{"report_id":"e04ddaf0-d0c3-463f-b333-13e4ec185348","version":6,"status":"done","tags":[],"date":"2024-07-17T12:47:44Z","url":{"schema":"http","addr":"ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","fqdn":"ww25.u66p5mnhvxdbfupd.onion.casa","domain":"onion.casa","tld":"casa"},"ip":{"addr":"199.59.243.226","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","fqdn":"ww25.u66p5mnhvxdbfupd.onion.casa","domain":"onion.casa","tld":"casa"},"title":"onion.casa"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T09:23:41Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.google.com","ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10 13:11:19","last_seen":"2024-07-16 18:15:45","alert_count":0,"request_count":1,"received_data":201018,"sent_data":446,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-16 18:12:11","alert_count":0,"request_count":7,"received_data":6215,"sent_data":2289,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ww25.u66p5mnhvxdbfupd.onion.casa","ip":{"addr":"199.59.243.226","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":4,"received_data":42050,"sent_data":2266,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-07-16 18:31:26","alert_count":0,"request_count":8,"received_data":5595,"sent_data":2600,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2013-05-22 04:07:37","last_seen":"2024-07-17 07:48:24","alert_count":0,"request_count":2,"received_data":169523,"sent_data":909,"comment":"","tags":null,"fingerprints":null},{"fqdn":"syndicatedsearch.goog","ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":0,"first_seen":"2023-09-25 11:30:59","last_seen":"2024-07-17 07:01:53","alert_count":0,"request_count":4,"received_data":82861,"sent_data":3445,"comment":"","tags":null,"fingerprints":null},{"fqdn":"afs.googleusercontent.com","ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":12123,"first_seen":"2013-05-06 21:11:00","last_seen":"2024-07-16 19:39:28","alert_count":0,"request_count":2,"received_data":2121,"sent_data":993,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-17T12:47:17Z","timestamp":1721220437,"ip_dst":{"addr":"199.59.243.226","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":57280,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious GET To gate.php with no Referer","source":"{\"timestamp\":\"2024-07-17T12:47:17.777943+0000\",\"flow_id\":2212315060878401,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":57280,\"dest_ip\":\"199.59.243.226\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2030802,\"rev\":1,\"signature\":\"ET HUNTING Suspicious GET To gate.php with no Referer\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2020_08_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_08_27\"]}},\"http\":{\"hostname\":\"ww25.u66p5mnhvxdbfupd.onion.casa\",\"url\":\"/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":778},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":745,\"bytes_toclient\":2188,\"start\":\"2024-07-17T12:47:17.703553+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","fqdn":"ww25.u66p5mnhvxdbfupd.onion.casa","domain":"onion.casa","tld":"casa"},"ip":{"addr":"199.59.243.226","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"202431e9092bcff21d9033e910e318ce","sha1":"97280a743dd03ede6f62334c1223ba20435ae840","sha256":"95bc03b3524d80717fa6917cd0b795c749ae21318a8c6008cce26ebddaf65bc7","sha512":"438f70c8bd813cd884b38dac25b054f4ecd0edaccb6ecaf2fcbc67e8618cf0e3a893eb36e329384793299a2c4a3c4e1e5c852f095e01fa2a61256b7fd80225d9","ssdeep":"","tlshash":"58f00545687dec9c403e5c05963d9f4166e859a13154f794fe9000c7dc101cd94168bf","size":499,"data":"","first_seen":"2024-08-19T16:39:56.943689Z","last_seen":"2024-08-19T16:39:56.943689Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-17T12:47:17Z","timestamp":1721220437,"ip_dst":{"addr":"199.59.243.226","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.2","port":57280,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious GET To gate.php with no Referer","source":"{\"timestamp\":\"2024-07-17T12:47:17.777943+0000\",\"flow_id\":2212315060878401,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":57280,\"dest_ip\":\"199.59.243.226\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2030802,\"rev\":1,\"signature\":\"ET HUNTING Suspicious GET To gate.php with no Referer\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2020_08_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_08_27\"]}},\"http\":{\"hostname\":\"ww25.u66p5mnhvxdbfupd.onion.casa\",\"url\":\"/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":778},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":745,\"bytes_toclient\":2188,\"start\":\"2024-07-17T12:47:17.703553+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"314797f47d421b8a6ed100ea88e86c72","sha1":"8ac8e8e853e26d610d814dcc7a5f34b61fa0aa39","sha256":"74fc3ef2920b0582d191017dad0e8a145068ccb1406c395c7eaac4e7c1b4dd02","sha512":"a26597ec70d12cc80f9dd2da15231705b356f12e8c45e8d9ef3084bf8dceec8187857be94f6ca75d91f89db8366aed00eae91703a02426d84362a8564a6be6d7","ssdeep":"3072:t21UC7p2NelrPL/tX38XqXGTVKiS1ZXRM7:tG7lRL/3XosiSnXa7","tlshash":"06146dcdb2a5b022579394b0903f424fb23aec55e84985f8f089d4e5bcb4da84677f78","size":200175,"data":"","first_seen":"2024-07-10T19:09:58Z","last_seen":"2024-08-19T17:21:25.008566Z","times_seen":498,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:gr5xyIhZ6pQ/d/bTQcFeqZVxNnR36Hc9lDJlQC8dA9Sa5fLtUB5roNiEP:gr58IhZ6pg/bTXVx9t689fN8INtEONig","tlshash":"7ea1cd9b39e650310332bfe91bfaa559b22937605220c161be0c915b7399233d3e1bec","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-06T16:45:38.896244Z","times_seen":846419,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol312%2Cpid-bodis-gcontrol451%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe\u0026terms=Dark%20Internet%2CDeep%20Internet%2CDeep%20Internet%20Search%2CDark%20Web%20Websites%2COnion%20Websites%2COnion%20Site%20List\u0026kw=Dark%20Internet\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2508980667757858\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266\u0026format=r3\u0026nocache=3261721220438621\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.u66p5mnhvxdbfupd.onion.casa\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1721220438623\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=650230758\u0026rurl=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F2x2eq4nd3x3eq9%2Fgate.php0%3Fsubid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"156f8d6d0ec7d1d59a8f94852bb493ba","sha1":"82bd285311941312b54d0ee46b2b15ac5875b3c2","sha256":"c1b5628502a642e9fa501f2a19b41fae7fe1246a8df8623a80141b58601e128a","sha512":"9e6828f0b06adfed1cbea41636025008e960bf9887c24da3c1fcd8aaed858f4b3fb4a92f63f1f80fa0284e96bbc318949e293797875b69b419f4fade47bfccb5","ssdeep":"","tlshash":"9a01739a2c240232d96701212d5f3f91649d587132c7264de45eb8de307dfef57290bb","size":658,"data":"","first_seen":"2024-08-19T16:39:56.949958Z","last_seen":"2024-08-19T16:39:56.949958Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.u66p5mnhvxdbfupd.onion.casa/bsGhBvqQK.js","fqdn":"ww25.u66p5mnhvxdbfupd.onion.casa","domain":"onion.casa","tld":"casa"},"ip":{"addr":"199.59.243.226","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"54285d7f26ed4bc84ba79113426dcecb","sha1":"17dc89efec5df34a280459ffc0e27cb8467045ab","sha256":"b0754afe500a24201f740ed9c023d64483ca9183fa6361d759bb329462d25344","sha512":"88afabcad8dbb0f49cdea27c64783ec98ece295f139d50029d524950a5b40a7971f033529f7b60e5acdef5f0576bdcf107fa733bf439cc76693b654ebdd9a8df","ssdeep":"768:TP2yj8VcbMnnZNdxBB5gPi0f8rnaVG4xYEb0Ddem+euROvvMzLXWI+6Ch75BGJ21:En7rnSG4xYEzRLm","tlshash":"e9e22aa23af7e06046e2c6dae4775215f738620a3405c06cf96c88ce365ae47d73eb75","size":33929,"data":"","first_seen":"2024-06-14T17:19:41Z","last_seen":"2024-08-29T18:15:45.214816Z","times_seen":19107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-120516961-2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d7e8750b4354954cd988cb0b174d3af4","sha1":"7a301256278e4683480bb5f5682c72c4eeb2eca8","sha256":"8f7790b0d639635287aca82e3af961cb7243934dbe7c41fd8c0b5e56f004f679","sha512":"a6666a32aec117a6206b994728fa0223679215874f9901226770c37c792ace15378990a03db24582d9c17d0dc39938e71a451ebc834a56d17f799f47acc30e9b","ssdeep":"3072:9Pp8eK1oK5pKn1V1033NbFod2ga27izCZO+uz1U6pLCX3m5:d2WK/Kn0dbFegz1U6pLCHa","tlshash":"7824f7d8b3d6b42683a36474507f014bb13a6dd2f80cdc94e285d4d92e74aaa427bf7c","size":211930,"data":"","first_seen":"2024-08-19T16:39:56.9165Z","last_seen":"2024-08-19T16:39:57.278954Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/sandbox%20eval%20code","fqdn":"ww25.u66p5mnhvxdbfupd.onion.casa","domain":"onion.casa","tld":"casa"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"69c02be3f74421ae2f1156f2b810e043a2c62b015ae7c402f00e003f2440fea4eee1e8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-06T16:45:38.896802Z","times_seen":848083,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-L1JLSM1P7J\u0026l=dataLayer\u0026cx=c","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f3278e31b6bf4aa08234cade8e98f130","sha1":"b298b0681eebd00e917dd6364cc8a9cdaed4ab0c","sha256":"53b52eb0734d0d667b1b5659b6dfeb4560a594fd1c89df5b979d425134d729f2","sha512":"4d6ae4150b99e5244380657a69a2eed8729b58995c489a12591715cafcdceeefa17cf4d3ff81ee7d516bdf2408dfe58ee3ecad622c28724a0b90abf93f08c3c5","ssdeep":"6144:KS62WK/KnzXSv2FbFct8z1U6pLCIF1V0bX1bG:zzq2J1C","tlshash":"ab4419d973c6746683a2b478407f018ba57b6ce2b80ccc95f189c8e52e74a9a4177f7c","size":261296,"data":"","first_seen":"2024-08-19T16:39:56.918606Z","last_seen":"2024-08-19T16:39:57.501393Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"963bfa6829340c3f567cf66f55e31783","sha1":"ffde199c0f15e45ab91b8967dbd363c61f3e8d48","sha256":"abcf6e636ef05833611d88981dee8257f259cefe873d181c9c29268bcc0734f0","sha512":"0134e78ba61721bc6550ca077a9f865ba6915d8b080562f51fb69312d3598e1e1a502f496142c914cdf7c3b81a2a44ccfce8e1beb60ec95b3d318757d23eb282","ssdeep":"3072:721UC7p2NelrPL/tX38XqXGTVKiS1ZXRM7:7G7lRL/3XosiSnXa7","tlshash":"ea146dcdb2a5b022579394b0903f424fb23aec55e84985b8f089d4e5bcb4da84677f7c","size":200191,"data":"","first_seen":"2024-07-10T19:14:16Z","last_seen":"2024-08-19T17:21:24.20025Z","times_seen":336,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:17.030501023Z","timestamp":1721220437030,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"133266844822EA13F6D0FFC2EDA97A79E99CEA9EC4DEFEC2812CF4A86751283A\"\r\nLast-Modified: Mon, 15 Jul 2024 20:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=14330\r\nExpires: Wed, 17 Jul 2024 16:46:07 GMT\r\nDate: Wed, 17 Jul 2024 12:47:17 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9fc6673328a72199efee32208e052486","sha1":"e3cd507761b95ae04da178d9b0da347fcaa5fce6","sha256":"133266844822ea13f6d0ffc2eda97a79e99cea9ec4defec2812cf4a86751283a","sha512":"18de0438f215e593d4e2f1bb76d94ad04b2967f9bb2a3aef8a777dd8b48b581e7edef286e4915a58ac8c010ada67fee4e6b7e6b15cc8af5be291080c88592089","ssdeep":"","tlshash":"92f07e8307b23c592b7c28277ca8ca9cad125a3c288028b220c113e26c88bba859000b","first_seen":"2024-07-15T23:07:47Z","last_seen":"2024-08-19T16:51:27.189912Z","times_seen":24082,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:17.042101158Z","timestamp":1721220437042,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E4ACAF4113D4CDA75EDBBAE5D28E17DFFB959489CD6912B854C9E87A3AB50FD2\"\r\nLast-Modified: Mon, 15 Jul 2024 20:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5855\r\nExpires: Wed, 17 Jul 2024 14:24:52 GMT\r\nDate: Wed, 17 Jul 2024 12:47:17 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0ba28ae3ca920c46edf9c7a1f79db3ca","sha1":"b96f7bd71a6b1f9e08b5a0179c66553bf42875d2","sha256":"e4acaf4113d4cda75edbbae5d28e17dffb959489cd6912b854c9e87a3ab50fd2","sha512":"5937af32a6f0ff76e028428c60ef303493ddc882c065396afb650daf19c5cc2f4403724350cbd8cb89a07780f5c9dc7c9885c22cbef8d4cffa26efa396ea6892","ssdeep":"","tlshash":"d6f005511576fd21e57126199cddd91a2e7bdbf4244419f6306003f3d981bffd950d04","first_seen":"2024-07-16T00:32:15Z","last_seen":"2024-08-19T16:50:36.759672Z","times_seen":27562,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:17.432324194Z","timestamp":1721220437432,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A951EDC9FCE6D26583509ABA1A0D759172986DA854406DC2041F25DCA4EB6798\"\r\nLast-Modified: Mon, 15 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16297\r\nExpires: Wed, 17 Jul 2024 17:18:54 GMT\r\nDate: Wed, 17 Jul 2024 12:47:17 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c827d32609521c1e56829aac4640ab87","sha1":"f6721b2c6abc469be2b70d165a58c75d5637408d","sha256":"a951edc9fce6d26583509aba1a0d759172986da854406dc2041f25dca4eb6798","sha512":"02500521f2e5e787d1ead7f0ef3af3606b89efb0bad488293e2e36bf2cad3fbdc8896cbea14f8db1e0be428d80fbcc8ee291149e332399ae23e90450228a1a29","ssdeep":"","tlshash":"7af005530579ac7027a2112198e6e5485f11e594299176d4a4a05bd2b850faec1d4055","first_seen":"2024-07-16T02:32:54Z","last_seen":"2024-08-19T16:50:23.638036Z","times_seen":23210,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:17.673331374Z","timestamp":1721220437673,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E4E3975A941C93FDA56279B3918D81448B74CD06D2A2BD0280DBCF8E58712C1D\"\r\nLast-Modified: Mon, 15 Jul 2024 19:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15007\r\nExpires: Wed, 17 Jul 2024 16:57:24 GMT\r\nDate: Wed, 17 Jul 2024 12:47:17 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"d69acaa73161ea261cea420c9548c854","sha1":"1f7cab04c4264ca503bb3e2d8f1d838c226f35c2","sha256":"e4e3975a941c93fda56279b3918d81448b74cd06d2a2bd0280dbcf8e58712c1d","sha512":"4dd16d8d3f21a825b909dcce1868f395cff80c9ae6beab41af9501f63db71cfcfc3a6bd6ebcac649c8c2a1e34f2fb326894ec76ce2d041919fdb6a0e3cfc6645","ssdeep":"","tlshash":"39f005869dddfe9013b11a3a2df8e0407a207e9c24013ce128d442f3784479b55c4084","first_seen":"2024-07-15T23:12:50Z","last_seen":"2024-08-19T16:51:12.402895Z","times_seen":24412,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","fqdn":"ww25.u66p5mnhvxdbfupd.onion.casa","domain":"onion.casa","tld":"casa"},"ip":{"addr":"199.59.243.226","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-17T12:47:17.705Z","timestamp":1721220437705,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe HTTP/1.1\r\nHost: ww25.u66p5mnhvxdbfupd.onion.casa\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Wed, 17 Jul 2024 12:47:17 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 1246\r\nx-request-id: 28c37c4a-953a-4b0a-81c1-9e7c3953077e\r\ncache-control: no-store, max-age=0\r\naccept-ch: sec-ch-prefers-color-scheme\r\ncritical-ch: sec-ch-prefers-color-scheme\r\nvary: sec-ch-prefers-color-scheme\r\nx-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_qXCGig3kEN7YTR9eVJGAr+90WnrJoSKy4vnzKVpL9h/YgCPg9uBaZUJXpKDYEbnNFkBflQlCQ1dtarHvkM1SqQ==\r\nset-cookie: parking_session=28c37c4a-953a-4b0a-81c1-9e7c3953077e; expires=Wed, 17 Jul 2024 13:02:17 GMT; path=/\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1246,"size_decoded":1246,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (514)","md5":"2435bf8dd0dda1c630edf8d5fcf0ae1d","sha1":"50df545addf8ddc426a06e3cea30c6c78dda92aa","sha256":"5c66a70a8bab69640d968e0f7a1a92533e78a2155ea3b5749a118858c4246588","sha512":"c5825feb8d11ef4580c417eb843233ff66e0831a64406c452dea8b909e10c938a21f623937be40ac6ff7dce88e71b7763daea3abcea8ea703b0c09487e7ce61d","ssdeep":"","tlshash":"6b2187521876dc5c11b1494099b4eb088c5c2b997345bd80bde8d0bb9c802d1f42b9fe","first_seen":"2024-08-19T16:39:56.913653Z","last_seen":"2024-08-19T16:39:56.913653Z","times_seen":1,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":0,"dns":2,"connect":1,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-17T12:47:17Z","timestamp":1721220437,"ip_dst":{"addr":"199.59.243.226","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.2","port":57280,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious GET To gate.php with no Referer","source":"{\"timestamp\":\"2024-07-17T12:47:17.777943+0000\",\"flow_id\":2212315060878401,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":57280,\"dest_ip\":\"199.59.243.226\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2030802,\"rev\":1,\"signature\":\"ET HUNTING Suspicious GET To gate.php with no Referer\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2020_08_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_08_27\"]}},\"http\":{\"hostname\":\"ww25.u66p5mnhvxdbfupd.onion.casa\",\"url\":\"/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":778},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":745,\"bytes_toclient\":2188,\"start\":\"2024-07-17T12:47:17.703553+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.u66p5mnhvxdbfupd.onion.casa/bsGhBvqQK.js","fqdn":"ww25.u66p5mnhvxdbfupd.onion.casa","domain":"onion.casa","tld":"casa"},"ip":{"addr":"199.59.243.226","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:18.078Z","timestamp":1721220438078,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bsGhBvqQK.js HTTP/1.1\r\nHost: ww25.u66p5mnhvxdbfupd.onion.casa\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe\r\nCookie: parking_session=28c37c4a-953a-4b0a-81c1-9e7c3953077e\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Wed, 17 Jul 2024 12:47:17 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 33929\r\nx-request-id: 085391dd-a3b5-4b5d-87e5-676b29bbead6\r\nset-cookie: parking_session=28c37c4a-953a-4b0a-81c1-9e7c3953077e; expires=Wed, 17 Jul 2024 13:02:18 GMT\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33929,"size_decoded":33929,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33926)","md5":"54285d7f26ed4bc84ba79113426dcecb","sha1":"17dc89efec5df34a280459ffc0e27cb8467045ab","sha256":"b0754afe500a24201f740ed9c023d64483ca9183fa6361d759bb329462d25344","sha512":"88afabcad8dbb0f49cdea27c64783ec98ece295f139d50029d524950a5b40a7971f033529f7b60e5acdef5f0576bdcf107fa733bf439cc76693b654ebdd9a8df","ssdeep":"768:TP2yj8VcbMnnZNdxBB5gPi0f8rnaVG4xYEb0Ddem+euROvvMzLXWI+6Ch75BGJ21:En7rnSG4xYEzRLm","tlshash":"e9e22aa23af7e06046e2c6dae4775215f738620a3405c06cf96c88ce365ae47d73eb75","first_seen":"2024-06-14T17:19:41Z","last_seen":"2024-08-29T18:15:45.214816Z","times_seen":19107,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.u66p5mnhvxdbfupd.onion.casa/_fd?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","fqdn":"ww25.u66p5mnhvxdbfupd.onion.casa","domain":"onion.casa","tld":"casa"},"ip":{"addr":"199.59.243.226","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:18.131Z","timestamp":1721220438131,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"POST /_fd?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe HTTP/1.1\r\nHost: ww25.u66p5mnhvxdbfupd.onion.casa\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe\r\nContent-Type: application/json\r\nOrigin: http://ww25.u66p5mnhvxdbfupd.onion.casa\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=28c37c4a-953a-4b0a-81c1-9e7c3953077e\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Wed, 17 Jul 2024 12:47:17 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 5361\r\nx-request-id: 38acff69-32a5-4a40-9ed6-34865fba6035\r\nset-cookie: parking_session=28c37c4a-953a-4b0a-81c1-9e7c3953077e; expires=Wed, 17 Jul 2024 13:02:18 GMT\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5361,"size_decoded":5361,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with very long lines (5361), with no line terminators","md5":"eb5643529765dcdd9d7a9066c106d310","sha1":"47b69bbab1e62e577058d763b15c96e0264e5bcb","sha256":"a54e0f62e1636084beb6e78a2de774eaf23fb3c1188f908756d4e15ff553436c","sha512":"107e583bc218029d00cd570ba5d1aa2f05983708c44aeadc9e846b72e10d718446fcbc0d03246b87094120c8c13bea2f5ab58732bf12f958fa544317b7e72cc5","ssdeep":"96:N9MkSJqpI+fJfX4noPULGQwC7O3OpEXSpXa43tvXChMH:c/MJJfX4ncS/7O+pEXSk43tv6k","tlshash":"edb1a5fa8a083a5ecb43450371df06ea470e93af36ba616d055fda85864850f79e0337","first_seen":"2024-08-19T16:39:56.914995Z","last_seen":"2024-08-19T16:39:56.914995Z","times_seen":1,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:18.321349045Z","timestamp":1721220438321,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 17 Jul 2024 12:47:18 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"65c966c20a252778c3ca387d069e3545","sha1":"db7917f65537cb57430b6164d259928aa3f214d5","sha256":"5cf69637bd5fc7e50be850a48ba99fa92af4fa2b31f638bc996cdbd8127218a2","sha512":"50a45c9fec555ba893d61896a680103caa24930bc23b129e50dd69f0b4fdff8642ed8b13e6c94d1ec24ffcb7c22f07ad65bca1a75b3cd6e5dc18dd46cd41a9dd","ssdeep":"","tlshash":"54f0545801575c618e23d87027c0f4bf3c209448054fe033812404c4596dbcf920d2b7","first_seen":"2024-07-16T18:07:13Z","last_seen":"2024-08-19T16:45:45.652299Z","times_seen":795,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-120516961-2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:18.244Z","timestamp":1721220438244,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 06:35:05 GMT","end":"Mon, 16 Sep 2024 06:35:04 GMT"},"fingerprint":{"sha1":"B3:23:88:EF:34:69:5A:0C:81:CE:02:E2:E3:19:FE:95:71:75:A1:14","sha256":"BD:E2:9D:89:16:54:53:AB:33:EB:BE:86:F8:8D:33:2D:41:B8:04:D4:2E:92:A8:63:A0:2E:4D:A2:B5:35:37:16"}}},"request":{"raw":"GET /gtag/js?id=UA-120516961-2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.u66p5mnhvxdbfupd.onion.casa/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 17 Jul 2024 12:47:18 GMT\r\nexpires: Wed, 17 Jul 2024 12:47:18 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Wed, 17 Jul 2024 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 76385\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":76385,"size_decoded":211930,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4179)","md5":"d7e8750b4354954cd988cb0b174d3af4","sha1":"7a301256278e4683480bb5f5682c72c4eeb2eca8","sha256":"8f7790b0d639635287aca82e3af961cb7243934dbe7c41fd8c0b5e56f004f679","sha512":"a6666a32aec117a6206b994728fa0223679215874f9901226770c37c792ace15378990a03db24582d9c17d0dc39938e71a451ebc834a56d17f799f47acc30e9b","ssdeep":"3072:9Pp8eK1oK5pKn1V1033NbFod2ga27izCZO+uz1U6pLCX3m5:d2WK/Kn0dbFegz1U6pLCHa","tlshash":"7824f7d8b3d6b42683a36474507f014bb13a6dd2f80cdc94e285d4d92e74aaa427bf7c","first_seen":"2024-08-19T16:39:56.9165Z","last_seen":"2024-08-19T16:39:57.278954Z","times_seen":3,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":79,"dns":0,"connect":20,"send":0,"wait":22,"receive":15,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:18.503389444Z","timestamp":1721220438503,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 17 Jul 2024 12:47:18 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"b5c36cbd6f36353f8855a38a59619f6a","sha1":"0cf7e19284df0c2f4eef61b8cc6ef826aea289c9","sha256":"3eb126da9e67784761ffbd75279cb007c556b92a49789ecf36bc60d52daf10a7","sha512":"ebb7e913e1a2e92aea9603b199b440908d4e6ca1a4874840a9ae74a362cb5954b3af9727c3718dc63a12b0161cb764c203c6b75a3d3e63c3c327907344d19ff7","ssdeep":"","tlshash":"e8f0d4ddb43c1d622e058560399440dd3a709a8808965c9620e817c1456f3eaf711373","first_seen":"2024-07-16T18:01:14Z","last_seen":"2024-08-19T16:46:02.294254Z","times_seen":790,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:18.51264353Z","timestamp":1721220438512,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 17 Jul 2024 12:47:18 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"65c966c20a252778c3ca387d069e3545","sha1":"db7917f65537cb57430b6164d259928aa3f214d5","sha256":"5cf69637bd5fc7e50be850a48ba99fa92af4fa2b31f638bc996cdbd8127218a2","sha512":"50a45c9fec555ba893d61896a680103caa24930bc23b129e50dd69f0b4fdff8642ed8b13e6c94d1ec24ffcb7c22f07ad65bca1a75b3cd6e5dc18dd46cd41a9dd","ssdeep":"","tlshash":"54f0545801575c618e23d87027c0f4bf3c209448054fe033812404c4596dbcf920d2b7","first_seen":"2024-07-16T18:07:13Z","last_seen":"2024-08-19T16:45:45.652299Z","times_seen":795,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:18.612744755Z","timestamp":1721220438612,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 17 Jul 2024 12:47:18 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"68cbeb97362cb1fd193bcaff349ec599","sha1":"6e5ced18d57cda5f43a5122f211e7b474b918a26","sha256":"086654872a2fb046f370443097a824463ff74d51cc27f5e6ab740c7c50d3d03c","sha512":"9029ef8b562140d18f1b6773be431e92b9ed25feb4b6d926928bef0e227135d93822e462fa7ce0c0fb0842163d0723ddad994c4825f3184337093f84b1761f3f","ssdeep":"","tlshash":"87f02b546bf33c175d0354507ffcf5bd7430d055469d140a512571cadd8620b501d7d7","first_seen":"2024-07-16T18:11:20Z","last_seen":"2024-08-19T16:46:02.35804Z","times_seen":810,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-L1JLSM1P7J\u0026l=dataLayer\u0026cx=c","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:18.71812043Z","timestamp":1721220438718,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 06:35:05 GMT","end":"Mon, 16 Sep 2024 06:35:04 GMT"},"fingerprint":{"sha1":"B3:23:88:EF:34:69:5A:0C:81:CE:02:E2:E3:19:FE:95:71:75:A1:14","sha256":"BD:E2:9D:89:16:54:53:AB:33:EB:BE:86:F8:8D:33:2D:41:B8:04:D4:2E:92:A8:63:A0:2E:4D:A2:B5:35:37:16"}}},"request":{"raw":"GET /gtag/js?id=G-L1JLSM1P7J\u0026l=dataLayer\u0026cx=c HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.u66p5mnhvxdbfupd.onion.casa/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 17 Jul 2024 12:47:18 GMT\r\nexpires: Wed, 17 Jul 2024 12:47:18 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 91910\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":91910,"size_decoded":261296,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5945)","md5":"f3278e31b6bf4aa08234cade8e98f130","sha1":"b298b0681eebd00e917dd6364cc8a9cdaed4ab0c","sha256":"53b52eb0734d0d667b1b5659b6dfeb4560a594fd1c89df5b979d425134d729f2","sha512":"4d6ae4150b99e5244380657a69a2eed8729b58995c489a12591715cafcdceeefa17cf4d3ff81ee7d516bdf2408dfe58ee3ecad622c28724a0b90abf93f08c3c5","ssdeep":"6144:KS62WK/KnzXSv2FbFct8z1U6pLCIF1V0bX1bG:zzq2J1C","tlshash":"ab4419d973c6746683a2b478407f018ba57b6ce2b80ccc95f189c8e52e74a9a4177f7c","first_seen":"2024-08-19T16:39:56.918606Z","last_seen":"2024-08-19T16:39:57.501393Z","times_seen":2,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:18.719729828Z","timestamp":1721220438719,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 17 Jul 2024 12:47:18 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"41a0047fd429b5537ab97db943ef1b3c","sha1":"41e670d05b859cb51fba32bfbe348c1bd1190b77","sha256":"4ae693eb29ef9f8fb8ca5cfd7dba25725d124604d2ed1d380f7e236bddd2d09f","sha512":"a5020e5c72ad791c7716c494a4ddcaf95790308d237dd1b6a49047c0a0227cc6184fb07f66bb8dc6b3f0a636747914fcb2fb3cc763ab5277156c45a3153210d2","ssdeep":"","tlshash":"8bf0dc9a06b86fc1dd1654302aecb4f9ad242b1006ca458c407591e1ac86bbf168e22a","first_seen":"2024-07-16T19:13:30Z","last_seen":"2024-08-19T16:45:20.562467Z","times_seen":428,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol312%2Cpid-bodis-gcontrol451%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe\u0026terms=Dark%20Internet%2CDeep%20Internet%2CDeep%20Internet%20Search%2CDark%20Web%20Websites%2COnion%20Websites%2COnion%20Site%20List\u0026kw=Dark%20Internet\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2508980667757858\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266\u0026format=r3\u0026nocache=3261721220438621\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.u66p5mnhvxdbfupd.onion.casa\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1721220438623\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=650230758\u0026rurl=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F2x2eq4nd3x3eq9%2Fgate.php0%3Fsubid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:18.639Z","timestamp":1721220438639,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:54:13 GMT","end":"Mon, 16 Sep 2024 07:54:12 GMT"},"fingerprint":{"sha1":"C4:40:78:7E:BF:F4:0A:6A:4C:F0:04:5E:14:5D:12:24:2E:CB:6A:56","sha256":"37:78:51:A2:80:7E:94:63:E3:6A:1B:2E:6E:F8:FC:87:0B:12:56:EA:4A:EE:02:8F:C3:87:1E:1B:52:CE:86:6C"}}},"request":{"raw":"GET /afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol312%2Cpid-bodis-gcontrol451%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe\u0026terms=Dark%20Internet%2CDeep%20Internet%2CDeep%20Internet%20Search%2CDark%20Web%20Websites%2COnion%20Websites%2COnion%20Site%20List\u0026kw=Dark%20Internet\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2508980667757858\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266\u0026format=r3\u0026nocache=3261721220438621\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.u66p5mnhvxdbfupd.onion.casa\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1721220438623\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=650230758\u0026rurl=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F2x2eq4nd3x3eq9%2Fgate.php0%3Fsubid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.u66p5mnhvxdbfupd.onion.casa/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-disposition: inline\r\ndate: Wed, 17 Jul 2024 12:47:18 GMT\r\nexpires: Wed, 17 Jul 2024 12:47:18 GMT\r\ncache-control: private, max-age=3600\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-KsDO3maBXZjND5_PQAI6fw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 2641\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2641,"size_decoded":13923,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (13320)","md5":"a457b1944751f5cf30f48c76d8cf092a","sha1":"986e1984dc8b0d0dcf932036c4105d8607f42cea","sha256":"69a224c18792e9b7dfa647ee1ec98d2297c736017ad716fdf0db1504ed59385a","sha512":"09bb52a9c81020c6a458d8e451c68638117ae253a5fa3ccaef5966b699e6067285375e0db4ad9b3ef0b1878dfdf478a0e1ead9e38211f92250715b417d179ab6","ssdeep":"96:GE/yk2iwlb5lphMzwronSc90IMvm0yEM6vfNYrW9Ek9HqMwDCiw9WDUF6MwDgTwo:GE12ikpgn9+m0yEMcfWrnI3R111skv","tlshash":"a1523337706227291507dc541b296f6dd181d53ac46b32e848e35f26c7ebf828fe628e","first_seen":"2024-08-19T16:39:56.920085Z","last_seen":"2024-08-19T16:39:56.920085Z","times_seen":1,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":80,"dns":1,"connect":20,"send":0,"wait":143,"receive":4,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:18.951618677Z","timestamp":1721220438951,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 17 Jul 2024 12:47:18 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"41a0047fd429b5537ab97db943ef1b3c","sha1":"41e670d05b859cb51fba32bfbe348c1bd1190b77","sha256":"4ae693eb29ef9f8fb8ca5cfd7dba25725d124604d2ed1d380f7e236bddd2d09f","sha512":"a5020e5c72ad791c7716c494a4ddcaf95790308d237dd1b6a49047c0a0227cc6184fb07f66bb8dc6b3f0a636747914fcb2fb3cc763ab5277156c45a3153210d2","ssdeep":"","tlshash":"8bf0dc9a06b86fc1dd1654302aecb4f9ad242b1006ca458c407591e1ac86bbf168e22a","first_seen":"2024-07-16T19:13:30Z","last_seen":"2024-08-19T16:45:20.562467Z","times_seen":428,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww25.u66p5mnhvxdbfupd.onion.casa/_tr","fqdn":"ww25.u66p5mnhvxdbfupd.onion.casa","domain":"onion.casa","tld":"casa"},"ip":{"addr":"199.59.243.226","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:19.116Z","timestamp":1721220439116,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"POST /_tr HTTP/1.1\r\nHost: ww25.u66p5mnhvxdbfupd.onion.casa\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe\r\nContent-Type: application/json\r\nContent-Length: 2133\r\nOrigin: http://ww25.u66p5mnhvxdbfupd.onion.casa\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=28c37c4a-953a-4b0a-81c1-9e7c3953077e; _ga_L1JLSM1P7J=GS1.1.1721220438.1.0.1721220438.0.0.0; _ga=GA1.1.487110558.1721220439\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Wed, 17 Jul 2024 12:47:18 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 2\r\nx-request-id: 09dd296a-bc54-42ae-90a9-dbc05f73fd96\r\nset-cookie: parking_session=28c37c4a-953a-4b0a-81c1-9e7c3953077e; expires=Wed, 17 Jul 2024 13:02:19 GMT\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":2,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-05-06T15:45:58.798006Z","times_seen":406736,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:19.160276745Z","timestamp":1721220439160,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 17 Jul 2024 12:47:19 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"56f9f417c1cf8a5545a1030146b83dc0","sha1":"e9935575877ba175a9d0443b3dc454ffd659ed19","sha256":"ebde9a601dcb2c80e57679fbbe60752bed3c0f395b107d566c0303cea69950df","sha512":"fb582f73bee35bd06f1f0f61bf1661fc22db2ccdc4aaf0aa8fcf2b6272c7aff146640acbb7dfeefdbe5fa20b5aaeab75f8a4f301c8a462bd6574ddb94c08d26e","ssdeep":"","tlshash":"ddf05c0842b238e10cab88206ae8cc68b820af98401608aa303902934800bca8a8b62d","first_seen":"2024-07-16T18:11:21Z","last_seen":"2024-08-19T16:45:43.517177Z","times_seen":616,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol312%2Cpid-bodis-gcontrol451%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe\u0026terms=Dark%20Internet%2CDeep%20Internet%2CDeep%20Internet%20Search%2CDark%20Web%20Websites%2COnion%20Websites%2COnion%20Site%20List\u0026kw=Dark%20Internet\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2508980667757858\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266\u0026format=r3\u0026nocache=3261721220438621\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.u66p5mnhvxdbfupd.onion.casa\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1721220438623\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=650230758\u0026rurl=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F2x2eq4nd3x3eq9%2Fgate.php0%3Fsubid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:19.108Z","timestamp":1721220439108,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:37:56 GMT","end":"Mon, 16 Sep 2024 07:37:55 GMT"},"fingerprint":{"sha1":"7C:4C:89:9D:C0:52:5F:36:7E:51:89:B8:F3:71:B4:81:B3:DF:6F:73","sha256":"61:53:22:E3:2B:E7:7B:AB:69:98:05:CE:24:F1:9F:6A:6C:BB:02:9D:02:B1:1F:18:80:61:26:AD:71:91:5D:65"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 278\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 16 Jul 2024 23:53:18 GMT\r\nexpires: Wed, 17 Jul 2024 22:53:18 GMT\r\ncache-control: public, max-age=82800\r\nage: 46441\r\nlast-modified: Tue, 27 Jun 2023 17:28:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":278,"size_decoded":444,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fe7dd8c3c629cc6e9cd6d3e4d3cbe905","sha1":"59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18","sha256":"5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e","sha512":"1c663e07978d95c838aed54421a9c725d7311b8c002f436b30555affb26c25f6ebecff6af5c54ef112370a36a5f5aadf611304bffe76a59fb3d206e943cf153f","ssdeep":"","tlshash":"eff055bcd2ad4914a608c7017ef8a5174066f0c563cc01ceee81ac69f0614e43a63ade","first_seen":"2023-04-07T08:14:08Z","last_seen":"2026-05-03T16:41:57.827597Z","times_seen":69546,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":53,"dns":1,"connect":7,"send":0,"wait":20,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol312%2Cpid-bodis-gcontrol451%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe\u0026terms=Dark%20Internet%2CDeep%20Internet%2CDeep%20Internet%20Search%2CDark%20Web%20Websites%2COnion%20Websites%2COnion%20Site%20List\u0026kw=Dark%20Internet\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2508980667757858\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266\u0026format=r3\u0026nocache=3261721220438621\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.u66p5mnhvxdbfupd.onion.casa\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1721220438623\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=650230758\u0026rurl=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F2x2eq4nd3x3eq9%2Fgate.php0%3Fsubid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:18.940Z","timestamp":1721220438940,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:54:13 GMT","end":"Mon, 16 Sep 2024 07:54:12 GMT"},"fingerprint":{"sha1":"C4:40:78:7E:BF:F4:0A:6A:4C:F0:04:5E:14:5D:12:24:2E:CB:6A:56","sha256":"37:78:51:A2:80:7E:94:63:E3:6A:1B:2E:6E:F8:FC:87:0B:12:56:EA:4A:EE:02:8F:C3:87:1E:1B:52:CE:86:6C"}}},"request":{"raw":"GET /adsense/domains/caf.js HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Wed, 17 Jul 2024 12:47:18 GMT\r\nexpires: Wed, 17 Jul 2024 12:47:18 GMT\r\ncache-control: private, max-age=3600\r\netag: \"7913296394241002668\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":77281,"size_decoded":200391,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2250)","md5":"4223ad924c068bac9e3b4abc4f30a4e3","sha1":"536378ce402a83e557e2af382586055d77d5b05c","sha256":"ac2f0579d0d49526e161585570229092ef26bdda53b81ed113967816c7f193d1","sha512":"b355701e4e277ee45731abc8525e76ef676bf953734262cd820b6c6588868d4dfa4ff8772e5100ec4b65fe031dc81330f5246a7c1229c6e364a90fe93b9e4d8c","ssdeep":"3072:721UC7p2NelrPL/tX38XqXGTVKiS1ZXRM1:7G7lRL/3XosiSnXa1","tlshash":"50146dcdb2a5b022579394b0903f424fb23aec55e84985f8f089d4e5bcb4da84677f78","first_seen":"2024-07-15T21:05:04Z","last_seen":"2024-08-19T16:51:52.193874Z","times_seen":5,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:19.462709904Z","timestamp":1721220439462,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 17 Jul 2024 12:47:19 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"56f9f417c1cf8a5545a1030146b83dc0","sha1":"e9935575877ba175a9d0443b3dc454ffd659ed19","sha256":"ebde9a601dcb2c80e57679fbbe60752bed3c0f395b107d566c0303cea69950df","sha512":"fb582f73bee35bd06f1f0f61bf1661fc22db2ccdc4aaf0aa8fcf2b6272c7aff146640acbb7dfeefdbe5fa20b5aaeab75f8a4f301c8a462bd6574ddb94c08d26e","ssdeep":"","tlshash":"ddf05c0842b238e10cab88206ae8cc68b820af98401608aa303902934800bca8a8b62d","first_seen":"2024-07-16T18:11:21Z","last_seen":"2024-08-19T16:45:43.517177Z","times_seen":616,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:19.66064913Z","timestamp":1721220439660,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"806921E95846539E7849756068C5AFCD2FB93D1CCBB7604B5D8D18805538FAF5\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20019\r\nExpires: Wed, 17 Jul 2024 18:20:58 GMT\r\nDate: Wed, 17 Jul 2024 12:47:19 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c5fe3e5860e9afb843ae32b8f349f4c7","sha1":"78e8faf3194e82bcb4fed0d89bd1989501dd8d2a","sha256":"806921e95846539e7849756068c5afcd2fb93d1ccbb7604b5d8d18805538faf5","sha512":"1e80d291789f67623d0eb9439be426d1cc104dad8ef2b8232867acbf54cf674da7b86e8f38445b6daf1ed41fa274d5a200b7f506de746d664ed6bc5dcbf98718","ssdeep":"","tlshash":"0ef005c314d3fdc16a5235067cd5d13c1e177eb930c648d435a401c37c51faa92c444c","first_seen":"2024-07-16T00:27:25Z","last_seen":"2024-08-19T16:50:37.2767Z","times_seen":25480,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:19.662989367Z","timestamp":1721220439662,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"806921E95846539E7849756068C5AFCD2FB93D1CCBB7604B5D8D18805538FAF5\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20019\r\nExpires: Wed, 17 Jul 2024 18:20:58 GMT\r\nDate: Wed, 17 Jul 2024 12:47:19 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c5fe3e5860e9afb843ae32b8f349f4c7","sha1":"78e8faf3194e82bcb4fed0d89bd1989501dd8d2a","sha256":"806921e95846539e7849756068c5afcd2fb93d1ccbb7604b5d8d18805538faf5","sha512":"1e80d291789f67623d0eb9439be426d1cc104dad8ef2b8232867acbf54cf674da7b86e8f38445b6daf1ed41fa274d5a200b7f506de746d664ed6bc5dcbf98718","ssdeep":"","tlshash":"0ef005c314d3fdc16a5235067cd5d13c1e177eb930c648d435a401c37c51faa92c444c","first_seen":"2024-07-16T00:27:25Z","last_seen":"2024-08-19T16:50:37.2767Z","times_seen":25480,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-17T12:47:19.664475772Z","timestamp":1721220439664,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"806921E95846539E7849756068C5AFCD2FB93D1CCBB7604B5D8D18805538FAF5\"\r\nLast-Modified: Mon, 15 Jul 2024 20:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=20019\r\nExpires: Wed, 17 Jul 2024 18:20:58 GMT\r\nDate: Wed, 17 Jul 2024 12:47:19 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c5fe3e5860e9afb843ae32b8f349f4c7","sha1":"78e8faf3194e82bcb4fed0d89bd1989501dd8d2a","sha256":"806921e95846539e7849756068c5afcd2fb93d1ccbb7604b5d8d18805538faf5","sha512":"1e80d291789f67623d0eb9439be426d1cc104dad8ef2b8232867acbf54cf674da7b86e8f38445b6daf1ed41fa274d5a200b7f506de746d664ed6bc5dcbf98718","ssdeep":"","tlshash":"0ef005c314d3fdc16a5235067cd5d13c1e177eb930c648d435a401c37c51faa92c444c","first_seen":"2024-07-16T00:27:25Z","last_seen":"2024-08-19T16:50:37.2767Z","times_seen":25480,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=pb4oiceroyb\u0026aqid=Vr2XZs3ZMKOrxdwP18uf0AY\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=145\u0026adbh=481\u0026adbw=700\u0026adbah=153%2C153%2C153\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=650230758\u0026csala=4%7C0%7C333%7C99%7C20\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:20.580Z","timestamp":1721220440580,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:54:13 GMT","end":"Mon, 16 Sep 2024 07:54:12 GMT"},"fingerprint":{"sha1":"C4:40:78:7E:BF:F4:0A:6A:4C:F0:04:5E:14:5D:12:24:2E:CB:6A:56","sha256":"37:78:51:A2:80:7E:94:63:E3:6A:1B:2E:6E:F8:FC:87:0B:12:56:EA:4A:EE:02:8F:C3:87:1E:1B:52:CE:86:6C"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=pb4oiceroyb\u0026aqid=Vr2XZs3ZMKOrxdwP18uf0AY\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=145\u0026adbh=481\u0026adbw=700\u0026adbah=153%2C153%2C153\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=650230758\u0026csala=4%7C0%7C333%7C99%7C20\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.u66p5mnhvxdbfupd.onion.casa/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-7fARu6Rlg_3A7nrCZnDGFQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Wed, 17 Jul 2024 12:47:20 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T16:45:41.565486Z","times_seen":14744586,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=kmkx3o161oxo\u0026aqid=Vr2XZs3ZMKOrxdwP18uf0AY\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=145\u0026adbh=481\u0026adbw=700\u0026adbah=153%2C153%2C153\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=650230758\u0026csala=4%7C0%7C333%7C99%7C20\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:21.082Z","timestamp":1721220441082,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:54:13 GMT","end":"Mon, 16 Sep 2024 07:54:12 GMT"},"fingerprint":{"sha1":"C4:40:78:7E:BF:F4:0A:6A:4C:F0:04:5E:14:5D:12:24:2E:CB:6A:56","sha256":"37:78:51:A2:80:7E:94:63:E3:6A:1B:2E:6E:F8:FC:87:0B:12:56:EA:4A:EE:02:8F:C3:87:1E:1B:52:CE:86:6C"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=kmkx3o161oxo\u0026aqid=Vr2XZs3ZMKOrxdwP18uf0AY\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=145\u0026adbh=481\u0026adbw=700\u0026adbah=153%2C153%2C153\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=650230758\u0026csala=4%7C0%7C333%7C99%7C20\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.u66p5mnhvxdbfupd.onion.casa/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-sDhYq-Z-gm6GIsZKap_pTg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Wed, 17 Jul 2024 12:47:21 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T16:45:41.565486Z","times_seen":14744586,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww25.u66p5mnhvxdbfupd.onion.casa/2x2eq4nd3x3eq9/gate.php0?subid1=20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:18.344Z","timestamp":1721220438344,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:42:34 GMT","end":"Mon, 16 Sep 2024 07:42:33 GMT"},"fingerprint":{"sha1":"8C:C2:35:30:95:5A:AF:BF:64:28:C5:B3:AD:C4:92:7D:9F:BF:E7:DA","sha256":"F2:42:9C:D3:51:A7:3D:C2:76:8C:18:D7:75:08:0E:97:74:E2:F6:86:85:0A:F6:9B:93:8C:E0:76:78:FA:54:6A"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026bodis=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww25.u66p5mnhvxdbfupd.onion.casa/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Wed, 17 Jul 2024 12:47:18 GMT\r\nexpires: Wed, 17 Jul 2024 12:47:18 GMT\r\ncache-control: private, max-age=3600\r\netag: \"2614863949395895234\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200175,"size_decoded":200175,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2250)","md5":"314797f47d421b8a6ed100ea88e86c72","sha1":"8ac8e8e853e26d610d814dcc7a5f34b61fa0aa39","sha256":"74fc3ef2920b0582d191017dad0e8a145068ccb1406c395c7eaac4e7c1b4dd02","sha512":"a26597ec70d12cc80f9dd2da15231705b356f12e8c45e8d9ef3084bf8dceec8187857be94f6ca75d91f89db8366aed00eae91703a02426d84362a8564a6be6d7","ssdeep":"3072:t21UC7p2NelrPL/tX38XqXGTVKiS1ZXRM7:tG7lRL/3XosiSnXa7","tlshash":"06146dcdb2a5b022579394b0903f424fb23aec55e84985f8f089d4e5bcb4da84677f78","first_seen":"2024-07-10T19:09:58Z","last_seen":"2024-08-19T17:21:25.008566Z","times_seen":498,"resource_available":true,"data":null}},"time_used":397,"timings":{"blocked":160,"dns":5,"connect":21,"send":0,"wait":34,"receive":37,"ssl":137},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol312%2Cpid-bodis-gcontrol451%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe\u0026terms=Dark%20Internet%2CDeep%20Internet%2CDeep%20Internet%20Search%2CDark%20Web%20Websites%2COnion%20Websites%2COnion%20Site%20List\u0026kw=Dark%20Internet\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2508980667757858\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266\u0026format=r3\u0026nocache=3261721220438621\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.u66p5mnhvxdbfupd.onion.casa\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1721220438623\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=650230758\u0026rurl=http%3A%2F%2Fww25.u66p5mnhvxdbfupd.onion.casa%2F2x2eq4nd3x3eq9%2Fgate.php0%3Fsubid1%3D20240717-2246-3935-b5d8-dc41b5ebbbbe","date":"2024-07-17T12:47:19.110Z","timestamp":1721220439110,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Jun 2024 07:37:56 GMT","end":"Mon, 16 Sep 2024 07:37:55 GMT"},"fingerprint":{"sha1":"7C:4C:89:9D:C0:52:5F:36:7E:51:89:B8:F3:71:B4:81:B3:DF:6F:73","sha256":"61:53:22:E3:2B:E7:7B:AB:69:98:05:CE:24:F1:9F:6A:6C:BB:02:9D:02:B1:1F:18:80:61:26:AD:71:91:5D:65"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Jul 2024 12:00:50 GMT\r\nexpires: Thu, 18 Jul 2024 11:00:50 GMT\r\ncache-control: public, max-age=82800\r\nage: 2789\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":200,"size_decoded":200,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e81eb30a6c5589e7f39436e40b400822","sha1":"ca2513ede010b3db00099335b809ca693c2cd65c","sha256":"055ae1fef3be182534069c718e2dc0ab07d7464bcc3ded19553da07d37333657","sha512":"fb8b473ee7c7165fa72244ba321a554f68dcafab59721806ab6a2a7e3c90cf598d430d7cd01e9221eca87e5b46f0d64742f71249db1a1612f38ebecb1cf16d30","ssdeep":"","tlshash":"0dd022a6e60aec3a480cc2a0cf7c80b111eb70e835c501dcac918b0532285bf3083978","first_seen":"2023-04-30T18:08:53Z","last_seen":"2025-04-06T22:19:00.55069Z","times_seen":9176,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":59,"dns":2,"connect":21,"send":0,"wait":16,"receive":2,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}