{"report_id":"a6c8467c-d9e1-4cb9-baa2-65925714b633","version":6,"status":"done","tags":[],"date":"2024-10-09T02:54:55Z","url":{"schema":"http","addr":"ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":0,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"title":"vofycot.com - Dette nettstedet er til salgs! - vofycot Ressurser og informasjon"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-20T08:43:27Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"img.sedoparking.com","ip":{"addr":"205.234.175.175","port":443,"asn":30081,"as":"CACHENETWORKS","country":"United States","country_code":"US"},"domain_registered":"2001-09-18","domain_rank":54200,"first_seen":"2013-04-23 00:23:29","last_seen":"2024-10-08 17:34:21","alert_count":0,"request_count":2,"received_data":28800,"sent_data":898,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ww16.vofycot.com","ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2011-09-20","domain_rank":0,"first_seen":"2023-11-01 22:38:13","last_seen":"2024-10-07 19:44:38","alert_count":2,"request_count":2,"received_data":25871,"sent_data":1383,"comment":"","tags":null,"fingerprints":null},{"fqdn":"syndicatedsearch.goog","ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":0,"first_seen":"2023-09-25 11:30:59","last_seen":"2024-10-08 11:03:17","alert_count":0,"request_count":7,"received_data":162162,"sent_data":5189,"comment":"","tags":null,"fingerprints":null},{"fqdn":"afs.googleusercontent.com","ip":{"addr":"142.250.74.129","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":12123,"first_seen":"2013-05-06 21:11:00","last_seen":"2024-10-07 19:37:56","alert_count":0,"request_count":2,"received_data":2089,"sent_data":977,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-10-07 19:37:45","alert_count":0,"request_count":5,"received_data":4435,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10 13:11:19","last_seen":"2024-09-30 04:32:43","alert_count":0,"request_count":1,"received_data":153958,"sent_data":458,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-10-07 19:37:44","alert_count":0,"request_count":4,"received_data":3549,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"216.58.207.195","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-10-07 19:37:47","alert_count":0,"request_count":8,"received_data":5594,"sent_data":2600,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-08","alert":"Sinkholed","trigger":"vofycot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-08","alert":"Sinkholed","trigger":"vofycot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"a511f4e222479ed1f29f504a71a61051","sha1":"d8851487947b0ecd98100c35d7ac6da3c7da483c","sha256":"0be104189e6a7c9efff0b10a965b97e3cf41f646c9e7fe38accb2d5a56a1190d","sha512":"f32db22511e3babf691dc1b170fdd66e641350dcb200f793d96be18dde6537711d4538ae60e20b81d3a009006806c08fea1bf3db6dab8d26c65bca847ec750c0","ssdeep":"96:rPtNUiEXxdLvY/6mal8/6mlGciw60plNGciw609naVKwg4Jl0UOs:rPYikLvKBlDiw60BDiw600Kwg4Jl1X","tlshash":"4f812c145e802afe959010c860517d20767ef23364d2a1bfd98af88d03cbaca7031eef","size":4102,"data":"","first_seen":"2024-10-11T08:43:29.541089Z","last_seen":"2024-10-11T08:43:29.541089Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1217ad48dffc6a9f925b6fd708780429","sha1":"41cd7b64f11c25505b79bcd615f9947a9ec713d7","sha256":"249ce52b32ab30357a9b061f78b007c3a913ac7ff524d4341372a32770dde660","sha512":"fa22cb8fd9efcd9548eecca0f8098d8302df320dee31baebb815d30b01285bd6af743e61d331643cfa3feba78aaa59be16403afcf1d3aec05ca6849544c225a7","ssdeep":"1536:2SG6arvU/wAQWPyXpKHhitCnAyYHLaUbxijIHWvxDZz7/wurgsjWbcbWgQWZpVqk:zH1YrCIHWpDB74u7RzqNYPCfaQBZwK0j","tlshash":"28e36cdd77a5702253a394b4607f118fb23af895e80889b4b098c8e47c78d991277fbd","size":153115,"data":"","first_seen":"2024-10-02T15:28:46Z","last_seen":"2024-10-11T09:19:45.451364Z","times_seen":399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ddc86a1d8ae00753cc792ab72a58071","sha1":"b405fd8562e0d0582f25f4b7ac6d180d72e0e935","sha256":"4a5f92285fc4b884f74fbf249d3c256136ae5f4c387ba90230f0f357322a6d8d","sha512":"337f042898bb652dbf059bac436e37573e42862bee51cfb738b377bca7f38fa69cfd2b77116b2cf8e4835b42d4ee9d9c609073f9d5a75d49b42dcf50f35d2bda","ssdeep":"","tlshash":"86f00cb13a71034ac632eb1be1d70195be6cc017c041f86270be90200bdc9364aa0ba6","size":622,"data":"","first_seen":"2023-03-07T01:10:36Z","last_seen":"2026-03-17T22:00:07.128949Z","times_seen":34501,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"978e89b89f929ebbd0a746295eafbcbe","sha1":"6b92ab60432c1e5a8aebc60ebc94f1f24c28cea6","sha256":"848eaac812a5c6ef9f75fc33f2bfbb7169bfea60bc4d4a28a7e77d1737ca42ac","sha512":"c7b6c342a6cc4121c889e38dc07ec85f7b3b1ff7811c0babb5f5abaf39a984424751eb1a7ff400e9bd45f0d49e96be85ff30023dfe9de0b3c0463e1d136e42d1","ssdeep":"96:zQIHrUsXy9Cp1OuKfIqT1M6BXXjgXnB9qPsBJaqJ4uSnx73CUnKVGSrbH:jrUs2nDxQqPJTuIRIESrbH","tlshash":"26c194723145347a4aff0751206f1f14b67ae8533a08b419b028b7e82bebd5744dbb6a","size":5888,"data":"","first_seen":"2024-05-23T11:11:38Z","last_seen":"2026-03-23T00:52:59.161451Z","times_seen":188504,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads/i/iframe.html","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"33839cb72649c81ab58b763c95b4a163","sha1":"0c9b62881e660fded013cee58439ae287690065a","sha256":"cdded269406c9b2b49a3066d12e75913abf338cdd7fa00e31fff299efef1cb76","sha512":"c72011d6bc068615b6a9e4f659c5aeb6c04a889bd4163e4a351d7659c48e715a94002e35637c3e1cb6a9b269271fb43d6b77495000ab1143ee401e2bb68b7357","ssdeep":"","tlshash":"2e218b6e4c50822f6eb63e9e296fba04fb235421e049e1d0c54cf865397df93892d9f4","size":1302,"data":"","first_seen":"2023-04-05T04:36:39Z","last_seen":"2025-03-02T05:25:03.460086Z","times_seen":67768,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?adsafe=low\u0026adtest=off\u0026psid=9330244380\u0026channel=%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjg0NDI0NjkmdGNpZD13dzE2LnZvZnljb3QuY29tNjcwNWYwNjVjMmU0MjguNzc4MDc4NDMmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPVIyUjVkZWNPeDc3Mk9DbU5kZlox\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=9771728442470214\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=2\u0026u_his=2\u0026u_tz=0\u0026dt=1728442470223\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=999\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=681010707\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20241009-1349-43b4-b33f-a875bbcfa9bc","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3ca6f7ae5d8761ae73942878db762de2","sha1":"fd3e50be452b84b7c637754f4200e5300f2b3439","sha256":"bbd1eaf3aad7bd59e17c10ebc9f50e15f065128c78263efdf33128c0ae3d126a","sha512":"3a9469fe6691a3064a7a59fb6d248d4c964fe1878f5b7e654c7917500c42ebb81554ab5dc6007773c7f5306a55df53b0c62bdf08c22032e62b34937aab502948","ssdeep":"","tlshash":"9d1123561c580671d963516158563f9178a9017123cb2299e80de49a20bdecf661d2ab","size":866,"data":"","first_seen":"2024-10-11T08:43:29.543399Z","last_seen":"2024-10-11T08:43:29.543399Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c7edc182344882216d6d4d7dc46231f","sha1":"4b981e96e6b665ede4426a89d121d4ae878a76da","sha256":"6570292e68a16b7f4a51f9672e5f1028112066252c27273ede1f061bb104bb5e","sha512":"481a0b356c1b0b3b9bb0a5e096e262cf7797a1d84d83ef38760b7ccb81aae73b31ce1df17a415d9422af52fcdd62191156d3c14f32c28b37db47af35e576a232","ssdeep":"1536:eSG6arvU/wAQWPyXpKHhitCnAyYHLaUbxijIHWvxDZz7/wurgsjWbcbWgQWZpVqk:bH1YrCIHWpDB74u7RzqNYPCfaQBZwK0j","tlshash":"79e36cdd77a5702253a394b4607f118fb23af895e80889b4b098c8e47c78d991277fbd","size":153131,"data":"","first_seen":"2024-10-02T16:05:43Z","last_seen":"2024-10-11T09:19:25.033117Z","times_seen":350,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:28.594045189Z","timestamp":1728442468594,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A4B45C1833F63C69B1847216D9DD0BBFC4F95F33501D88E7DC5555648F019595\"\r\nLast-Modified: Tue, 08 Oct 2024 12:10:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20294\r\nExpires: Wed, 09 Oct 2024 08:32:42 GMT\r\nDate: Wed, 09 Oct 2024 02:54:28 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"94a2d5e693f71770bd013db51ee0fbbe","sha1":"2f5b5bd658d11088f0599e5f244740d0d8667bea","sha256":"a4b45c1833f63c69b1847216d9dd0bbfc4f95f33501d88e7dc5555648f019595","sha512":"32b8c15712ad549dcea1ffd060533739fc24a5d0851a10fe5cb543964e9646064aaa57d08b011878392ce21417dfbe8876ddfd49ab231a0c27a6ccaae1e8ce0e","ssdeep":"","tlshash":"a2f005970bb17c0d5a3114023c1fc932aa59fefb310007b421c042e275276ed51c5048","first_seen":"2024-10-08T22:31:32Z","last_seen":"2024-10-11T08:46:35.594409Z","times_seen":2943,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:28.619018534Z","timestamp":1728442468619,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"86D583A273489C4B3D93BC10E3FA9718746BA439C1D88533F0177DEC4C7183CE\"\r\nLast-Modified: Tue, 08 Oct 2024 22:04:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4696\r\nExpires: Wed, 09 Oct 2024 04:12:44 GMT\r\nDate: Wed, 09 Oct 2024 02:54:28 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"b5fba3de48fd6c409033029700670f78","sha1":"0e348372969c771ca1d5f0ae6a944eb21c7ede05","sha256":"86d583a273489c4b3d93bc10e3fa9718746ba439c1d88533f0177dec4c7183ce","sha512":"e42ce3cac91c3d76f32dc8bf1d879f58eddb75f7853e47d3dd3a8b488da45c306661c8da1ff42e218ae0a3ae2dfdf055d579e7df6d440f03324c696dad52766d","ssdeep":"","tlshash":"96f05c2705d1f0441bf406417d74eb5e5f34d7be3c456a503ce01bf5b4047dd8158854","first_seen":"2024-10-11T08:43:15.823987Z","last_seen":"2024-10-11T08:43:43.225467Z","times_seen":240,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:29.026863174Z","timestamp":1728442469026,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"B6DB380F5EEB73AA56ABF90AFA43B52CC9F51B01F33AD1EEFECCC473A41FFB86\"\r\nLast-Modified: Tue, 08 Oct 2024 11:18:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4640\r\nExpires: Wed, 09 Oct 2024 04:11:49 GMT\r\nDate: Wed, 09 Oct 2024 02:54:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"33985775df7b619cb33f4050d88c5fb9","sha1":"cf0b2ff92cd2f7e12ce788a164a73d75dea5da83","sha256":"b6db380f5eeb73aa56abf90afa43b52cc9f51b01f33ad1eefeccc473a41ffb86","sha512":"6bc0e873177bc8082b9b3d8fdb3e1c3d3b2adf2d27c0053919c540d80bdfffa7a6f41b0ea381ef7e077c08bbd371ab5a9cbae5cea92e4752c766d8ff25ddb8f5","ssdeep":"","tlshash":"81f07551c5b13da01bb01629d9a89003dd10cdfa14c05be451f443e23c02bfc468054c","first_seen":"2024-10-08T16:14:32Z","last_seen":"2024-10-11T08:49:31.751651Z","times_seen":5844,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:29.316457533Z","timestamp":1728442469316,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"AF0C2421D7AF6507EB62DFA55B8DD2C1F969CA02692E89D3BF841CB42430EBE1\"\r\nLast-Modified: Tue, 08 Oct 2024 12:40:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3123\r\nExpires: Wed, 09 Oct 2024 03:46:32 GMT\r\nDate: Wed, 09 Oct 2024 02:54:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ee8a3075e7c2e453a0e7ecb6d0ffb710","sha1":"8207b3beb4c30142e41563a15cc410ecab5f61a8","sha256":"af0c2421d7af6507eb62dfa55b8dd2c1f969ca02692e89d3bf841cb42430ebe1","sha512":"b5680c001311a9376e2f7c022338b8eb243bbb2fb53380a584e688af1166a84e7a5a54232b3a512f486cf484b951cd675701b6806c51738eab014911c2fc68d4","ssdeep":"","tlshash":"a5f00e921aa1bd007eb31e7238bec4411f62f8af34701ba664d01381a84fbf92bc418c","first_seen":"2024-10-09T00:34:34Z","last_seen":"2024-10-11T08:45:45.053245Z","times_seen":1876,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"216.58.207.195","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:30.061528543Z","timestamp":1728442470061,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 09 Oct 2024 02:54:30 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"33d4f5a6cef58799a568093402d12541","sha1":"171fc7e74d9cbc6cc9e1fcb4e55e08ffd6e10ba3","sha256":"f7d3da2b57c0872412a74ef15f84376a15bdb6ec765b3ae9cd81028b768a0979","sha512":"4757ed445c23ed29536a29cd769f7f4447ad1dd21e565cc84a60589b0f9ef35bc35cc557035035510fcbf9b73e38e42d5dd5735f6fcc68ce93c7b6f7f2b32782","ssdeep":"","tlshash":"e9f0dc46baa07e488b51082274d4f868389dae22047d531d247d26d831c86ae2108da9","first_seen":"2024-10-08T18:45:56Z","last_seen":"2024-10-11T08:48:28.620311Z","times_seen":553,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.sedoparking.com/templates/bg/arrows.png","fqdn":"img.sedoparking.com","domain":"sedoparking.com","tld":"com"},"ip":{"addr":"205.234.175.175","port":443,"asn":30081,"as":"CACHENETWORKS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:29.982Z","timestamp":1728442469982,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cachefly.net","organization":"Cachenetworks, LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 13 Nov 2023 19:46:02 GMT","end":"Sat, 14 Dec 2024 19:46:01 GMT"},"fingerprint":{"sha1":"0F:4E:B2:D7:96:B9:94:D0:35:66:76:6C:4B:16:18:49:DE:42:80:71","sha256":"B4:3D:3A:B6:67:6B:37:A7:E4:37:72:9C:D8:78:19:54:42:D6:E2:12:1F:92:06:04:F9:E5:21:A9:9D:0F:F1:88"}}},"request":{"raw":"GET /templates/bg/arrows.png HTTP/1.1\r\nHost: img.sedoparking.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 09 Oct 2024 02:54:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 12642\r\naccess-control-allow-origin: *\r\ncache-control: max-age=604800\r\nexpires: Wed, 16 Oct 2024 02:54:30 GMT\r\nx-cfhash: \"6dc0bad9aa452ff871b282dabd47131e\"\r\nx-cff: B\r\nlast-modified: Mon, 11 Oct 2021 05:39:44 GMT\r\nx-cf3: H\r\ncf4age: 23090\r\nx-cf-tsc: 1711144663\r\ncf4ttl: 31512910.000\r\nx-cf2: H\r\nserver: CFS 1124\r\nx-cf-reqid: 53c2aa07e912c7c044209266dcdf0ac5\r\nx-cf1: 11696:fD.arn1:cf:nom:cacheN.arn1-01:H\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12642,"size_decoded":12642,"mime_type":"image/png","magic":"PNG image data, 426 x 475, 8-bit/color RGBA, non-interlaced","md5":"6dc0bad9aa452ff871b282dabd47131e","sha1":"01411e6726e033240caa3926141a6adbc18a2d73","sha256":"3059fbd6cd3550047483dca4071c93e5cf4cc79ce8bafc4388166fbc5279644b","sha512":"a8533391f3487677d739f950a4ec26a2ac46b345462aa9e2b087c3cb7b7cd4049b5eeea8c51a1687ba5193a1d5e8f8412a4226169d5e7991f8008666684b3467","ssdeep":"384:kDdVwWUly0UrhcAJcbPGpVyZaCzld7KNu:ydWU0UHyP2VyRMu","tlshash":"f842c0a0575188d7941fa5cb9b7ca93d56e662ea30c42750cfb8ccc9f4f4d09a3a9860","first_seen":"2023-04-07T02:44:40Z","last_seen":"2026-03-17T22:00:07.122203Z","times_seen":37861,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":73,"dns":0,"connect":20,"send":0,"wait":21,"receive":1,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww16.vofycot.com/search/tsc.php?ses=ogc1s8Bih2iAoI0QgFy4qd2xDGR0nZcG85U5_14uHqcu4uJl3I2dcpbT_FhrT9SGl4oW9pR-RCfkdP3HAd5fbXQkSOdgPzQSlr_v08Jc6QYOCC6BRfgn-U60Ih11dZccsxzr23940xhDkocA8drpSJDD1qhXXELaSLrhnFndp71hK9ZF6MKo6V8A_B2rNqJ7T-aW8Bs5BtK3tDvzs36HsegVBGADVh5nE4vHctiLWFxHnkfBSLYoqx-DdZS_8aCkWQkIGUF0ca8cvVKtkMcvBrBLDDA1JD2tRtSv2ZROGzwpt8pwd55YWyCa1hnS0xx-dSOoog6tm0F-VpZ-BtQ0LizhFpKKrCTIqQayW9AnGoFy32QJciX_Ozyp-rxkg\u0026cv=2","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:30.237Z","timestamp":1728442470237,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww16.vofycot.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Thu, 02 Nov 2023 00:00:00 GMT","end":"Sat, 02 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"77:E9:D4:A2:BA:16:65:DB:42:BE:75:37:14:8C:76:AC:69:F6:79:69","sha256":"35:FC:2C:4E:46:BE:81:6A:DF:9F:FD:53:6B:0C:DA:1C:B9:F1:BF:8B:45:09:D0:DE:8A:54:86:04:AF:F1:84:43"}}},"request":{"raw":"GET /search/tsc.php?ses=ogc1s8Bih2iAoI0QgFy4qd2xDGR0nZcG85U5_14uHqcu4uJl3I2dcpbT_FhrT9SGl4oW9pR-RCfkdP3HAd5fbXQkSOdgPzQSlr_v08Jc6QYOCC6BRfgn-U60Ih11dZccsxzr23940xhDkocA8drpSJDD1qhXXELaSLrhnFndp71hK9ZF6MKo6V8A_B2rNqJ7T-aW8Bs5BtK3tDvzs36HsegVBGADVh5nE4vHctiLWFxHnkfBSLYoqx-DdZS_8aCkWQkIGUF0ca8cvVKtkMcvBrBLDDA1JD2tRtSv2ZROGzwpt8pwd55YWyCa1hnS0xx-dSOoog6tm0F-VpZ-BtQ0LizhFpKKrCTIqQayW9AnGoFy32QJciX_Ozyp-rxkg\u0026cv=2 HTTP/1.1\r\nHost: ww16.vofycot.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 09 Oct 2024 02:54:30 GMT\r\nserver: Parking/1.0\r\nx-cache-miss-from: parking-5879f9b8c8-n4cc7\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T10:11:22.122616Z","times_seen":15434026,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-08","alert":"Sinkholed","trigger":"vofycot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"216.58.207.195","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:30.290106386Z","timestamp":1728442470290,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 09 Oct 2024 02:54:30 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"b3b74002b5c9ff17dba60c23cf24b3ba","sha1":"e633515685ce58e2af3a4291bc94cc572e270f13","sha256":"e1286b7043408065152a3bdffe36564eafff5bc66d912f8a4a6b0d73c9dea586","sha512":"c5e3266d4ce74654b1f1402ff82fe9347404cf6da6a1932cf8b4587a2395e8edbad3e32e493a49a884240b0a3cbf048ea36894adf53ece46029abcd28a71f77a","ssdeep":"","tlshash":"23f0d441d574fc02ee13547832c87af77442ab74449027143561a5e631c06be774ca60","first_seen":"2024-10-08T18:18:13Z","last_seen":"2024-10-11T08:48:38.216178Z","times_seen":513,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.sedoparking.com/templates/logos/sedo_logo.png","fqdn":"img.sedoparking.com","domain":"sedoparking.com","tld":"com"},"ip":{"addr":"205.234.175.175","port":443,"asn":30081,"as":"CACHENETWORKS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:30.273Z","timestamp":1728442470273,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cachefly.net","organization":"Cachenetworks, LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 13 Nov 2023 19:46:02 GMT","end":"Sat, 14 Dec 2024 19:46:01 GMT"},"fingerprint":{"sha1":"0F:4E:B2:D7:96:B9:94:D0:35:66:76:6C:4B:16:18:49:DE:42:80:71","sha256":"B4:3D:3A:B6:67:6B:37:A7:E4:37:72:9C:D8:78:19:54:42:D6:E2:12:1F:92:06:04:F9:E5:21:A9:9D:0F:F1:88"}}},"request":{"raw":"GET /templates/logos/sedo_logo.png HTTP/1.1\r\nHost: img.sedoparking.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 09 Oct 2024 02:54:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 15086\r\naccess-control-allow-origin: *\r\ncache-control: max-age=604800\r\nexpires: Wed, 16 Oct 2024 02:54:30 GMT\r\nx-cfhash: \"def00c11b1596db4efee6a9fbe64fc27\"\r\nx-cff: B\r\nlast-modified: Mon, 11 Jan 2021 07:44:34 GMT\r\nx-cf3: H\r\ncf4age: 21299\r\nx-cf-tsc: 1711144658\r\ncf4ttl: 31514700.000\r\nx-cf2: H\r\nserver: CFS 1124\r\nx-cf-reqid: 09ae85982973ca79e748eb0fa8b5bba6\r\nx-cf1: 11696:fD.arn1:cf:nom:cacheN.arn1-01:H\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15086,"size_decoded":15086,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"def00c11b1596db4efee6a9fbe64fc27","sha1":"bd298981e6d8d7e4ffa18abcf687041f4246672d","sha256":"95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4","sha512":"c056e95dbfa1aab3a50dff18c6d577dbffea72c93316ffc53b6b7aa41dcc7707a810d563894589a7305de0b76610f88150b2034670de368773b2b356f14ad30f","ssdeep":"192:jiHSINqv0tJ30DezSfPAXTZwC3D2N2xp1Fd/ar/+zi3LHZNwkQH0iWpXDt3TN8rB:jzAnP9j","tlshash":"31623e0bfd4bc358ce50b23ae67c4bfb6361d8c1b090a7e257d9d51aafa7b014c9a011","first_seen":"2023-04-14T07:11:21Z","last_seen":"2026-05-19T10:04:17.170674Z","times_seen":231288,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"216.58.207.195","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:30.33166856Z","timestamp":1728442470331,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 09 Oct 2024 02:54:30 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"4ff7208fb83a9edda9cd21a0b0f43105","sha1":"1a237e612a2ee98ce04708bc03664381d6dccfcc","sha256":"3f5188545a1f2ac0d20b4d455098d7ce36ecec2de350a183b77b6f2512e08a6b","sha512":"a1e412d4bd05aa6624bed021b2fff4deeab54d1a2c0f991fc60117eb9036776247c2c8f85ddb9bbb9f0081ec86b0e9c21d885054d8db05833226fe171de79521","ssdeep":"","tlshash":"acf0d4182db97ce50d36140430bde8f9a491999640581558273de35050197f9e15677c","first_seen":"2024-10-08T18:44:57Z","last_seen":"2024-10-11T08:48:25.173049Z","times_seen":274,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"216.58.207.195","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:30.360102442Z","timestamp":1728442470360,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 09 Oct 2024 02:54:30 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"4ff7208fb83a9edda9cd21a0b0f43105","sha1":"1a237e612a2ee98ce04708bc03664381d6dccfcc","sha256":"3f5188545a1f2ac0d20b4d455098d7ce36ecec2de350a183b77b6f2512e08a6b","sha512":"a1e412d4bd05aa6624bed021b2fff4deeab54d1a2c0f991fc60117eb9036776247c2c8f85ddb9bbb9f0081ec86b0e9c21d885054d8db05833226fe171de79521","ssdeep":"","tlshash":"acf0d4182db97ce50d36140430bde8f9a491999640581558273de35050197f9e15677c","first_seen":"2024-10-08T18:44:57Z","last_seen":"2024-10-11T08:48:25.173049Z","times_seen":274,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads/i/iframe.html","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:30.224Z","timestamp":1728442470224,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Sep 2024 09:44:00 GMT","end":"Mon, 09 Dec 2024 09:43:59 GMT"},"fingerprint":{"sha1":"98:0A:EA:B7:A9:BE:F2:9D:18:4B:E6:C0:20:FA:9A:7A:D3:E3:73:A5","sha256":"03:E9:B7:31:42:11:7A:F8:3A:81:B0:0F:D6:15:AC:19:7C:56:31:A2:39:07:05:B2:AE:76:11:BB:48:55:C3:56"}}},"request":{"raw":"GET /afs/ads/i/iframe.html HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/html\r\ncontent-security-policy: script-src 'nonce-mOjFoAesHFzfZ0mNmCZ3XQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ncontent-length: 726\r\ndate: Wed, 09 Oct 2024 02:54:30 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, must-revalidate\r\nlast-modified: Tue, 17 Sep 2024 06:00:00 GMT\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":726,"size_decoded":1560,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1559)","md5":"b3b39eea47aebd8c56402e8b40ec0d2b","sha1":"dcd23920c2b81692a6228fbacc2ce412cfe5dc70","sha256":"664c6da7ab75198be70ead8a2a3a18382846f993a904657eb4316700d58952eb","sha512":"00f23d0047587b516c40a528bb187f19dd96f6027b7d463c66e3342d246d63790c93ee6baa859ca54f0150e6cf0a23c6f8973a0e694bbe35f93366088e284050","ssdeep":"","tlshash":"f831b1af4c50412f2d723d9d2d9bb604fa139414e445d5d0c58cf4693db9fc7882aaf4","first_seen":"2024-10-11T08:43:29.535326Z","last_seen":"2024-10-11T08:43:29.535326Z","times_seen":1,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":137,"dns":40,"connect":21,"send":0,"wait":23,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?adsafe=low\u0026adtest=off\u0026psid=9330244380\u0026channel=%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjg0NDI0NjkmdGNpZD13dzE2LnZvZnljb3QuY29tNjcwNWYwNjVjMmU0MjguNzc4MDc4NDMmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPVIyUjVkZWNPeDc3Mk9DbU5kZlox\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=9771728442470214\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=2\u0026u_his=2\u0026u_tz=0\u0026dt=1728442470223\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=999\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=681010707\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20241009-1349-43b4-b33f-a875bbcfa9bc","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:30.234Z","timestamp":1728442470234,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Sep 2024 09:44:00 GMT","end":"Mon, 09 Dec 2024 09:43:59 GMT"},"fingerprint":{"sha1":"98:0A:EA:B7:A9:BE:F2:9D:18:4B:E6:C0:20:FA:9A:7A:D3:E3:73:A5","sha256":"03:E9:B7:31:42:11:7A:F8:3A:81:B0:0F:D6:15:AC:19:7C:56:31:A2:39:07:05:B2:AE:76:11:BB:48:55:C3:56"}}},"request":{"raw":"GET /afs/ads?adsafe=low\u0026adtest=off\u0026psid=9330244380\u0026channel=%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjg0NDI0NjkmdGNpZD13dzE2LnZvZnljb3QuY29tNjcwNWYwNjVjMmU0MjguNzc4MDc4NDMmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPVIyUjVkZWNPeDc3Mk9DbU5kZlox\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=9771728442470214\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=2\u0026u_his=2\u0026u_tz=0\u0026dt=1728442470223\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=999\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=681010707\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20241009-1349-43b4-b33f-a875bbcfa9bc HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-disposition: inline\r\ndate: Wed, 09 Oct 2024 02:54:30 GMT\r\nexpires: Wed, 09 Oct 2024 02:54:30 GMT\r\ncache-control: private, max-age=3600\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-2AVHuY9btJTbMQUtvvSNnw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 3004\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3004,"size_decoded":14426,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (13614)","md5":"7b94250ab1ee63cf0b60afd03aa56d1d","sha1":"0e298a766ffd29061949c554aee604c6fef1bcbc","sha256":"722bff9a7850802e282f3c6418ba1a1c8898b06fc58c0662c830b98bfb166aeb","sha512":"0868297ffbd89e935e0a41bccd9e6170b218839c7d0e2d83c77ad3318c60bdd8ce56da8e7af4597d6b28b6813d4be498d1d455607a5159969a49cfd33fb83256","ssdeep":"192:GE12iMpgbkUABJh6VMWrwaXCJ+bxCrIlGqV5y26yWke:Gni0B/66WRNlGqXy2eke","tlshash":"2652563764a2271d5903dc5417266f6ed181d43ac46b31f948a35f25c7ebf824be228e","first_seen":"2024-10-11T08:43:29.53716Z","last_seen":"2024-10-11T08:43:29.53716Z","times_seen":1,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":98,"dns":30,"connect":7,"send":0,"wait":76,"receive":1,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"216.58.207.195","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:30.476878983Z","timestamp":1728442470476,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 09 Oct 2024 02:54:30 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"4ff7208fb83a9edda9cd21a0b0f43105","sha1":"1a237e612a2ee98ce04708bc03664381d6dccfcc","sha256":"3f5188545a1f2ac0d20b4d455098d7ce36ecec2de350a183b77b6f2512e08a6b","sha512":"a1e412d4bd05aa6624bed021b2fff4deeab54d1a2c0f991fc60117eb9036776247c2c8f85ddb9bbb9f0081ec86b0e9c21d885054d8db05833226fe171de79521","ssdeep":"","tlshash":"acf0d4182db97ce50d36140430bde8f9a491999640581558273de35050197f9e15677c","first_seen":"2024-10-08T18:44:57Z","last_seen":"2024-10-11T08:48:25.173049Z","times_seen":274,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"216.58.207.195","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:30.789294083Z","timestamp":1728442470789,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 09 Oct 2024 02:54:30 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"34fb1e08eebd7a54261f4f4875429675","sha1":"4115c69280c91fabb624134d33c90c8a1d6a7ba3","sha256":"cc63f81cfe774e57ee37083d43357f19fbcbdbd6e874bde1fc793074428d5c2b","sha512":"1a717bbf86b68e15e1d697734d6d7321dd7057851bbcaa1b7ef9ec4173270721f71b08967f8f1136e89a45c23a3d791cffce0400909bfb97931a770cb25bb35a","ssdeep":"","tlshash":"6af0236c9e7dfea24f53a824a9bc6d0a3c128d29744ccf05393993e0309976ec24d735","first_seen":"2024-10-08T18:12:17Z","last_seen":"2024-10-11T08:48:38.281514Z","times_seen":387,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"216.58.207.195","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:30.805545384Z","timestamp":1728442470805,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 09 Oct 2024 02:54:30 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"34fb1e08eebd7a54261f4f4875429675","sha1":"4115c69280c91fabb624134d33c90c8a1d6a7ba3","sha256":"cc63f81cfe774e57ee37083d43357f19fbcbdbd6e874bde1fc793074428d5c2b","sha512":"1a717bbf86b68e15e1d697734d6d7321dd7057851bbcaa1b7ef9ec4173270721f71b08967f8f1136e89a45c23a3d791cffce0400909bfb97931a770cb25bb35a","ssdeep":"","tlshash":"6af0236c9e7dfea24f53a824a9bc6d0a3c128d29744ccf05393993e0309976ec24d735","first_seen":"2024-10-08T18:12:17Z","last_seen":"2024-10-11T08:48:38.281514Z","times_seen":387,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.129","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?adsafe=low\u0026adtest=off\u0026psid=9330244380\u0026channel=%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjg0NDI0NjkmdGNpZD13dzE2LnZvZnljb3QuY29tNjcwNWYwNjVjMmU0MjguNzc4MDc4NDMmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPVIyUjVkZWNPeDc3Mk9DbU5kZlox\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=9771728442470214\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=2\u0026u_his=2\u0026u_tz=0\u0026dt=1728442470223\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=999\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=681010707\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:30.693Z","timestamp":1728442470693,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Sep 2024 09:32:18 GMT","end":"Mon, 09 Dec 2024 09:32:17 GMT"},"fingerprint":{"sha1":"E4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38","sha256":"19:AC:21:73:69:EA:05:4D:88:DD:89:E2:42:EA:A3:24:18:53:D0:7D:DD:DC:AE:23:D0:06:A7:A5:33:02:A1:2D"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 273\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 08 Oct 2024 19:42:00 GMT\r\nexpires: Wed, 09 Oct 2024 18:42:00 GMT\r\ncache-control: public, max-age=82800\r\nage: 25950\r\nlast-modified: Thu, 20 Jul 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":273,"size_decoded":391,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6751e07e0f93bd43ab90822f4b2eb62a","sha1":"d1d0c6f0b4697b0a4e61ffbf171e8c60eac7c832","sha256":"ff563f41765da081fe9fd40e8bb33a623df033b10050a8ae8c1b46e15107d8f1","sha512":"a00080e16354a0193a31cb848cbbd81afebf9253bece0b81003027fd9435a060af56c520d0c003d91086105616cf0511f54c12cfbda261fe917d054aef8b0c79","ssdeep":"","tlshash":"66e0a2ea82842c048a8543b0ed08a2a002eff076130c90bbc1a0e6f8b0088aaacd2604","first_seen":"2023-04-14T22:04:42Z","last_seen":"2026-04-30T15:48:15.782678Z","times_seen":36067,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":118,"dns":2,"connect":21,"send":0,"wait":40,"receive":11,"ssl":88},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.129","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?adsafe=low\u0026adtest=off\u0026psid=9330244380\u0026channel=%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjg0NDI0NjkmdGNpZD13dzE2LnZvZnljb3QuY29tNjcwNWYwNjVjMmU0MjguNzc4MDc4NDMmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPVIyUjVkZWNPeDc3Mk9DbU5kZlox\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=9771728442470214\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=2\u0026u_his=2\u0026u_tz=0\u0026dt=1728442470223\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=999\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=681010707\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:30.691Z","timestamp":1728442470691,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Sep 2024 09:32:18 GMT","end":"Mon, 09 Dec 2024 09:32:17 GMT"},"fingerprint":{"sha1":"E4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38","sha256":"19:AC:21:73:69:EA:05:4D:88:DD:89:E2:42:EA:A3:24:18:53:D0:7D:DD:DC:AE:23:D0:06:A7:A5:33:02:A1:2D"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 08 Oct 2024 13:05:51 GMT\r\nexpires: Wed, 09 Oct 2024 12:05:51 GMT\r\ncache-control: public, max-age=82800\r\nage: 49719\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":174,"size_decoded":200,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"11b3089d616633ca6b73b57aa877eeb4","sha1":"07632f63e06b30d9b63c97177d3a8122629bda9b","sha256":"809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1","sha512":"079b0e35b479dfdbe64a987661000f4a034b10688e26f2a5fe6aaa807e81ccc5593d40609b731ab3340e687d83dd08de4b8b1e01cdac9d4523a9f6bb3acfcba0","ssdeep":"","tlshash":"d9d02291c2182d28441e82e0c37c312600fab0a2634c00dcfa80e300b20c9abb861669","first_seen":"2023-04-06T23:53:06Z","last_seen":"2026-05-03T22:11:49.614123Z","times_seen":412187,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":184,"dns":0,"connect":21,"send":0,"wait":25,"receive":0,"ssl":154},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:31.025448745Z","timestamp":1728442471025,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9281\r\nExpires: Wed, 09 Oct 2024 05:29:12 GMT\r\nDate: Wed, 09 Oct 2024 02:54:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aa746f2452828a39148ef2ed129c14f6","sha1":"aab2904047696ac367e2bfc0ffb1ba44c9c84256","sha256":"5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7","sha512":"4c74b97bc4bd38e0b7f46de86629b399a71d4aa41e536362ded439aaf69c5bf690dc1fc66cb583193bd8ead6f7e982da960c0490f1ba4620f650a2117b8efe19","ssdeep":"","tlshash":"23f005913f15b8e00f746485e87584235d7b4dd5bc00e69a53a8a7d467543fd15d050c","first_seen":"2024-10-08T11:30:21Z","last_seen":"2024-10-11T08:52:19.931081Z","times_seen":8574,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:31.027296602Z","timestamp":1728442471027,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9281\r\nExpires: Wed, 09 Oct 2024 05:29:12 GMT\r\nDate: Wed, 09 Oct 2024 02:54:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aa746f2452828a39148ef2ed129c14f6","sha1":"aab2904047696ac367e2bfc0ffb1ba44c9c84256","sha256":"5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7","sha512":"4c74b97bc4bd38e0b7f46de86629b399a71d4aa41e536362ded439aaf69c5bf690dc1fc66cb583193bd8ead6f7e982da960c0490f1ba4620f650a2117b8efe19","ssdeep":"","tlshash":"23f005913f15b8e00f746485e87584235d7b4dd5bc00e69a53a8a7d467543fd15d050c","first_seen":"2024-10-08T11:30:21Z","last_seen":"2024-10-11T08:52:19.931081Z","times_seen":8574,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:31.122383742Z","timestamp":1728442471122,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9281\r\nExpires: Wed, 09 Oct 2024 05:29:12 GMT\r\nDate: Wed, 09 Oct 2024 02:54:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aa746f2452828a39148ef2ed129c14f6","sha1":"aab2904047696ac367e2bfc0ffb1ba44c9c84256","sha256":"5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7","sha512":"4c74b97bc4bd38e0b7f46de86629b399a71d4aa41e536362ded439aaf69c5bf690dc1fc66cb583193bd8ead6f7e982da960c0490f1ba4620f650a2117b8efe19","ssdeep":"","tlshash":"23f005913f15b8e00f746485e87584235d7b4dd5bc00e69a53a8a7d467543fd15d050c","first_seen":"2024-10-08T11:30:21Z","last_seen":"2024-10-11T08:52:19.931081Z","times_seen":8574,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:31.123549818Z","timestamp":1728442471123,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9281\r\nExpires: Wed, 09 Oct 2024 05:29:12 GMT\r\nDate: Wed, 09 Oct 2024 02:54:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aa746f2452828a39148ef2ed129c14f6","sha1":"aab2904047696ac367e2bfc0ffb1ba44c9c84256","sha256":"5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7","sha512":"4c74b97bc4bd38e0b7f46de86629b399a71d4aa41e536362ded439aaf69c5bf690dc1fc66cb583193bd8ead6f7e982da960c0490f1ba4620f650a2117b8efe19","ssdeep":"","tlshash":"23f005913f15b8e00f746485e87584235d7b4dd5bc00e69a53a8a7d467543fd15d050c","first_seen":"2024-10-08T11:30:21Z","last_seen":"2024-10-11T08:52:19.931081Z","times_seen":8574,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:31.126270772Z","timestamp":1728442471126,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7\"\r\nLast-Modified: Tue, 08 Oct 2024 04:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9281\r\nExpires: Wed, 09 Oct 2024 05:29:12 GMT\r\nDate: Wed, 09 Oct 2024 02:54:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aa746f2452828a39148ef2ed129c14f6","sha1":"aab2904047696ac367e2bfc0ffb1ba44c9c84256","sha256":"5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7","sha512":"4c74b97bc4bd38e0b7f46de86629b399a71d4aa41e536362ded439aaf69c5bf690dc1fc66cb583193bd8ead6f7e982da960c0490f1ba4620f650a2117b8efe19","ssdeep":"","tlshash":"23f005913f15b8e00f746485e87584235d7b4dd5bc00e69a53a8a7d467543fd15d050c","first_seen":"2024-10-08T11:30:21Z","last_seen":"2024-10-11T08:52:19.931081Z","times_seen":8574,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"216.58.207.195","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-09T02:54:31.153404098Z","timestamp":1728442471153,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 09 Oct 2024 02:54:31 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"34fb1e08eebd7a54261f4f4875429675","sha1":"4115c69280c91fabb624134d33c90c8a1d6a7ba3","sha256":"cc63f81cfe774e57ee37083d43357f19fbcbdbd6e874bde1fc793074428d5c2b","sha512":"1a717bbf86b68e15e1d697734d6d7321dd7057851bbcaa1b7ef9ec4173270721f71b08967f8f1136e89a45c23a3d791cffce0400909bfb97931a770cb25bb35a","ssdeep":"","tlshash":"6af0236c9e7dfea24f53a824a9bc6d0a3c128d29744ccf05393993e0309976ec24d735","first_seen":"2024-10-08T18:12:17Z","last_seen":"2024-10-11T08:48:38.281514Z","times_seen":387,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=76qqu0s04iwp\u0026aqid=ZvAFZ5SXFoGViM0PpfjH8Qk\u0026psid=9330244380\u0026pbt=bs\u0026adbx=406.66668701171875\u0026adby=134.64999389648438\u0026adbh=533\u0026adbw=467\u0026adbah=171%2C171%2C171\u0026adbn=master-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=681010707\u0026csala=17%7C0%7C315%7C81%7C49\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:32.179Z","timestamp":1728442472179,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Sep 2024 09:44:00 GMT","end":"Mon, 09 Dec 2024 09:43:59 GMT"},"fingerprint":{"sha1":"98:0A:EA:B7:A9:BE:F2:9D:18:4B:E6:C0:20:FA:9A:7A:D3:E3:73:A5","sha256":"03:E9:B7:31:42:11:7A:F8:3A:81:B0:0F:D6:15:AC:19:7C:56:31:A2:39:07:05:B2:AE:76:11:BB:48:55:C3:56"}}},"request":{"raw":"GET /afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=76qqu0s04iwp\u0026aqid=ZvAFZ5SXFoGViM0PpfjH8Qk\u0026psid=9330244380\u0026pbt=bs\u0026adbx=406.66668701171875\u0026adby=134.64999389648438\u0026adbh=533\u0026adbw=467\u0026adbah=171%2C171%2C171\u0026adbn=master-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=681010707\u0026csala=17%7C0%7C315%7C81%7C49\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-XucmQfq_MPIomKep6FIucw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Wed, 09 Oct 2024 02:54:32 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T10:11:22.122616Z","times_seen":15434026,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=q5psnln4f33n\u0026aqid=ZvAFZ5SXFoGViM0PpfjH8Qk\u0026pbt=bs\u0026adbx=490\u0026adby=807.6500244140625\u0026adbh=17\u0026adbw=300\u0026adbn=slave-1-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=681010707\u0026csala=7%7C0%7C325%7C81%7C49\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:32.185Z","timestamp":1728442472185,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Sep 2024 09:44:00 GMT","end":"Mon, 09 Dec 2024 09:43:59 GMT"},"fingerprint":{"sha1":"98:0A:EA:B7:A9:BE:F2:9D:18:4B:E6:C0:20:FA:9A:7A:D3:E3:73:A5","sha256":"03:E9:B7:31:42:11:7A:F8:3A:81:B0:0F:D6:15:AC:19:7C:56:31:A2:39:07:05:B2:AE:76:11:BB:48:55:C3:56"}}},"request":{"raw":"GET /afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=q5psnln4f33n\u0026aqid=ZvAFZ5SXFoGViM0PpfjH8Qk\u0026pbt=bs\u0026adbx=490\u0026adby=807.6500244140625\u0026adbh=17\u0026adbw=300\u0026adbn=slave-1-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=681010707\u0026csala=7%7C0%7C325%7C81%7C49\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3e8yKcwTkb6TWKpW2VJqwA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Wed, 09 Oct 2024 02:54:32 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T10:11:22.122616Z","times_seen":15434026,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=2012ag4mbmvs\u0026aqid=ZvAFZ5SXFoGViM0PpfjH8Qk\u0026psid=9330244380\u0026pbt=bv\u0026adbx=406.66668701171875\u0026adby=134.64999389648438\u0026adbh=533\u0026adbw=467\u0026adbah=171%2C171%2C171\u0026adbn=master-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=681010707\u0026csala=17%7C0%7C315%7C81%7C49\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:32.680Z","timestamp":1728442472680,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Sep 2024 09:44:00 GMT","end":"Mon, 09 Dec 2024 09:43:59 GMT"},"fingerprint":{"sha1":"98:0A:EA:B7:A9:BE:F2:9D:18:4B:E6:C0:20:FA:9A:7A:D3:E3:73:A5","sha256":"03:E9:B7:31:42:11:7A:F8:3A:81:B0:0F:D6:15:AC:19:7C:56:31:A2:39:07:05:B2:AE:76:11:BB:48:55:C3:56"}}},"request":{"raw":"GET /afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=2012ag4mbmvs\u0026aqid=ZvAFZ5SXFoGViM0PpfjH8Qk\u0026psid=9330244380\u0026pbt=bv\u0026adbx=406.66668701171875\u0026adby=134.64999389648438\u0026adbh=533\u0026adbw=467\u0026adbah=171%2C171%2C171\u0026adbn=master-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=681010707\u0026csala=17%7C0%7C315%7C81%7C49\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-E92-S1ZPdU5_VeIhCGQWRQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Wed, 09 Oct 2024 02:54:32 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T10:11:22.122616Z","times_seen":15434026,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=3qlfc29r9od2\u0026aqid=ZvAFZ5SXFoGViM0PpfjH8Qk\u0026pbt=bv\u0026adbx=490\u0026adby=807.6500244140625\u0026adbh=17\u0026adbw=300\u0026adbn=slave-1-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=681010707\u0026csala=7%7C0%7C325%7C81%7C49\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:32.682Z","timestamp":1728442472682,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Sep 2024 09:44:00 GMT","end":"Mon, 09 Dec 2024 09:43:59 GMT"},"fingerprint":{"sha1":"98:0A:EA:B7:A9:BE:F2:9D:18:4B:E6:C0:20:FA:9A:7A:D3:E3:73:A5","sha256":"03:E9:B7:31:42:11:7A:F8:3A:81:B0:0F:D6:15:AC:19:7C:56:31:A2:39:07:05:B2:AE:76:11:BB:48:55:C3:56"}}},"request":{"raw":"GET /afs/gen_204?client=dp-sedo85_3ph\u0026output=uds_ads_only\u0026zx=3qlfc29r9od2\u0026aqid=ZvAFZ5SXFoGViM0PpfjH8Qk\u0026pbt=bv\u0026adbx=490\u0026adby=807.6500244140625\u0026adbh=17\u0026adbw=300\u0026adbn=slave-1-1\u0026eawp=partner-dp-sedo85_3ph\u0026errv=681010707\u0026csala=7%7C0%7C325%7C81%7C49\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-w16BZUZmsiLccdn02YXucQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Wed, 09 Oct 2024 02:54:32 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T10:11:22.122616Z","times_seen":15434026,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://syndicatedsearch.goog/afs/ads?adsafe=low\u0026adtest=off\u0026psid=9330244380\u0026channel=%2Cexp-0051%2Cauxa-control-1%2C10450790\u0026client=dp-sedo85_3ph\u0026r=m\u0026hl=no\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww16.vofycot.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjg0NDI0NjkmdGNpZD13dzE2LnZvZnljb3QuY29tNjcwNWYwNjVjMmU0MjguNzc4MDc4NDMmdGFzaz1zZWFyY2gmZG9tYWluPXZvZnljb3QuY29tJmFfaWQ9MyZzZXNzaW9uPVIyUjVkZWNPeDc3Mk9DbU5kZlox\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2106557024922479\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3%7Cs\u0026nocache=9771728442470214\u0026num=0\u0026output=afd_ads\u0026domain_name=ww16.vofycot.com\u0026v=3\u0026bsl=8\u0026pac=2\u0026u_his=2\u0026u_tz=0\u0026dt=1728442470223\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=999\u0026frm=0\u0026uio=--\u0026cont=rb-default\u0026drt=0\u0026jsid=caf\u0026jsv=681010707\u0026rurl=https%3A%2F%2Fww16.vofycot.com%2Flogin.php%3Fsub1%3D20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:30.515Z","timestamp":1728442470515,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Sep 2024 09:44:00 GMT","end":"Mon, 09 Dec 2024 09:43:59 GMT"},"fingerprint":{"sha1":"98:0A:EA:B7:A9:BE:F2:9D:18:4B:E6:C0:20:FA:9A:7A:D3:E3:73:A5","sha256":"03:E9:B7:31:42:11:7A:F8:3A:81:B0:0F:D6:15:AC:19:7C:56:31:A2:39:07:05:B2:AE:76:11:BB:48:55:C3:56"}}},"request":{"raw":"GET /adsense/domains/caf.js HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Wed, 09 Oct 2024 02:54:30 GMT\r\nexpires: Wed, 09 Oct 2024 02:54:30 GMT\r\ncache-control: private, max-age=3600\r\netag: \"15838387115246319480\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":153131,"size_decoded":153131,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1879)","md5":"4c7edc182344882216d6d4d7dc46231f","sha1":"4b981e96e6b665ede4426a89d121d4ae878a76da","sha256":"6570292e68a16b7f4a51f9672e5f1028112066252c27273ede1f061bb104bb5e","sha512":"481a0b356c1b0b3b9bb0a5e096e262cf7797a1d84d83ef38760b7ccb81aae73b31ce1df17a415d9422af52fcdd62191156d3c14f32c28b37db47af35e576a232","ssdeep":"1536:eSG6arvU/wAQWPyXpKHhitCnAyYHLaUbxijIHWvxDZz7/wurgsjWbcbWgQWZpVqk:bH1YrCIHWpDB74u7RzqNYPCfaQBZwK0j","tlshash":"79e36cdd77a5702253a394b4607f118fb23af895e80889b4b098c8e47c78d991277fbd","first_seen":"2024-10-02T16:05:43Z","last_seen":"2024-10-11T09:19:25.033117Z","times_seen":350,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","date":"2024-10-09T02:54:29.978Z","timestamp":1728442469978,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Sep 2024 09:36:05 GMT","end":"Mon, 09 Dec 2024 09:36:04 GMT"},"fingerprint":{"sha1":"AD:02:8F:37:49:83:F2:82:0C:84:E9:B4:A4:19:E5:DC:D0:D6:62:C9","sha256":"4E:C8:17:3A:E2:E7:3B:96:E6:C4:DA:CF:56:5A:87:AD:DF:5D:D7:01:08:59:5A:3B:06:81:CD:8E:36:5C:29:EE"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww16.vofycot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Wed, 09 Oct 2024 02:54:30 GMT\r\nexpires: Wed, 09 Oct 2024 02:54:30 GMT\r\ncache-control: private, max-age=3600\r\netag: \"8792537726396116611\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":153115,"size_decoded":153115,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1879)","md5":"1217ad48dffc6a9f925b6fd708780429","sha1":"41cd7b64f11c25505b79bcd615f9947a9ec713d7","sha256":"249ce52b32ab30357a9b061f78b007c3a913ac7ff524d4341372a32770dde660","sha512":"fa22cb8fd9efcd9548eecca0f8098d8302df320dee31baebb815d30b01285bd6af743e61d331643cfa3feba78aaa59be16403afcf1d3aec05ca6849544c225a7","ssdeep":"1536:2SG6arvU/wAQWPyXpKHhitCnAyYHLaUbxijIHWvxDZz7/wurgsjWbcbWgQWZpVqk:zH1YrCIHWpDB74u7RzqNYPCfaQBZwK0j","tlshash":"28e36cdd77a5702253a394b4607f118fb23af895e80889b4b098c8e47c78d991277fbd","first_seen":"2024-10-02T15:28:46Z","last_seen":"2024-10-11T09:19:45.451364Z","times_seen":399,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":84,"dns":1,"connect":8,"send":0,"wait":18,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww16.vofycot.com/login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc","fqdn":"ww16.vofycot.com","domain":"vofycot.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-10-09T02:54:29.202Z","timestamp":1728442469202,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww16.vofycot.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Thu, 02 Nov 2023 00:00:00 GMT","end":"Sat, 02 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"77:E9:D4:A2:BA:16:65:DB:42:BE:75:37:14:8C:76:AC:69:F6:79:69","sha256":"35:FC:2C:4E:46:BE:81:6A:DF:9F:FD:53:6B:0C:DA:1C:B9:F1:BF:8B:45:09:D0:DE:8A:54:86:04:AF:F1:84:43"}}},"request":{"raw":"GET /login.php?sub1=20241009-1349-43b4-b33f-a875bbcfa9bc HTTP/1.1\r\nHost: ww16.vofycot.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 09 Oct 2024 02:54:29 GMT\r\nexpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nlast-modified: Wed, 09 Oct 2024 02:54:29 GMT\r\npragma: no-cache\r\nserver: Parking/1.0\r\nvary: Accept-Encoding\r\nx-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_rvpY8cdM2tfCNRCOjpDoK5gM8oYyW4jJPNBnOnor9aELW0VMbr2TZpVDdz7QmK+LuiuxZa/K0HmmaVIgDO+cig==\r\nx-cache-miss-from: parking-5879f9b8c8-gtbjb\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25030,"size_decoded":25030,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T10:11:22.122616Z","times_seen":15434026,"resource_available":true,"data":null}},"time_used":1200,"timings":{"blocked":564,"dns":1,"connect":24,"send":0,"wait":58,"receive":0,"ssl":550},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-08","alert":"Sinkholed","trigger":"vofycot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}