| r11.o.lencr.org/ | 23.33.119.27 | | 504 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash30b3296d8601a98376f1d8d787e38d85 b0d3b4fd48e65b90925a60eaece214d4323d990d 600789f1a63878cf615548db70ebc5454666f4ccadd004c8b2c7b9cc75bff5e2
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "600789F1A63878CF615548DB70EBC5454666F4CCADD004C8B2C7B9CC75BFF5E2"
Last-Modified: Mon, 30 Sep 2024 15:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2673
Expires: Tue, 01 Oct 2024 20:01:31 GMT
Date: Tue, 01 Oct 2024 19:16:58 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.33.119.57 | | 504 B |
IP23.33.119.57:0 ASN#20940 Akamai International B.V.
Hash9e96f1dff1bb5e6784958d21556e4a06 d4cb719b5fe9714d59866434ca13c389776a09f3 01b80c0b028333e119cbc3799424875028f0548b6e95d94e7738874c59883c00
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "01B80C0B028333E119CBC3799424875028F0548B6E95D94E7738874C59883C00"
Last-Modified: Mon, 30 Sep 2024 16:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9640
Expires: Tue, 01 Oct 2024 21:57:38 GMT
Date: Tue, 01 Oct 2024 19:16:58 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.33.119.57 | | 504 B |
IP23.33.119.57:0 ASN#20940 Akamai International B.V.
Hasha8901baef26e06d1c6a8d84e9cc7c99d 45039e57582ddc5f8ca1332f81326182633c5e39 a7d111d2a198a732c3607681e4045192bcbcff213cee531c0a90d349605d5306
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A7D111D2A198A732C3607681E4045192BCBCFF213CEE531C0A90D349605D5306"
Last-Modified: Mon, 30 Sep 2024 16:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9728
Expires: Tue, 01 Oct 2024 21:59:06 GMT
Date: Tue, 01 Oct 2024 19:16:58 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.33.119.57 | | 504 B |
IP23.33.119.57:0 ASN#20940 Akamai International B.V.
Hash280abd583680094ddddb480769f3f61b 26caab6dbbf50ba7442d0e3bd1c4a81b5e6d9236 8fc210d2f8ca54ae085b92a142cce3621730daf7a76e83076630e20d18f789cd
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8FC210D2F8CA54AE085B92A142CCE3621730DAF7A76E83076630E20D18F789CD"
Last-Modified: Tue, 01 Oct 2024 04:04:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5962
Expires: Tue, 01 Oct 2024 20:56:20 GMT
Date: Tue, 01 Oct 2024 19:16:58 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.33.119.27 | | 504 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashe94a29d79f60626a0c04bf5adecf2258 8b38a8959331a21f4c202c3d54139034eee6cb17 8b81e61732d078c1bc884788c489b7dc87984cd9079ce381046200eb1701f6e3
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8B81E61732D078C1BC884788C489B7DC87984CD9079CE381046200EB1701F6E3"
Last-Modified: Mon, 30 Sep 2024 17:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13258
Expires: Tue, 01 Oct 2024 22:57:57 GMT
Date: Tue, 01 Oct 2024 19:16:59 GMT
Connection: keep-alive
|
|
| ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 | 199.59.243.227 | 200 OK | 1.2 kB |
URL User Request GET HTTP/1.1ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 IP199.59.243.227:443
CertificateIssuerLet's Encrypt Subjectww25.lyxynyx.com FingerprintF8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA ValidityWed, 31 Jul 2024 15:00:58 GMT - Tue, 29 Oct 2024 15:00:57 GMT
File typeHTML document, ASCII text, with very long lines (450) Hash1a00306a1fd6956db96c4350ad3f85aa f4ea4dc59081e3df69e495ed4196fa9814cc9a40 4164aea2fec785b387a16fac7fd7e244fe93c6620c95278eda24915cbc95fe4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 HTTP/1.1
Host: ww25.lyxynyx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 01 Oct 2024 19:16:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1182
X-Request-Id: 29aaca56-58c7-4528-bf53-ef0f9f7fb5bc
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_AnjUuuCH3VvZe7+K/uRla3ESu5FdzRpFiFPs71esiaZ9sdLJFUrHCbPgYnqXHcR1DhAfG4jx7RmimVFcacLJIQ==
Set-Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc; expires=Tue, 01 Oct 2024 19:31:59 GMT; path=/
Connection: close
|
|
| r11.o.lencr.org/ | 23.33.119.57 | | 504 B |
IP23.33.119.57:0 ASN#20940 Akamai International B.V.
Hashe02ce96999916d86ffd410fc876753f5 cb6bc34ba06c7f4c1f16e3519d23ccfdda8b3f8d 5ab6784e90ad72c024966d75a07a444ae7f880ae487be611925826dc71901d38
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5AB6784E90AD72C024966D75A07A444AE7F880AE487BE611925826DC71901D38"
Last-Modified: Mon, 30 Sep 2024 15:54:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Tue, 01 Oct 2024 20:27:02 GMT
Date: Tue, 01 Oct 2024 19:16:59 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.33.119.57 | | 504 B |
IP23.33.119.57:0 ASN#20940 Akamai International B.V.
Hash5e3f6fc68f86be07d377aea0e7496870 9d1005d0782906dfdfe4217125b907b86a22b530 c6309b6effe12dabaacc99df66e13fba72de8198e5bccf67198400576e3158da
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C6309B6EFFE12DABAACC99DF66E13FBA72DE8198E5BCCF67198400576E3158DA"
Last-Modified: Mon, 30 Sep 2024 16:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15005
Expires: Tue, 01 Oct 2024 23:27:04 GMT
Date: Tue, 01 Oct 2024 19:16:59 GMT
Connection: keep-alive
|
|
| ww25.lyxynyx.com/bYQRsykAs.js | 199.59.243.227 | 200 OK | 34 kB |
URL GET HTTP/1.1ww25.lyxynyx.com/bYQRsykAs.js IP199.59.243.227:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 CertificateIssuerLet's Encrypt Subjectww25.lyxynyx.com FingerprintF8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA ValidityWed, 31 Jul 2024 15:00:58 GMT - Tue, 29 Oct 2024 15:00:57 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (34190) Hashe2ec36d427fa4a992d76c0ee5e8dfd4d 47ec4ace4851c6c3a4fe23ad2c842885f6d973f2 36488e81afcbc4d7018b8764c18032b10be21aa45521c9671fde0cc77f70b2d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bYQRsykAs.js HTTP/1.1
Host: ww25.lyxynyx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50
Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 01 Oct 2024 19:16:59 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 34193
X-Request-Id: 9f5027d0-e29b-4bc1-8b61-a5c69fc80ec4
Set-Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc; expires=Tue, 01 Oct 2024 19:31:59 GMT
Connection: close
|
|
| ww25.lyxynyx.com/_fd?subid1=20241002-0459-4368-8262-86ad75c14a50 | 199.59.243.227 | 200 OK | 5.7 kB |
URL POST HTTP/1.1ww25.lyxynyx.com/_fd?subid1=20241002-0459-4368-8262-86ad75c14a50 IP199.59.243.227:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 CertificateIssuerLet's Encrypt Subjectww25.lyxynyx.com FingerprintF8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA ValidityWed, 31 Jul 2024 15:00:58 GMT - Tue, 29 Oct 2024 15:00:57 GMT
File typeASCII text, with very long lines (5693), with no line terminators Hash8279ef77329b186ef35df8f8e9027b8c 95e60329cbbc7d38b694e7e1faf8a38285cab6b0 0cd2353e02c3ae73007ce22113bf242c602019b66a6cd2ea0f11effbafa4ce2d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_fd?subid1=20241002-0459-4368-8262-86ad75c14a50 HTTP/1.1
Host: ww25.lyxynyx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50
Content-Type: application/json
Origin: https://ww25.lyxynyx.com
DNT: 1
Connection: keep-alive
Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 01 Oct 2024 19:16:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 5693
X-Request-Id: 5a5b4bc1-e06e-40db-a6bc-91764f72e287
Set-Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc; expires=Tue, 01 Oct 2024 19:31:59 GMT
Connection: close
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash5bf2137247d2379eff75842658f0d939 a6958d374a4eab188f1f1334b4a33514d75fdf8e fd88b824c176afac0d0410a5839ec76e85de47eedd7fdc3c4a9c06c2ae3a485b
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Oct 2024 19:16:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/adsense/domains/caf.js?abp=1&bodis=true | 142.250.74.164 | 200 OK | 67 kB |
URL GET HTTP/2www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP142.250.74.164:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 CertificateIssuerGoogle Trust Services Subjectwww.google.com FingerprintA9:76:72:D7:78:A8:1B:25:A7:A2:91:29:BE:43:C3:76:64:C8:3C:67 ValidityMon, 26 Aug 2024 07:15:49 GMT - Mon, 18 Nov 2024 07:15:48 GMT
File typegzip compressed data, max compression Hasheaa0e543c00c592b7cbb3c91e831cde7 f5d9623b455169e730ea19f0f3d52c9ebce105ff 90312097a52b0ea8971192566e7d94e40227fd0935b257dc779f0b5c56cd7efc
GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.lyxynyx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Tue, 01 Oct 2024 19:16:59 GMT
expires: Tue, 01 Oct 2024 19:16:59 GMT
cache-control: private, max-age=3600
etag: "15659848927289336678"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash2363956bdd7c6f2daf6c07f424af9a0b 95012e2aa8fb41a34bca8bb00d9da0de84f056e9 c49d3f4aa2f3c3839216788c84d8cb40d187d9a1cf49712f59d68263191fa4de
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Oct 2024 19:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash0ff9b275ac544a84792117f0ff55daac 550688d56fa990cdd05d9a999e3784516c3fdc3c d0a06176c0ec257d5d868c8c33bd6ad26405475c5747afad22053c1474aa2e2b
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Oct 2024 19:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r11.o.lencr.org/ | 23.33.119.27 | | 504 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hasha89a3804008b9a8783344786e440c111 110f4d546bc339058fcf635a1b517cba6f6852c5 593fff197167891acdadab9e893fe1d07cdeb60b09d6ae5e96123a2818d1d4a0
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "593FFF197167891ACDADAB9E893FE1D07CDEB60B09D6AE5E96123A2818D1D4A0"
Last-Modified: Mon, 30 Sep 2024 16:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8563
Expires: Tue, 01 Oct 2024 21:39:43 GMT
Date: Tue, 01 Oct 2024 19:17:00 GMT
Connection: keep-alive
|
|
| syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108&format=r3&nocache=1241727810220071&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1727810220073&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=678245571&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50 | 172.217.21.174 | 200 OK | 2.8 kB |
URL GET HTTP/2syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108&format=r3&nocache=1241727810220071&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1727810220073&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=678245571&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50 IP172.217.21.174:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintDC:F4:EB:19:22:2A:6E:6B:EF:C2:61:EF:BE:1F:23:CF:7F:69:F5:B2 ValidityMon, 26 Aug 2024 07:24:40 GMT - Mon, 18 Nov 2024 07:24:39 GMT
File typeHTML document, ASCII text, with very long lines (13195) Hash75673a4468063cf0fa77fdacbcf5b44c bfdcf12aeea3c904e7323864b642b8a8c3d1bb03 3a84c98fd50fc880ae1caea0ce693e4a5254f18c0dbb45fd7181540e93e42557
GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108&format=r3&nocache=1241727810220071&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1727810220073&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=678245571&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.lyxynyx.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Tue, 01 Oct 2024 19:17:00 GMT
expires: Tue, 01 Oct 2024 19:17:00 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-XzWxnXglyK3V96FqpHgLhw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash0ff9b275ac544a84792117f0ff55daac 550688d56fa990cdd05d9a999e3784516c3fdc3c d0a06176c0ec257d5d868c8c33bd6ad26405475c5747afad22053c1474aa2e2b
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Oct 2024 19:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash71b3577a6975159c240233c31375d689 45158107ebeed19e88e29304af8f16e13f2fa55d 8c40b282a30cd3d4e847d04374e318d8607b9b8662f7050d30313ccc7f679bc2
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Oct 2024 19:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b | 142.250.74.97 | 200 OK | 174 B |
URL GET HTTP/2afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b IP142.250.74.97:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108&format=r3&nocache=1241727810220071&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1727810220073&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=678245571&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50 CertificateIssuerGoogle Trust Services Subject*.googleusercontent.com Fingerprint3F:8C:C0:AD:01:C9:F8:FA:75:FE:BA:A4:43:75:E4:C9:60:2C:CF:A6 ValidityMon, 26 Aug 2024 07:12:09 GMT - Mon, 18 Nov 2024 07:12:08 GMT
File typeSVG Scalable Vector Graphics image Hashd47125b2ba92be53dcff07ba322ce1de e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28 5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Oct 2024 08:05:55 GMT
expires: Wed, 02 Oct 2024 07:05:55 GMT
cache-control: public, max-age=82800
age: 40265
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| syndicatedsearch.goog/adsense/domains/caf.js | 172.217.21.174 | 200 OK | 56 kB |
URL GET HTTP/3syndicatedsearch.goog/adsense/domains/caf.js IP172.217.21.174:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108&format=r3&nocache=1241727810220071&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1727810220073&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=678245571&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintDC:F4:EB:19:22:2A:6E:6B:EF:C2:61:EF:BE:1F:23:CF:7F:69:F5:B2 ValidityMon, 26 Aug 2024 07:24:40 GMT - Mon, 18 Nov 2024 07:24:39 GMT
File typegzip compressed data, max compression Hash86241e32682b9f56d5d41e03e39fcd9b 6753f44b0a11144698d41f66bb4db73940489b0e a3ccdf65b05a78199b955b6d1b69d2753fcee3e18cf07de6ade371b7064b5b38
GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Tue, 01 Oct 2024 19:17:00 GMT
expires: Tue, 01 Oct 2024 19:17:00 GMT
cache-control: private, max-age=3600
etag: "8562013625026226936"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ww25.lyxynyx.com/_tr | 199.59.243.227 | 200 OK | 2 B |
IP199.59.243.227:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 CertificateIssuerLet's Encrypt Subjectww25.lyxynyx.com FingerprintF8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA ValidityWed, 31 Jul 2024 15:00:58 GMT - Tue, 29 Oct 2024 15:00:57 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_tr HTTP/1.1
Host: ww25.lyxynyx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50
Content-Type: application/json
Content-Length: 1945
Origin: https://ww25.lyxynyx.com
DNT: 1
Connection: keep-alive
Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 01 Oct 2024 19:17:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
X-Request-Id: 201f6dcd-3d82-4212-886f-d67f622c8300
Set-Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc; expires=Tue, 01 Oct 2024 19:32:00 GMT
Connection: close
|
|
| afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff | 142.250.74.97 | 200 OK | 278 B |
URL GET HTTP/2afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff IP142.250.74.97:443
Requested byhttps://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108&format=r3&nocache=1241727810220071&num=0&output=afd_ads&domain_name=ww25.lyxynyx.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1727810220073&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=678245571&rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50 CertificateIssuerGoogle Trust Services Subject*.googleusercontent.com Fingerprint3F:8C:C0:AD:01:C9:F8:FA:75:FE:BA:A4:43:75:E4:C9:60:2C:CF:A6 ValidityMon, 26 Aug 2024 07:12:09 GMT - Mon, 18 Nov 2024 07:12:08 GMT
File typeSVG Scalable Vector Graphics image Hashfe7dd8c3c629cc6e9cd6d3e4d3cbe905 59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18 5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Oct 2024 05:34:32 GMT
expires: Wed, 02 Oct 2024 04:34:32 GMT
cache-control: public, max-age=82800
age: 49348
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash71b3577a6975159c240233c31375d689 45158107ebeed19e88e29304af8f16e13f2fa55d 8c40b282a30cd3d4e847d04374e318d8607b9b8662f7050d30313ccc7f679bc2
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Oct 2024 19:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r11.o.lencr.org/ | 23.33.119.27 | | 504 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash8effaf713ecfaf968a658e5727aa9938 2229078c48d23c1b17803a1e501bf6410c3522c9 672455d99075a4581ae850704b23720ba3b94691e1038b939a5165a3b274d7f9
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "672455D99075A4581AE850704B23720BA3B94691E1038B939A5165A3B274D7F9"
Last-Modified: Mon, 30 Sep 2024 15:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12097
Expires: Tue, 01 Oct 2024 22:38:38 GMT
Date: Tue, 01 Oct 2024 19:17:01 GMT
Connection: keep-alive
|
|
| syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=72kakxh7xgdo&aqid=rEr8ZtKZDsGtxdwP85HI4A0&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=678245571&csala=5%7C0%7C374%7C67%7C13&lle=0&ifv=1&hpt=0 | 172.217.21.174 | 204 No Content | 0 B |
URL GET HTTP/3syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=72kakxh7xgdo&aqid=rEr8ZtKZDsGtxdwP85HI4A0&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=678245571&csala=5%7C0%7C374%7C67%7C13&lle=0&ifv=1&hpt=0 IP172.217.21.174:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintDC:F4:EB:19:22:2A:6E:6B:EF:C2:61:EF:BE:1F:23:CF:7F:69:F5:B2 ValidityMon, 26 Aug 2024 07:24:40 GMT - Mon, 18 Nov 2024 07:24:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=72kakxh7xgdo&aqid=rEr8ZtKZDsGtxdwP85HI4A0&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=678245571&csala=5%7C0%7C374%7C67%7C13&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.lyxynyx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-njJnnIn_1OIylT49eQxa8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Tue, 01 Oct 2024 19:17:02 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=2bv5rtfajbyc&aqid=rEr8ZtKZDsGtxdwP85HI4A0&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=678245571&csala=5%7C0%7C374%7C67%7C13&lle=0&ifv=1&hpt=0 | 172.217.21.174 | 204 No Content | 0 B |
URL GET HTTP/3syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=2bv5rtfajbyc&aqid=rEr8ZtKZDsGtxdwP85HI4A0&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=678245571&csala=5%7C0%7C374%7C67%7C13&lle=0&ifv=1&hpt=0 IP172.217.21.174:443
Requested byhttps://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 CertificateIssuerGoogle Trust Services Subjectsyndicatedsearch.goog FingerprintDC:F4:EB:19:22:2A:6E:6B:EF:C2:61:EF:BE:1F:23:CF:7F:69:F5:B2 ValidityMon, 26 Aug 2024 07:24:40 GMT - Mon, 18 Nov 2024 07:24:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=2bv5rtfajbyc&aqid=rEr8ZtKZDsGtxdwP85HI4A0&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=678245571&csala=5%7C0%7C374%7C67%7C13&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww25.lyxynyx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-TDpab4EkzxjGcXAsxB_S8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Tue, 01 Oct 2024 19:17:02 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2024-11-02-12-44-24.chain; p384ecdsa=Z0T6F7DJhXZgf08XOZi2xNByERijrtvhf26i7kR_fQfGgkU725r9-WEvAXCxlmb5XnhIcpf2Y2oYZspQUUt64waU9j2spRfqbJJ0M5GhSLRb5dbetXDs4kT89KAfAxxH
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Tue, 01 Oct 2024 19:17:10 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 8
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|