==\u0026sde=1","fqdn":"ep1.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/","date":"2026-01-27T16:06:48.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:54:19 GMT","end":"Mon, 23 Mar 2026 19:54:18 GMT"},"fingerprint":{"sha1":"DE:97:03:23:1F:2A:0D:35:BC:AD:5B:0D:3A:8D:F7:46:24:F2:13:83","sha256":"92:22:77:78:24:45:44:5C:99:0D:7E:12:0F:61:27:E9:A4:73:0B:17:67:3A:8E:DF:5D:39:AE:9D:D6:EA:29:8E"}}},"request":{"raw":"GET /getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=ky+PixnIRvq+nr63GCXRTw==\u0026sde=1 HTTP/1.1\r\nHost: ep1.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cea34bb0-25b1-43a2-8c75-cf425393894f.exodus-request.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=UTF-8\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\ndate: Tue, 27 Jan 2026 16:06:48 GMT\r\nserver: cafe\r\ncontent-length: 8062\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10670,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"4d64cf2faaa42766825d887e1b125d22","sha1":"e3be214a419203bcc2fea7d5f1393329a5aa956e","sha256":"75b699e117f286cef67297605b8e546cec0503b34e59d3f5281b1ae7f3b34e95","sha512":"1b975bfb81342269b88ab99b2aeba93a94bd74b8543b61d97d5d0d51dc66c0b6d1945ddf7b495ddffee915f67407d97b5bfdd70f79e802df77bf80c06338c8df","ssdeep":"192:M8Tq8i6S/pYio13PC2bd7QjrBy0RpYNvWDTg4ssJoE:M8Tq8ebafP57QQ2+NsM4HoE","tlshash":"8e22d0832890bccfaf3b62aec01d92405ee38c063ddaceda52454975dad2d1001f89b4","first_seen":"2026-01-27T16:07:13.711924Z","last_seen":"2026-01-27T16:07:13.711924Z","times_seen":1,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":79,"dns":1,"connect":8,"send":0,"wait":32,"receive":1,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}