{"report_id":"df40197e-2e4e-4786-8fc9-4ff01bcd2155","version":6,"status":"done","tags":[],"date":"2025-09-04T01:26:49Z","url":{"schema":"http","addr":"ww25.fp7sn1tuog.facevideosc.com/","fqdn":"ww25.fp7sn1tuog.facevideosc.com","domain":"facevideosc.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"ww25.fp7sn1tuog.facevideosc.com/","fqdn":"ww25.fp7sn1tuog.facevideosc.com","domain":"facevideosc.com","tld":"com"},"title":"facevideosc.com"},"submit":{"url":{"schema":"http","addr":"ww25.fp7sn1tuog.facevideosc.com/","fqdn":"ww25.fp7sn1tuog.facevideosc.com","domain":"facevideosc.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-09T01:26:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"ww25.fp7sn1tuog.facevideosc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"afs.googleusercontent.com","ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":65181,"first_seen":"2013-05-06T19:11:00Z","last_seen":"2025-09-03T21:42:03.273036Z","alert_count":0,"request_count":2,"received_data":2046,"sent_data":1006,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ww25.fp7sn1tuog.facevideosc.com","ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2022-05-16","domain_rank":0,"first_seen":"2025-09-04T01:26:49.758814Z","last_seen":"2025-09-04T01:26:49.758814Z","alert_count":5,"request_count":5,"received_data":46458,"sent_data":2411,"comment":"","tags":null,"fingerprints":null},{"fqdn":"syndicatedsearch.goog","ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":5365,"first_seen":"2023-09-25T09:30:59Z","last_seen":"2025-09-03T16:51:55.337155Z","alert_count":0,"request_count":4,"received_data":175802,"sent_data":3225,"comment":"","tags":null,"fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.68","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-09-03T15:14:31.261741Z","alert_count":0,"request_count":1,"received_data":160316,"sent_data":457,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"ww25.fp7sn1tuog.facevideosc.com/bPTtoyOXT.js","fqdn":"ww25.fp7sn1tuog.facevideosc.com","domain":"facevideosc.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"958df7937adfec9bc20b14b7fff891f8","sha1":"bd45611bceae0cdda0fb3c3b9445b6f0eed4995c","sha256":"40c39476fa8cec4a8d5eed23acc6c6a99d686b58eb16fff4ee199eac5f8f0619","sha512":"0586e20b3bdefe90612c16df0206fedcb048cb2bec475b01a32a3c94fabc13aaf90f44db2615bda3cf8f790ce6f063b6328b30c42f4ddc8d0f36c08ab5b1c256","ssdeep":"768:TP2y1o5VcJ7n85NdxBB5gPzGIPNMalnEE0xNE2X0Ddem+euROgvMzLXWI+6l8XOD:TualnEE0xNEGR+4M","tlshash":"98033ab23ab7e07046e2c5dae8779215f338214a3405c068f96cc8de3a5e947d73ab75","size":38577,"data":"","first_seen":"2025-08-25T22:40:35.311663Z","last_seen":"2025-10-15T16:11:44.232108Z","times_seen":35895,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.68","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d60762b9059f1ae1e9599989fe6827d1","sha1":"2703df039cbea141df1291c1f986b4735801d284","sha256":"7defc980dbc4338276674794064b909dfca51df05cb0cd827c005628e1b9285c","sha512":"e1bed50512cdefb4dcb62dd24cbd189f5d2915fd8c4ba2cccf3caa4f597ba0614b8387006f0dc344f9495bcb60ef30ef7f3057ac8a235ffabf18d64d00fa9bf1","ssdeep":"3072:ax21p5LJKmsOnAm4sFATSaZUbzRdbHIf5Nc2:RqOn7FAVIzRdb6/","tlshash":"7bf33bcd77a1302253b3a4b4603f018fb139b865a84c88a4f199d8e47db4da94277fbd","size":159600,"data":"","first_seen":"2025-08-27T18:14:26.982259Z","last_seen":"2025-09-04T14:31:06.127568Z","times_seen":2158,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol101%2Cpid-bodis-gcontrol405%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3\u0026nocache=8591756949187906\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.fp7sn1tuog.facevideosc.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1756949187908\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=799174932\u0026rurl=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"01b2eebb1a993aacfa9b356a90992b53","sha1":"a26055cd3a0a4131b518787bf2790455df1cb123","sha256":"a471fd9dcc390d9bec42b619286c97a121fbe238c96077d87392c65541b0f2af","sha512":"57641c0240275ae5d62d28ab90893c2e8240f805d908e8665513a2e425e6c6239994db6e3d0abad6aabaf546f72dded2abd6b2e3273fd1997407ee0ce2cd5e54","ssdeep":"","tlshash":"f7f0c0d93da84a32c56305554e0f3fa0645958b0328b1549a41eb49f10bcfae561c0be","size":518,"data":"","first_seen":"2025-09-04T01:26:51.247995Z","last_seen":"2025-09-04T01:26:51.247995Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e9a5e1eb157de4ba5324f2361fe7a97f","sha1":"3783ea6a4a031dd5a8cc743929807b6bbc582458","sha256":"0886dd976a54fea44b810617b1a8acc0c8af8e5c9256e32f6c4a6380872695df","sha512":"60f7af46f145a4c7a24cdf45b895e75eb01e6dfd790de8743ad0a097e06064e68ed19bc07328fa95a9efb7b9acd7178357c09961e14c83d1a2f7b9ec126e31db","ssdeep":"3072:pM21p5LJKmsOnAm4sFA8D948z1ledKLPzT:bqOn7FAu48z1leyH","tlshash":"10f33bdd73a1302253b3a4b5603f018fb139b865a84c88a4f199d8e47db4da94277fbd","size":159430,"data":"","first_seen":"2025-09-03T15:14:02.192605Z","last_seen":"2025-09-08T15:39:22.468667Z","times_seen":1558,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.fp7sn1tuog.facevideosc.com/","fqdn":"ww25.fp7sn1tuog.facevideosc.com","domain":"facevideosc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"309947d5f989456e1c6fe54f464dcdab","sha1":"78f4177ddb90bee147c896b8b97cc3babca5a173","sha256":"677d914d7b90fcbc336ea0297484368476a262246b25153a57c4aa66c1cbfdab","sha512":"f87b419beabe55766b3d528af421188ced054e7c412d9d519f9132e5513c74281a8f06be64db8e961043dcec32f5c650c75b2cf759f09e484082040bf37eb4a2","ssdeep":"","tlshash":"35e0206e153d5fddd031196701575fcc569835f4147061c4b7908c57276549b1014d8f","size":341,"data":"","first_seen":"2025-09-04T01:26:51.249121Z","last_seen":"2025-09-04T01:26:51.249121Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol101%2Cpid-bodis-gcontrol405%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3\u0026nocache=8591756949187906\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.fp7sn1tuog.facevideosc.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1756949187908\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=799174932\u0026rurl=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F","date":"2025-09-04T01:26:28.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:20 GMT","end":"Mon, 03 Nov 2025 19:22:19 GMT"},"fingerprint":{"sha1":"88:F3:63:1A:B3:46:51:62:85:98:6A:BC:EC:9A:45:3F:B7:DB:9B:D1","sha256":"8E:77:81:97:96:97:F0:EB:73:BD:00:AE:27:6B:F5:00:8D:E5:03:E7:B8:43:1D:6F:25:1E:2E:32:BE:6B:AC:8F"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 03 Sep 2025 16:16:33 GMT\r\nexpires: Thu, 04 Sep 2025 15:16:33 GMT\r\ncache-control: public, max-age=82800\r\nage: 32995\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"11b3089d616633ca6b73b57aa877eeb4","sha1":"07632f63e06b30d9b63c97177d3a8122629bda9b","sha256":"809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1","sha512":"079b0e35b479dfdbe64a987661000f4a034b10688e26f2a5fe6aaa807e81ccc5593d40609b731ab3340e687d83dd08de4b8b1e01cdac9d4523a9f6bb3acfcba0","ssdeep":"","tlshash":"d9d02291c2182d28441e82e0c37c312600fab0a2634c00dcfa80e300b20c9abb861669","first_seen":"2023-04-06T23:53:06Z","last_seen":"2026-04-01T02:57:50.32115Z","times_seen":412182,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":118,"dns":1,"connect":14,"send":0,"wait":15,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.fp7sn1tuog.facevideosc.com/_tr","fqdn":"ww25.fp7sn1tuog.facevideosc.com","domain":"facevideosc.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ww25.fp7sn1tuog.facevideosc.com/","date":"2025-09-04T01:26:28.339Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /_tr HTTP/1.1\r\nHost: ww25.fp7sn1tuog.facevideosc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ww25.fp7sn1tuog.facevideosc.com/\r\nContent-Type: application/json\r\nContent-Length: 1853\r\nOrigin: http://ww25.fp7sn1tuog.facevideosc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=8228c80b-89e5-4555-a8cf-39fae73c8f98\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Thu, 04 Sep 2025 01:26:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 2\r\nx-request-id: 38cfd143-1cb5-4675-add5-7ef7ddae6596\r\nset-cookie: parking_session=8228c80b-89e5-4555-a8cf-39fae73c8f98; expires=Thu, 04 Sep 2025 01:41:28 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-03T22:25:21.128255Z","times_seen":390643,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"ww25.fp7sn1tuog.facevideosc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=xlnfi0e7ae01\u0026cd_fexp=72717108\u0026aqid=xOq4aJDeA6DAiM0P8PiwkQQ\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=177.39999389648438\u0026adbh=364\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=799174932\u0026csala=5%7C0%7C309%7C61%7C11\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww25.fp7sn1tuog.facevideosc.com/","date":"2025-09-04T01:26:29.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:24:31 GMT","end":"Mon, 03 Nov 2025 19:24:30 GMT"},"fingerprint":{"sha1":"5E:62:EE:6D:81:E9:F8:6E:FA:06:82:95:D8:F6:9B:A9:43:E1:F2:C3","sha256":"92:9B:2D:E2:90:F3:DD:C2:42:67:1F:2B:AF:BE:00:1A:B0:D7:4B:4D:C6:0E:96:C5:64:7A:B9:A1:62:82:18:21"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=xlnfi0e7ae01\u0026cd_fexp=72717108\u0026aqid=xOq4aJDeA6DAiM0P8PiwkQQ\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=177.39999389648438\u0026adbh=364\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=799174932\u0026csala=5%7C0%7C309%7C61%7C11\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.fp7sn1tuog.facevideosc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-SUxYi_cSY4ocvYksdv3Z4g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Thu, 04 Sep 2025 01:26:29 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww25.fp7sn1tuog.facevideosc.com/","fqdn":"ww25.fp7sn1tuog.facevideosc.com","domain":"facevideosc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-04T01:26:26.996Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ww25.fp7sn1tuog.facevideosc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":190,"dns":0,"connect":1,"send":0,"wait":0,"receive":0,"ssl":75},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"ww25.fp7sn1tuog.facevideosc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww25.fp7sn1tuog.facevideosc.com/_fd","fqdn":"ww25.fp7sn1tuog.facevideosc.com","domain":"facevideosc.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ww25.fp7sn1tuog.facevideosc.com/","date":"2025-09-04T01:26:27.514Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /_fd HTTP/1.1\r\nHost: ww25.fp7sn1tuog.facevideosc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ww25.fp7sn1tuog.facevideosc.com/\r\nContent-Type: application/json\r\nOrigin: http://ww25.fp7sn1tuog.facevideosc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=8228c80b-89e5-4555-a8cf-39fae73c8f98\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Thu, 04 Sep 2025 01:26:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 5269\r\nx-request-id: 3358d2cf-e96b-410c-a743-5dc90c7ab5b9\r\nset-cookie: parking_session=8228c80b-89e5-4555-a8cf-39fae73c8f98; expires=Thu, 04 Sep 2025 01:41:27 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5269,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with very long lines (5269), with no line terminators","md5":"9970928716e6c19f75c7caec2109c81c","sha1":"b8ba3d914aba22d5435c37944a8e7d55f943a964","sha256":"18d3a089827ea421425250551090f1ed0eb236d884bb155645ed0d69a7332ffe","sha512":"4d507eab22acd14a2ea8a6bfdae0f7ba807a653136e9172b95b6e9259d7db395af49f3621dd442d8ee2e7e573a637fd5ab4f4fb007444b0587cece9258dc3bfc","ssdeep":"96:N9SwIKFEZQ6X5zPULGQQGJ2ITTAwSY7c5oo2:C1s0Q6X5zS/vNnqv5oo2","tlshash":"f2b1a4e58e9d369bdb07560270cf02e9121f96be237a511d5a0fda4c4b0d60fb4e026f","first_seen":"2025-09-04T01:26:51.240954Z","last_seen":"2025-09-04T01:26:51.240954Z","times_seen":1,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"ww25.fp7sn1tuog.facevideosc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol101%2Cpid-bodis-gcontrol405%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3\u0026nocache=8591756949187906\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.fp7sn1tuog.facevideosc.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1756949187908\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=799174932\u0026rurl=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://ww25.fp7sn1tuog.facevideosc.com/","date":"2025-09-04T01:26:27.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:24:31 GMT","end":"Mon, 03 Nov 2025 19:24:30 GMT"},"fingerprint":{"sha1":"5E:62:EE:6D:81:E9:F8:6E:FA:06:82:95:D8:F6:9B:A9:43:E1:F2:C3","sha256":"92:9B:2D:E2:90:F3:DD:C2:42:67:1F:2B:AF:BE:00:1A:B0:D7:4B:4D:C6:0E:96:C5:64:7A:B9:A1:62:82:18:21"}}},"request":{"raw":"GET /afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol101%2Cpid-bodis-gcontrol405%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3\u0026nocache=8591756949187906\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.fp7sn1tuog.facevideosc.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1756949187908\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=799174932\u0026rurl=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.fp7sn1tuog.facevideosc.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-disposition: inline\r\ndate: Thu, 04 Sep 2025 01:26:28 GMT\r\nexpires: Thu, 04 Sep 2025 01:26:28 GMT\r\ncache-control: private, max-age=3600\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-SbKwqjXol8_sKxHZSov6-g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 2660\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":13552,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (13089)","md5":"c079cfc07c23d6ae4335eac227bc7f69","sha1":"61d9aa864df73796897a7587e66fe004bef0cf2c","sha256":"99144c581ff0ef78e8b228d4fc000504a7397b61bf2a3e88559cf0794cc34bd8","sha512":"31b8c3ac5612a8283773f573c926c1e181e740bd66e5851c7a4302acf5865e83ce829b48eea5b4f9fe269436bd0aac6aca9d201b2bbc447e6b0d012b54c9a962","ssdeep":"96:GE/yk2iIlb5lphMzwronbo4tm0yEM6vfNYrWmGMwDbw96D20AMwDWw96DdH0G8MP:GE12iMpgbogm0yEMcfWrC90GKskkb","tlshash":"ca524337706227291513ec541b296f6dd181d43ac46f36e848a35b25c7ebf828be628e","first_seen":"2025-09-04T01:26:51.242286Z","last_seen":"2025-09-04T01:26:51.242286Z","times_seen":1,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":88,"dns":1,"connect":7,"send":0,"wait":107,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol101%2Cpid-bodis-gcontrol405%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3\u0026nocache=8591756949187906\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.fp7sn1tuog.facevideosc.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1756949187908\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=799174932\u0026rurl=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F","date":"2025-09-04T01:26:28.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:24:31 GMT","end":"Mon, 03 Nov 2025 19:24:30 GMT"},"fingerprint":{"sha1":"5E:62:EE:6D:81:E9:F8:6E:FA:06:82:95:D8:F6:9B:A9:43:E1:F2:C3","sha256":"92:9B:2D:E2:90:F3:DD:C2:42:67:1F:2B:AF:BE:00:1A:B0:D7:4B:4D:C6:0E:96:C5:64:7A:B9:A1:62:82:18:21"}}},"request":{"raw":"GET /adsense/domains/caf.js HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Thu, 04 Sep 2025 01:26:28 GMT\r\nexpires: Thu, 04 Sep 2025 01:26:28 GMT\r\ncache-control: private, max-age=3600\r\netag: \"5841964285199595743\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":159430,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2943)","md5":"e9a5e1eb157de4ba5324f2361fe7a97f","sha1":"3783ea6a4a031dd5a8cc743929807b6bbc582458","sha256":"0886dd976a54fea44b810617b1a8acc0c8af8e5c9256e32f6c4a6380872695df","sha512":"60f7af46f145a4c7a24cdf45b895e75eb01e6dfd790de8743ad0a097e06064e68ed19bc07328fa95a9efb7b9acd7178357c09961e14c83d1a2f7b9ec126e31db","ssdeep":"3072:pM21p5LJKmsOnAm4sFA8D948z1ledKLPzT:bqOn7FAu48z1leyH","tlshash":"10f33bdd73a1302253b3a4b5603f018fb139b865a84c88a4f199d8e47db4da94277fbd","first_seen":"2025-09-03T15:14:02.192605Z","last_seen":"2025-09-08T15:39:22.468667Z","times_seen":1558,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol101%2Cpid-bodis-gcontrol405%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F%3Fcaf%3D1%26bpt%3D345\u0026type=3\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108\u0026format=r3\u0026nocache=8591756949187906\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.fp7sn1tuog.facevideosc.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1756949187908\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=799174932\u0026rurl=http%3A%2F%2Fww25.fp7sn1tuog.facevideosc.com%2F","date":"2025-09-04T01:26:28.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:20 GMT","end":"Mon, 03 Nov 2025 19:22:19 GMT"},"fingerprint":{"sha1":"88:F3:63:1A:B3:46:51:62:85:98:6A:BC:EC:9A:45:3F:B7:DB:9B:D1","sha256":"8E:77:81:97:96:97:F0:EB:73:BD:00:AE:27:6B:F5:00:8D:E5:03:E7:B8:43:1D:6F:25:1E:2E:32:BE:6B:AC:8F"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 03 Sep 2025 21:28:57 GMT\r\nexpires: Thu, 04 Sep 2025 20:28:57 GMT\r\ncache-control: public, max-age=82800\r\nage: 14251\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d47125b2ba92be53dcff07ba322ce1de","sha1":"e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28","sha256":"5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6","sha512":"78a1bf7547b1c28f600163689161955bc56a621ace3228c9169143be933ccf789fc6106bbf729f2e9483bcaa03271529d3913088094c7fb906b44673e13f1f92","ssdeep":"","tlshash":"72d02291d2286d38441e82e0c37c712200ee70a2230c10ccfa81a700720c8abb8a1668","first_seen":"2023-04-07T07:55:51Z","last_seen":"2026-02-01T02:48:24.72202Z","times_seen":175105,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":268,"dns":2,"connect":28,"send":0,"wait":15,"receive":0,"ssl":239},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=y47k4gnwwcqk\u0026cd_fexp=72717108\u0026aqid=xOq4aJDeA6DAiM0P8PiwkQQ\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=177.39999389648438\u0026adbh=364\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=799174932\u0026csala=5%7C0%7C309%7C61%7C11\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"216.58.207.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww25.fp7sn1tuog.facevideosc.com/","date":"2025-09-04T01:26:29.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:24:31 GMT","end":"Mon, 03 Nov 2025 19:24:30 GMT"},"fingerprint":{"sha1":"5E:62:EE:6D:81:E9:F8:6E:FA:06:82:95:D8:F6:9B:A9:43:E1:F2:C3","sha256":"92:9B:2D:E2:90:F3:DD:C2:42:67:1F:2B:AF:BE:00:1A:B0:D7:4B:4D:C6:0E:96:C5:64:7A:B9:A1:62:82:18:21"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=y47k4gnwwcqk\u0026cd_fexp=72717108\u0026aqid=xOq4aJDeA6DAiM0P8PiwkQQ\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=177.39999389648438\u0026adbh=364\u0026adbw=700\u0026adbah=114%2C114%2C114\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=799174932\u0026csala=5%7C0%7C309%7C61%7C11\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.fp7sn1tuog.facevideosc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-v7noWpXwqtUgdb7A994vog' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Thu, 04 Sep 2025 01:26:29 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.fp7sn1tuog.facevideosc.com/","fqdn":"ww25.fp7sn1tuog.facevideosc.com","domain":"facevideosc.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-04T01:26:27.279Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ww25.fp7sn1tuog.facevideosc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Thu, 04 Sep 2025 01:26:27 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 1090\r\nx-request-id: 8228c80b-89e5-4555-a8cf-39fae73c8f98\r\ncache-control: no-store, max-age=0\r\naccept-ch: sec-ch-prefers-color-scheme\r\ncritical-ch: sec-ch-prefers-color-scheme\r\nvary: sec-ch-prefers-color-scheme\r\nx-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_plAq0xnGIRErpKoN+TBdZnSlhCoGSyfd1iSuvhlN0iz5w5h3rpe3BmjW8oCLlIER/omVjWGyalhkh0kKh4MT/w==\r\nset-cookie: parking_session=8228c80b-89e5-4555-a8cf-39fae73c8f98; expires=Thu, 04 Sep 2025 01:41:27 GMT; path=/\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1090,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (358)","md5":"2256019b4cc48b0dd4cfce6ddac28878","sha1":"34fc6b2108d0e8bed1537837621a96a1c78ed59d","sha256":"ae4b94fa28fb30b90c9193dbcfedd0c8e50e5cfa4def3f2017e092ea519c65c3","sha512":"860ab5d3b51ef182e1a64b395691b5a7361e22ddd5730f9430de58350f8bba0cbe75e5e1bbac3ccef0fe5a49040d874b71616b00dad3904216badc0b5b41bfa8","ssdeep":"","tlshash":"f611b2371429ac8e90b100615960e74c8c0937a8a5506cc07fe8c07b6bc4ad7a42eacd","first_seen":"2025-09-04T01:26:51.245482Z","last_seen":"2025-09-04T01:26:51.245482Z","times_seen":1,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"ww25.fp7sn1tuog.facevideosc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww25.fp7sn1tuog.facevideosc.com/bPTtoyOXT.js","fqdn":"ww25.fp7sn1tuog.facevideosc.com","domain":"facevideosc.com","tld":"com"},"ip":{"addr":"199.59.243.228","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww25.fp7sn1tuog.facevideosc.com/","date":"2025-09-04T01:26:27.457Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /bPTtoyOXT.js HTTP/1.1\r\nHost: ww25.fp7sn1tuog.facevideosc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.fp7sn1tuog.facevideosc.com/\r\nCookie: parking_session=8228c80b-89e5-4555-a8cf-39fae73c8f98\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Thu, 04 Sep 2025 01:26:27 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 38577\r\nx-request-id: c8203d0a-6167-4e04-9deb-ad1bf6c56cad\r\nset-cookie: parking_session=8228c80b-89e5-4555-a8cf-39fae73c8f98; expires=Thu, 04 Sep 2025 01:41:27 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38577,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38574)","md5":"958df7937adfec9bc20b14b7fff891f8","sha1":"bd45611bceae0cdda0fb3c3b9445b6f0eed4995c","sha256":"40c39476fa8cec4a8d5eed23acc6c6a99d686b58eb16fff4ee199eac5f8f0619","sha512":"0586e20b3bdefe90612c16df0206fedcb048cb2bec475b01a32a3c94fabc13aaf90f44db2615bda3cf8f790ce6f063b6328b30c42f4ddc8d0f36c08ab5b1c256","ssdeep":"768:TP2y1o5VcJ7n85NdxBB5gPzGIPNMalnEE0xNE2X0Ddem+euROgvMzLXWI+6l8XOD:TualnEE0xNEGR+4M","tlshash":"98033ab23ab7e07046e2c5dae8779215f338214a3405c068f96cc8de3a5e947d73ab75","first_seen":"2025-08-25T22:40:35.311663Z","last_seen":"2025-10-15T16:11:44.232108Z","times_seen":35895,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"ww25.fp7sn1tuog.facevideosc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.68","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww25.fp7sn1tuog.facevideosc.com/","date":"2025-09-04T01:26:27.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:23:13 GMT","end":"Mon, 03 Nov 2025 19:23:12 GMT"},"fingerprint":{"sha1":"24:F3:A9:B9:32:0E:AB:CF:68:58:D1:69:62:DB:5E:10:0E:22:84:8E","sha256":"93:9D:6E:47:75:F3:0C:86:A2:05:DE:67:D1:CE:D6:ED:3B:EF:0E:2F:A6:35:DD:ED:FA:0E:C0:01:29:FB:69:41"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026bodis=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.fp7sn1tuog.facevideosc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Thu, 04 Sep 2025 01:26:27 GMT\r\nexpires: Thu, 04 Sep 2025 01:26:27 GMT\r\ncache-control: private, max-age=3600\r\netag: \"1576525523269613530\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":159600,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2943)","md5":"d60762b9059f1ae1e9599989fe6827d1","sha1":"2703df039cbea141df1291c1f986b4735801d284","sha256":"7defc980dbc4338276674794064b909dfca51df05cb0cd827c005628e1b9285c","sha512":"e1bed50512cdefb4dcb62dd24cbd189f5d2915fd8c4ba2cccf3caa4f597ba0614b8387006f0dc344f9495bcb60ef30ef7f3057ac8a235ffabf18d64d00fa9bf1","ssdeep":"3072:ax21p5LJKmsOnAm4sFATSaZUbzRdbHIf5Nc2:RqOn7FAVIzRdb6/","tlshash":"7bf33bcd77a1302253b3a4b4603f018fb139b865a84c88a4f199d8e47db4da94277fbd","first_seen":"2025-08-27T18:14:26.982259Z","last_seen":"2025-09-04T14:31:06.127568Z","times_seen":2158,"resource_available":true,"data":null}},"time_used":300,"timings":{"blocked":134,"dns":1,"connect":20,"send":0,"wait":32,"receive":0,"ssl":110},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}