{"report_id":"edabcb06-ab51-4a61-aa8b-8c1c20fc6c20","version":6,"status":"done","tags":[],"date":"2024-10-01T19:17:24Z","url":{"schema":"http","addr":"ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","fqdn":"ww25.lyxynyx.com","domain":"lyxynyx.com","tld":"com"},"ip":{"addr":"199.59.243.227","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","fqdn":"ww25.lyxynyx.com","domain":"lyxynyx.com","tld":"com"},"title":"lyxynyx.com"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-13T10:45:54Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.google.com","ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10 13:11:19","last_seen":"2024-09-30 04:32:43","alert_count":0,"request_count":1,"received_data":67528,"sent_data":429,"comment":"","tags":null,"fingerprints":null},{"fqdn":"syndicatedsearch.goog","ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":0,"first_seen":"2023-09-25 11:30:59","last_seen":"2024-10-01 06:31:50","alert_count":0,"request_count":4,"received_data":61420,"sent_data":3198,"comment":"","tags":null,"fingerprints":null},{"fqdn":"afs.googleusercontent.com","ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":12123,"first_seen":"2013-05-06 21:11:00","last_seen":"2024-10-01 07:32:48","alert_count":0,"request_count":2,"received_data":2094,"sent_data":991,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aus5.mozilla.org","ip":{"addr":"35.244.181.201","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"1998-01-24","domain_rank":2548,"first_seen":"2015-10-27 08:06:24","last_seen":"2024-09-30 18:12:37","alert_count":0,"request_count":1,"received_data":1217,"sent_data":512,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-09-30 18:12:04","alert_count":0,"request_count":5,"received_data":4437,"sent_data":1635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-30 18:12:17","alert_count":0,"request_count":4,"received_data":3549,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ww25.lyxynyx.com","ip":{"addr":"199.59.243.227","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-12-14","domain_rank":0,"first_seen":"2023-12-15 10:16:18","last_seen":"2024-09-26 19:08:09","alert_count":4,"request_count":4,"received_data":42658,"sent_data":2303,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-09-30 18:17:06","alert_count":0,"request_count":6,"received_data":4197,"sent_data":1950,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-01","alert":"Sinkholed","trigger":"lyxynyx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-01","alert":"Sinkholed","trigger":"lyxynyx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-01","alert":"Sinkholed","trigger":"lyxynyx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-01","alert":"Sinkholed","trigger":"lyxynyx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8e117e57b074305a5be0f970cfc15d7","sha1":"90cfe97f30817be47aff8c418c29745dd871cd72","sha256":"20ad61ebb112173ada6ac94516a8902133fb1c59a3aa5c5c886fabfbbc005e85","sha512":"fe2e5880d3bcb267b3602757bfdff7e94b31dd5ab8dedb9190f32bc7f7431e659783d03e2749f073d2ab7d7d3a8aab4bf423834aa3305ef68933477aba9753a1","ssdeep":"1536:bni6+zNKofjr9PyfpK7fDH+7pSU6GZvu85pistHWvR3+2xwHzgmcfpUWgQABuucP:7qM7vptHWpu22H9dBuDj3dmChm9Abj","tlshash":"12e35cdd77a5302253a394b4603f118fb13af895e80889b4b198c4e47cb8da95277fbd","size":153197,"data":"","first_seen":"2024-09-26T22:18:35Z","last_seen":"2024-10-04T11:29:48.875918Z","times_seen":235,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3\u0026nocache=1241727810220071\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.lyxynyx.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1727810220073\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=678245571\u0026rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"38790b9856cc042d4da379d48ec7b601","sha1":"18b5a61d0236155b0aedc940674639d496a29f22","sha256":"53bb47b39653fc74a1326e8d0afa96fab8f337c2749bbce8fc5994fec616fb93","sha512":"3a57a5c6b5fd8f822ff4fcd6d4407123df0c0d1d01839f32bb176ff722762966e36b87b3f8733da68f915aa5f049d33a18b7ee449c565e3efe89a8ec32352985","ssdeep":"","tlshash":"69f099992d644232c86700325e4a3fd1549d197023872549a41df89a207deaf62290fb","size":633,"data":"","first_seen":"2024-10-04T10:45:56.937322Z","last_seen":"2024-10-04T10:45:56.937322Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"04699b09746829d152a63302f9f5e337","sha1":"93d6ed46dab19c874bca83201d11b21666aa1ffd","sha256":"723a981ef7482d5299ea2fd6449ab1a3af57f0f593617df9e87962419e3b6b6f","sha512":"47f6ee14857dcaa66b15f97cb0857328e4700877f09f680f3dd68b4efd8697d7de8c57c28aaf2b08c2e86b44734b8994884f7722ec44b23cc9efceb912908374","ssdeep":"1536:9ni6+zNKofjr9PyfpK7fDH+7pSU6GZvu85pistHWvR3+2xwHzgmcfpUWgQABuucP:VqM7vptHWpu22H9dBuDj3dmChm9Abj","tlshash":"36e35cdd77a5302253a394b4603f118fb13af895e80889b4b198c4e47cb8da95277fbd","size":153223,"data":"","first_seen":"2024-09-27T03:07:56Z","last_seen":"2024-10-04T11:27:10.337309Z","times_seen":231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","fqdn":"ww25.lyxynyx.com","domain":"lyxynyx.com","tld":"com"},"ip":{"addr":"199.59.243.227","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7f8a541cf328eb792ffa6ec90895e0c0","sha1":"e9e0d3f73b0ffa66dd29a7c41364ed54b048b4f7","sha256":"f6405f61d9ec0b004effc40b0149f74d91c6f630dcaf50ccd7a5332145f80b6e","sha512":"09ce54355b69d88e7f3d6dba04707b726ecbfc1aae639d0e364f6c3d853737af492ded2aba337a5e1d28daf83a6b8ae7a0a54e399ce5c2a8066411efd66fa1fd","ssdeep":"","tlshash":"b8e0a358a32a3e4de032a176817e1e9edfc160c51883d909f64b0c876945b9e14dda6f","size":435,"data":"","first_seen":"2024-10-04T10:45:56.938646Z","last_seen":"2024-10-04T10:45:56.938646Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww25.lyxynyx.com/bYQRsykAs.js","fqdn":"ww25.lyxynyx.com","domain":"lyxynyx.com","tld":"com"},"ip":{"addr":"199.59.243.227","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e2ec36d427fa4a992d76c0ee5e8dfd4d","sha1":"47ec4ace4851c6c3a4fe23ad2c842885f6d973f2","sha256":"36488e81afcbc4d7018b8764c18032b10be21aa45521c9671fde0cc77f70b2d8","sha512":"d1ae29d19f65ce74b9b480c82b87315634ec2e96d199f5feb423918af9ad6e24c8b436e03904d452f71562f04c42acbb250256eed73bcd592a79c08911c74976","ssdeep":"768:TP2yt3VcbMnnZNdxBB5gPi0w8rnaVG4xYEb0Ddem+euROvvMzLXWI+6Ch75BGJ21:VnCrnSG4xYEzRLm","tlshash":"4ce22ab23af7e0604ae2c1dae4775215f638620a3405d06cf96c88ce365ae47d73ab75","size":34193,"data":"","first_seen":"2024-08-28T21:05:13Z","last_seen":"2024-10-11T09:19:45.766669Z","times_seen":8910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:16:58.453317492Z","timestamp":1727810218453,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"600789F1A63878CF615548DB70EBC5454666F4CCADD004C8B2C7B9CC75BFF5E2\"\r\nLast-Modified: Mon, 30 Sep 2024 15:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2673\r\nExpires: Tue, 01 Oct 2024 20:01:31 GMT\r\nDate: Tue, 01 Oct 2024 19:16:58 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"30b3296d8601a98376f1d8d787e38d85","sha1":"b0d3b4fd48e65b90925a60eaece214d4323d990d","sha256":"600789f1a63878cf615548db70ebc5454666f4ccadd004c8b2c7b9cc75bff5e2","sha512":"cdcfd9cb492a6f679a261df6dbcba864c8b7befe80c16e22f1df2a9c35676157dad2d63db807513bc1f1e303989115d487a15d674e61aad7549f906912c08978","ssdeep":"","tlshash":"8af00590192a68548f93003d9ee6c67b3b3619b910455c5234d047b9ad51f6d9d185d8","first_seen":"2024-10-01T04:05:34Z","last_seen":"2024-10-04T10:54:11.420598Z","times_seen":385,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:16:58.464332589Z","timestamp":1727810218464,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"01B80C0B028333E119CBC3799424875028F0548B6E95D94E7738874C59883C00\"\r\nLast-Modified: Mon, 30 Sep 2024 16:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9640\r\nExpires: Tue, 01 Oct 2024 21:57:38 GMT\r\nDate: Tue, 01 Oct 2024 19:16:58 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"9e96f1dff1bb5e6784958d21556e4a06","sha1":"d4cb719b5fe9714d59866434ca13c389776a09f3","sha256":"01b80c0b028333e119cbc3799424875028f0548b6e95d94e7738874c59883c00","sha512":"3ab309c4b80d9e69c081633145fa80a7d73238361c636c7108595d02a163431f3dce035cfa91a385e10e55e8f0a892aefc28a9606ce44360e0b111eb2258ebfc","ssdeep":"","tlshash":"3ff005f517f37951cee504693c78dc26ad20ad7b302081a100dc0575be307a51585614","first_seen":"2024-10-01T00:52:59Z","last_seen":"2024-10-04T10:55:33.953042Z","times_seen":13976,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:16:58.619681811Z","timestamp":1727810218619,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A7D111D2A198A732C3607681E4045192BCBCFF213CEE531C0A90D349605D5306\"\r\nLast-Modified: Mon, 30 Sep 2024 16:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9728\r\nExpires: Tue, 01 Oct 2024 21:59:06 GMT\r\nDate: Tue, 01 Oct 2024 19:16:58 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"a8901baef26e06d1c6a8d84e9cc7c99d","sha1":"45039e57582ddc5f8ca1332f81326182633c5e39","sha256":"a7d111d2a198a732c3607681e4045192bcbcff213cee531c0a90d349605d5306","sha512":"200d0316d3b204baf873dffdd06b6771b6b6a05e1006dcd6e450f5b03c8e5f61c8c007a97a92c27df8c32229a8ca4ae5fb7a458d89d32a173f2d959d5100147a","ssdeep":"","tlshash":"6df005fe17d4a9041db5487e2970d600ae215dfe3910859168888f936510fec794c048","first_seen":"2024-09-30T22:46:05Z","last_seen":"2024-10-04T10:56:28.422104Z","times_seen":13305,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:16:58.925016048Z","timestamp":1727810218925,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"8FC210D2F8CA54AE085B92A142CCE3621730DAF7A76E83076630E20D18F789CD\"\r\nLast-Modified: Tue, 01 Oct 2024 04:04:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5962\r\nExpires: Tue, 01 Oct 2024 20:56:20 GMT\r\nDate: Tue, 01 Oct 2024 19:16:58 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"280abd583680094ddddb480769f3f61b","sha1":"26caab6dbbf50ba7442d0e3bd1c4a81b5e6d9236","sha256":"8fc210d2f8ca54ae085b92a142cce3621730daf7a76e83076630e20d18f789cd","sha512":"7236160d9b481476ca6bb2f2550257de7eb83ce78b751d19d849af4232efe9a140c65a86a60b1a669c2d02ccaf3a425b09fb4135d5a18799b871809211f670d9","ssdeep":"","tlshash":"3af005c38a717a91d67248727cb6e4269d113ea53c1017c93af003d6e811b6c474492c","first_seen":"2024-10-01T16:14:03Z","last_seen":"2024-10-04T10:48:29.91923Z","times_seen":3259,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:16:59.044939329Z","timestamp":1727810219044,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"8B81E61732D078C1BC884788C489B7DC87984CD9079CE381046200EB1701F6E3\"\r\nLast-Modified: Mon, 30 Sep 2024 17:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13258\r\nExpires: Tue, 01 Oct 2024 22:57:57 GMT\r\nDate: Tue, 01 Oct 2024 19:16:59 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e94a29d79f60626a0c04bf5adecf2258","sha1":"8b38a8959331a21f4c202c3d54139034eee6cb17","sha256":"8b81e61732d078c1bc884788c489b7dc87984cd9079ce381046200eb1701f6e3","sha512":"372f45b76838aa652811cba2c428d6ef0e0db182c60856c9fb536a4ee2434ba131270c3eae6b6ea3899af7a665a2971a179fb57d1bfaf7934934e41a4599155d","ssdeep":"","tlshash":"93f00ee62be8fa927d3c513e59a89a3a2d30fc9e6487806500c547f62d217a2190288d","first_seen":"2024-09-30T20:25:54Z","last_seen":"2024-10-04T10:57:20.962803Z","times_seen":70,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","fqdn":"ww25.lyxynyx.com","domain":"lyxynyx.com","tld":"com"},"ip":{"addr":"199.59.243.227","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-10-01T19:16:58.930Z","timestamp":1727810218930,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww25.lyxynyx.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Jul 2024 15:00:58 GMT","end":"Tue, 29 Oct 2024 15:00:57 GMT"},"fingerprint":{"sha1":"F8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA","sha256":"E4:60:2F:01:10:A6:7D:1F:47:05:15:01:75:98:DD:3F:0B:7C:5A:7A:F7:B7:C2:8C:5A:31:8D:75:A9:2F:1C:4F"}}},"request":{"raw":"GET /login.php?subid1=20241002-0459-4368-8262-86ad75c14a50 HTTP/1.1\r\nHost: ww25.lyxynyx.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 01 Oct 2024 19:16:58 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 1182\r\nX-Request-Id: 29aaca56-58c7-4528-bf53-ef0f9f7fb5bc\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: sec-ch-prefers-color-scheme\r\nCritical-Ch: sec-ch-prefers-color-scheme\r\nVary: sec-ch-prefers-color-scheme\r\nX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_AnjUuuCH3VvZe7+K/uRla3ESu5FdzRpFiFPs71esiaZ9sdLJFUrHCbPgYnqXHcR1DhAfG4jx7RmimVFcacLJIQ==\r\nSet-Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc; expires=Tue, 01 Oct 2024 19:31:59 GMT; path=/\r\nConnection: close\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1182,"size_decoded":1182,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (450)","md5":"1a00306a1fd6956db96c4350ad3f85aa","sha1":"f4ea4dc59081e3df69e495ed4196fa9814cc9a40","sha256":"4164aea2fec785b387a16fac7fd7e244fe93c6620c95278eda24915cbc95fe4a","sha512":"5061cd1f75d52ec2bd42faed0cde3283fb9d2d3194b542a02b3af3c92370459805d848b739088250be64eceb5ab053f4f302e94afc0c0415028301a0227fea0f","ssdeep":"","tlshash":"89210a2111266e0fb0b181b144b8a60ccd0633cd12c2dc44becdc4bb69c4bd5b86e7dd","first_seen":"2024-10-04T10:45:56.918179Z","last_seen":"2024-10-04T10:45:56.918179Z","times_seen":1,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":144,"dns":1,"connect":1,"send":0,"wait":38,"receive":2,"ssl":141},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-01","alert":"Sinkholed","trigger":"lyxynyx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:16:59.313644337Z","timestamp":1727810219313,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5AB6784E90AD72C024966D75A07A444AE7F880AE487BE611925826DC71901D38\"\r\nLast-Modified: Mon, 30 Sep 2024 15:54:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4203\r\nExpires: Tue, 01 Oct 2024 20:27:02 GMT\r\nDate: Tue, 01 Oct 2024 19:16:59 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e02ce96999916d86ffd410fc876753f5","sha1":"cb6bc34ba06c7f4c1f16e3519d23ccfdda8b3f8d","sha256":"5ab6784e90ad72c024966d75a07a444ae7f880ae487be611925826dc71901d38","sha512":"f25aa0b510951cd57a835ce800bb5e915ec81366f7588603f016f60617300760bd84423fd47c341bc49155005e4579689dc31844cff7e50728fb13b2582c898d","ssdeep":"","tlshash":"a0f054c40a55ad003720046b88eae0ba3e7554ff28b611a1259843f1ba22bd5300885d","first_seen":"2024-10-01T04:38:26Z","last_seen":"2024-10-04T10:54:01.28683Z","times_seen":237,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:16:59.489137579Z","timestamp":1727810219489,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"C6309B6EFFE12DABAACC99DF66E13FBA72DE8198E5BCCF67198400576E3158DA\"\r\nLast-Modified: Mon, 30 Sep 2024 16:16:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=15005\r\nExpires: Tue, 01 Oct 2024 23:27:04 GMT\r\nDate: Tue, 01 Oct 2024 19:16:59 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"5e3f6fc68f86be07d377aea0e7496870","sha1":"9d1005d0782906dfdfe4217125b907b86a22b530","sha256":"c6309b6effe12dabaacc99df66e13fba72de8198e5bccf67198400576e3158da","sha512":"f17cb1328d90e400486a80cd51087a3458e5b95221b4b7aaeb1bcd7324116db5ba9cac4eca03cceae3ba85cc0109096f0749e39c347ccb8d39eb5f5a3103f8be","ssdeep":"","tlshash":"2df00ea21b99ad12b8e014562db5c868af342aa9281087e138f44ee63a64be9045564c","first_seen":"2024-10-01T07:57:06Z","last_seen":"2024-10-04T10:52:52.057491Z","times_seen":9948,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww25.lyxynyx.com/bYQRsykAs.js","fqdn":"ww25.lyxynyx.com","domain":"lyxynyx.com","tld":"com"},"ip":{"addr":"199.59.243.227","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","date":"2024-10-01T19:16:59.501Z","timestamp":1727810219501,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww25.lyxynyx.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Jul 2024 15:00:58 GMT","end":"Tue, 29 Oct 2024 15:00:57 GMT"},"fingerprint":{"sha1":"F8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA","sha256":"E4:60:2F:01:10:A6:7D:1F:47:05:15:01:75:98:DD:3F:0B:7C:5A:7A:F7:B7:C2:8C:5A:31:8D:75:A9:2F:1C:4F"}}},"request":{"raw":"GET /bYQRsykAs.js HTTP/1.1\r\nHost: ww25.lyxynyx.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50\r\nCookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 01 Oct 2024 19:16:59 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 34193\r\nX-Request-Id: 9f5027d0-e29b-4bc1-8b61-a5c69fc80ec4\r\nSet-Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc; expires=Tue, 01 Oct 2024 19:31:59 GMT\r\nConnection: close\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34193,"size_decoded":34193,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (34190)","md5":"e2ec36d427fa4a992d76c0ee5e8dfd4d","sha1":"47ec4ace4851c6c3a4fe23ad2c842885f6d973f2","sha256":"36488e81afcbc4d7018b8764c18032b10be21aa45521c9671fde0cc77f70b2d8","sha512":"d1ae29d19f65ce74b9b480c82b87315634ec2e96d199f5feb423918af9ad6e24c8b436e03904d452f71562f04c42acbb250256eed73bcd592a79c08911c74976","ssdeep":"768:TP2yt3VcbMnnZNdxBB5gPi0w8rnaVG4xYEb0Ddem+euROvvMzLXWI+6Ch75BGJ21:VnCrnSG4xYEzRLm","tlshash":"4ce22ab23af7e0604ae2c1dae4775215f638620a3405d06cf96c88ce365ae47d73ab75","first_seen":"2024-08-28T21:05:13Z","last_seen":"2024-10-11T09:19:45.766669Z","times_seen":8910,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":84,"dns":1,"connect":1,"send":0,"wait":39,"receive":2,"ssl":80},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-01","alert":"Sinkholed","trigger":"lyxynyx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww25.lyxynyx.com/_fd?subid1=20241002-0459-4368-8262-86ad75c14a50","fqdn":"ww25.lyxynyx.com","domain":"lyxynyx.com","tld":"com"},"ip":{"addr":"199.59.243.227","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","date":"2024-10-01T19:16:59.651Z","timestamp":1727810219651,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww25.lyxynyx.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Jul 2024 15:00:58 GMT","end":"Tue, 29 Oct 2024 15:00:57 GMT"},"fingerprint":{"sha1":"F8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA","sha256":"E4:60:2F:01:10:A6:7D:1F:47:05:15:01:75:98:DD:3F:0B:7C:5A:7A:F7:B7:C2:8C:5A:31:8D:75:A9:2F:1C:4F"}}},"request":{"raw":"POST /_fd?subid1=20241002-0459-4368-8262-86ad75c14a50 HTTP/1.1\r\nHost: ww25.lyxynyx.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50\r\nContent-Type: application/json\r\nOrigin: https://ww25.lyxynyx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 01 Oct 2024 19:16:59 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 5693\r\nX-Request-Id: 5a5b4bc1-e06e-40db-a6bc-91764f72e287\r\nSet-Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc; expires=Tue, 01 Oct 2024 19:31:59 GMT\r\nConnection: close\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5693,"size_decoded":5693,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with very long lines (5693), with no line terminators","md5":"8279ef77329b186ef35df8f8e9027b8c","sha1":"95e60329cbbc7d38b694e7e1faf8a38285cab6b0","sha256":"0cd2353e02c3ae73007ce22113bf242c602019b66a6cd2ea0f11effbafa4ce2d","sha512":"f82059b0e2cc1822469e7686c64c0f436ea05df20e07dab79be5acead5828749c1a44ac0e45a8bfe72ee69f23590f4b786e1e8c971b21b0a1255a215e211ab47","ssdeep":"96:N996bOIMmgDQ6hYEm9ClZcohUGJ2ITTAwSYbQ3tvXChMj:t6bWFDQ6hCCDdzNnq53tv6A","tlshash":"8cc1dbea8e493d5bdb535607a4ce03ea074f8a7e3276626d558fc608861d50f74d022f","first_seen":"2024-10-04T10:45:56.922321Z","last_seen":"2024-10-04T10:45:56.922321Z","times_seen":1,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":82,"dns":1,"connect":1,"send":0,"wait":44,"receive":1,"ssl":75},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-01","alert":"Sinkholed","trigger":"lyxynyx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:16:59.944006161Z","timestamp":1727810219944,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 01 Oct 2024 19:16:59 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"5bf2137247d2379eff75842658f0d939","sha1":"a6958d374a4eab188f1f1334b4a33514d75fdf8e","sha256":"fd88b824c176afac0d0410a5839ec76e85de47eedd7fdc3c4a9c06c2ae3a485b","sha512":"4f07d3322814910768bc6e1cba7823026be7aaff71b1ec490b7f4f224c795dfe2a381ecb4fbc3c5914a5662bf9a7c0a4dd18cbbae00c473936501c21e7df9c10","ssdeep":"","tlshash":"48f0230497a578f99c790c10fdbce9f966ae9957505c07466175c2a0805277c14182b4","first_seen":"2024-10-01T18:11:50Z","last_seen":"2024-10-04T10:47:30.500641Z","times_seen":688,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026bodis=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","date":"2024-10-01T19:16:59.830Z","timestamp":1727810219830,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Aug 2024 07:15:49 GMT","end":"Mon, 18 Nov 2024 07:15:48 GMT"},"fingerprint":{"sha1":"A9:76:72:D7:78:A8:1B:25:A7:A2:91:29:BE:43:C3:76:64:C8:3C:67","sha256":"F3:24:9C:29:25:40:A8:F2:F3:02:12:1C:B7:8D:F5:75:97:A1:7F:90:09:BE:DD:64:8E:3B:EF:D2:88:9F:DA:ED"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026bodis=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww25.lyxynyx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Tue, 01 Oct 2024 19:16:59 GMT\r\nexpires: Tue, 01 Oct 2024 19:16:59 GMT\r\ncache-control: private, max-age=3600\r\netag: \"15659848927289336678\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":66686,"size_decoded":66686,"mime_type":"text/javascript; charset=UTF-8","magic":"gzip compressed data, max compression","md5":"eaa0e543c00c592b7cbb3c91e831cde7","sha1":"f5d9623b455169e730ea19f0f3d52c9ebce105ff","sha256":"90312097a52b0ea8971192566e7d94e40227fd0935b257dc779f0b5c56cd7efc","sha512":"a5a7ea6795f4a778757c344c2df0d963a98af9bff88ccdaffa4c7f563039747e51f2a7caadbbd09a1aa3cd27ba5e755863d2f890c40f02758938bee64bc14f35","ssdeep":"1536:3k3xXA0miXJKHBOxJnFnTL8JGtG+ijAaQuO6:3k3xQ7XHBEjnTL8JGtK","tlshash":"2253d01ed3b024d08af55a4391ccbfaaaf2867b19045eedc36ca6e4cc13e615d135d43","first_seen":"2024-10-04T10:45:56.925295Z","last_seen":"2024-10-04T10:45:56.925295Z","times_seen":1,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":114,"dns":2,"connect":21,"send":0,"wait":44,"receive":0,"ssl":91},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:17:00.098743372Z","timestamp":1727810220098,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 01 Oct 2024 19:17:00 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"2363956bdd7c6f2daf6c07f424af9a0b","sha1":"95012e2aa8fb41a34bca8bb00d9da0de84f056e9","sha256":"c49d3f4aa2f3c3839216788c84d8cb40d187d9a1cf49712f59d68263191fa4de","sha512":"3523d7e9f6931f78c7bd379f06355ee457ec87ef29d615921df29ee6255177a85e5cb2fcec8c0369d356de800deecc09daf9e1c74f90510641372be45ede58b5","ssdeep":"","tlshash":"2df05450173efc678a29000136daf5f5a8340aef244c654561b8005028857993485b15","first_seen":"2024-09-30T18:12:59Z","last_seen":"2024-10-04T10:58:24.024303Z","times_seen":676,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:17:00.180815597Z","timestamp":1727810220180,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 01 Oct 2024 19:17:00 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"0ff9b275ac544a84792117f0ff55daac","sha1":"550688d56fa990cdd05d9a999e3784516c3fdc3c","sha256":"d0a06176c0ec257d5d868c8c33bd6ad26405475c5747afad22053c1474aa2e2b","sha512":"fad2d4dd5dbc6d5cc07e9d20757ebbd2505e52903eeb487339782fb96af7d2f29cbb07460253de41456d9cf7acf804c43a10ee51a20cda3c99d890db16ec50b1","ssdeep":"","tlshash":"58f05c8913fe3124ec808c84323ce3052830afb20c0c6419307ea0a13bc9b2aa600ba1","first_seen":"2024-09-30T19:16:24Z","last_seen":"2024-10-04T10:57:52.509043Z","times_seen":344,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:17:00.185212425Z","timestamp":1727810220185,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"593FFF197167891ACDADAB9E893FE1D07CDEB60B09D6AE5E96123A2818D1D4A0\"\r\nLast-Modified: Mon, 30 Sep 2024 16:17:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8563\r\nExpires: Tue, 01 Oct 2024 21:39:43 GMT\r\nDate: Tue, 01 Oct 2024 19:17:00 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"a89a3804008b9a8783344786e440c111","sha1":"110f4d546bc339058fcf635a1b517cba6f6852c5","sha256":"593fff197167891acdadab9e893fe1d07cdeb60b09d6ae5e96123a2818d1d4a0","sha512":"4db9f8952e9859c31aa2ac1aeb208e3c73d5e36be6e733e6aa76aa7291899d18daffea51d0a4c2cce788ee8511c9cac1e16a84f81c43f1174f57953c19fab731","ssdeep":"","tlshash":"3cf0054d15d564405ef10c1ddcd8c977e4b04f7a2140c5d3e48857e76921bde1a4f90c","first_seen":"2024-09-30T20:18:17Z","last_seen":"2024-10-04T10:57:23.589436Z","times_seen":432,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3\u0026nocache=1241727810220071\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.lyxynyx.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1727810220073\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=678245571\u0026rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","date":"2024-10-01T19:17:00.085Z","timestamp":1727810220085,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Aug 2024 07:24:40 GMT","end":"Mon, 18 Nov 2024 07:24:39 GMT"},"fingerprint":{"sha1":"DC:F4:EB:19:22:2A:6E:6B:EF:C2:61:EF:BE:1F:23:CF:7F:69:F5:B2","sha256":"DE:50:AA:0D:49:65:4A:27:56:F1:71:EF:EF:A7:50:AA:BA:9C:F8:AD:45:FE:32:0B:52:DD:D6:D9:08:B5:06:F1"}}},"request":{"raw":"GET /afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3\u0026nocache=1241727810220071\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.lyxynyx.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1727810220073\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=678245571\u0026rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww25.lyxynyx.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-disposition: inline\r\ndate: Tue, 01 Oct 2024 19:17:00 GMT\r\nexpires: Tue, 01 Oct 2024 19:17:00 GMT\r\ncache-control: private, max-age=3600\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-XzWxnXglyK3V96FqpHgLhw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 2754\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2754,"size_decoded":13773,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (13195)","md5":"75673a4468063cf0fa77fdacbcf5b44c","sha1":"bfdcf12aeea3c904e7323864b642b8a8c3d1bb03","sha256":"3a84c98fd50fc880ae1caea0ce693e4a5254f18c0dbb45fd7181540e93e42557","sha512":"f0cc6a8200d5b75326d75b02c23bed0d5eff9db7ca224cfd33ade9a57100413996a9918ab9e3d996460b815e89fe17ef8ffde13a3cd33675aa96a8e9d3cca56f","ssdeep":"96:GE/yk2iIlb5lphMzwronb90IMvm0yEM6vfNYrWqzZUMwDpw9WDC9CtMwDcw9WDLE:GE12iMpgb9+m0yEMcfWrg2omm/kmh","tlshash":"38523237706227291507dc541b296f5dd181d43ac4af36e948e35b26c7ebf838be228e","first_seen":"2024-10-04T10:45:56.930012Z","last_seen":"2024-10-04T10:45:56.930012Z","times_seen":1,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":96,"dns":1,"connect":21,"send":0,"wait":118,"receive":1,"ssl":70},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:17:00.495422076Z","timestamp":1727810220495,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 01 Oct 2024 19:17:00 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"0ff9b275ac544a84792117f0ff55daac","sha1":"550688d56fa990cdd05d9a999e3784516c3fdc3c","sha256":"d0a06176c0ec257d5d868c8c33bd6ad26405475c5747afad22053c1474aa2e2b","sha512":"fad2d4dd5dbc6d5cc07e9d20757ebbd2505e52903eeb487339782fb96af7d2f29cbb07460253de41456d9cf7acf804c43a10ee51a20cda3c99d890db16ec50b1","ssdeep":"","tlshash":"58f05c8913fe3124ec808c84323ce3052830afb20c0c6419307ea0a13bc9b2aa600ba1","first_seen":"2024-09-30T19:16:24Z","last_seen":"2024-10-04T10:57:52.509043Z","times_seen":344,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:17:00.675040295Z","timestamp":1727810220675,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 01 Oct 2024 19:17:00 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"71b3577a6975159c240233c31375d689","sha1":"45158107ebeed19e88e29304af8f16e13f2fa55d","sha256":"8c40b282a30cd3d4e847d04374e318d8607b9b8662f7050d30313ccc7f679bc2","sha512":"ed2245a011246f09954c659f1d8365bb3a73ad5f03565c46b8355ad8956885ed097657b0dff62c5e5dd4aa95770a9441ad4e2bc362b11c92227f273154a00f83","ssdeep":"","tlshash":"3bf0dc9126f2adce8ea34ccd7fece7192860148f499d104c513943e034ddb981609a08","first_seen":"2024-09-30T18:08:58Z","last_seen":"2024-10-04T10:58:28.637541Z","times_seen":447,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3\u0026nocache=1241727810220071\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.lyxynyx.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1727810220073\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=678245571\u0026rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50","date":"2024-10-01T19:17:00.580Z","timestamp":1727810220580,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Aug 2024 07:12:09 GMT","end":"Mon, 18 Nov 2024 07:12:08 GMT"},"fingerprint":{"sha1":"3F:8C:C0:AD:01:C9:F8:FA:75:FE:BA:A4:43:75:E4:C9:60:2C:CF:A6","sha256":"81:F4:5C:15:52:40:C3:E6:82:5E:24:90:4E:72:D2:C8:4D:F0:64:53:08:75:0A:D2:B0:CC:5E:D4:B2:8A:50:B4"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 174\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 01 Oct 2024 08:05:55 GMT\r\nexpires: Wed, 02 Oct 2024 07:05:55 GMT\r\ncache-control: public, max-age=82800\r\nage: 40265\r\nlast-modified: Thu, 02 Nov 2023 22:48:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":174,"size_decoded":200,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d47125b2ba92be53dcff07ba322ce1de","sha1":"e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28","sha256":"5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6","sha512":"78a1bf7547b1c28f600163689161955bc56a621ace3228c9169143be933ccf789fc6106bbf729f2e9483bcaa03271529d3913088094c7fb906b44673e13f1f92","ssdeep":"","tlshash":"72d02291d2286d38441e82e0c37c712200ee70a2230c10ccfa81a700720c8abb8a1668","first_seen":"2023-04-07T07:55:51Z","last_seen":"2026-02-01T02:48:24.72202Z","times_seen":175105,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":98,"dns":18,"connect":8,"send":0,"wait":9,"receive":1,"ssl":80},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/adsense/domains/caf.js","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3\u0026nocache=1241727810220071\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.lyxynyx.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1727810220073\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=678245571\u0026rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50","date":"2024-10-01T19:17:00.444Z","timestamp":1727810220444,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Aug 2024 07:24:40 GMT","end":"Mon, 18 Nov 2024 07:24:39 GMT"},"fingerprint":{"sha1":"DC:F4:EB:19:22:2A:6E:6B:EF:C2:61:EF:BE:1F:23:CF:7F:69:F5:B2","sha256":"DE:50:AA:0D:49:65:4A:27:56:F1:71:EF:EF:A7:50:AA:BA:9C:F8:AD:45:FE:32:0B:52:DD:D6:D9:08:B5:06:F1"}}},"request":{"raw":"GET /adsense/domains/caf.js HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Tue, 01 Oct 2024 19:17:00 GMT\r\nexpires: Tue, 01 Oct 2024 19:17:00 GMT\r\ncache-control: private, max-age=3600\r\netag: \"8562013625026226936\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55747,"size_decoded":55747,"mime_type":"text/javascript; charset=UTF-8","magic":"gzip compressed data, max compression","md5":"86241e32682b9f56d5d41e03e39fcd9b","sha1":"6753f44b0a11144698d41f66bb4db73940489b0e","sha256":"a3ccdf65b05a78199b955b6d1b69d2753fcee3e18cf07de6ade371b7064b5b38","sha512":"473300497adb98f175955869df7818cf794e6622a604531b2d9096b456087b0b396f8724870415b6a84ade73b2813c1ba54aa7940954fef0ef26ed5139759a61","ssdeep":"1536:ZXyfm9/qLrDMSQTUCE1bdm144I7HOMARy:ZUEi7MSSUCE1bvbHVky","tlshash":"4e4301c0e686d340cf47877b1b44bc85c75c6aae3d5f9219075bcd2e7c4a9994eac328","first_seen":"2024-10-01T14:04:13Z","last_seen":"2024-10-04T10:49:34.75315Z","times_seen":2,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww25.lyxynyx.com/_tr","fqdn":"ww25.lyxynyx.com","domain":"lyxynyx.com","tld":"com"},"ip":{"addr":"199.59.243.227","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","date":"2024-10-01T19:17:00.586Z","timestamp":1727810220586,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww25.lyxynyx.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Jul 2024 15:00:58 GMT","end":"Tue, 29 Oct 2024 15:00:57 GMT"},"fingerprint":{"sha1":"F8:AC:18:51:95:57:B6:60:0A:6A:F7:48:90:04:59:2E:34:C2:2A:EA","sha256":"E4:60:2F:01:10:A6:7D:1F:47:05:15:01:75:98:DD:3F:0B:7C:5A:7A:F7:B7:C2:8C:5A:31:8D:75:A9:2F:1C:4F"}}},"request":{"raw":"POST /_tr HTTP/1.1\r\nHost: ww25.lyxynyx.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50\r\nContent-Type: application/json\r\nContent-Length: 1945\r\nOrigin: https://ww25.lyxynyx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 01 Oct 2024 19:17:00 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 2\r\nX-Request-Id: 201f6dcd-3d82-4212-886f-d67f622c8300\r\nSet-Cookie: parking_session=29aaca56-58c7-4528-bf53-ef0f9f7fb5bc; expires=Tue, 01 Oct 2024 19:32:00 GMT\r\nConnection: close\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":2,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-05-07T10:56:03.237485Z","times_seen":407126,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":83,"dns":2,"connect":1,"send":0,"wait":38,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-10-01","alert":"Sinkholed","trigger":"lyxynyx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff","fqdn":"afs.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://syndicatedsearch.goog/afs/ads?adtest=off\u0026psid=3113057640\u0026pcsa=false\u0026channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol119%2Cpid-bodis-gcontrol477%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol164\u0026client=dp-bodis30_3ph\u0026r=m\u0026hl=en\u0026ivt=0\u0026rpbu=https%3A%2F%2Fww25.lyxynyx.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20241002-0459-4368-8262-86ad75c14a50\u0026max_radlink_len=50\u0026type=3\u0026uiopt=false\u0026swp=as-drid-2497786236455022\u0026oe=UTF-8\u0026ie=UTF-8\u0026fexp=21404%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266%2C72717108\u0026format=r3\u0026nocache=1241727810220071\u0026num=0\u0026output=afd_ads\u0026domain_name=ww25.lyxynyx.com\u0026v=3\u0026bsl=8\u0026pac=0\u0026u_his=2\u0026u_tz=0\u0026dt=1727810220073\u0026u_w=1280\u0026u_h=1024\u0026biw=1280\u0026bih=1024\u0026psw=1280\u0026psh=922\u0026frm=0\u0026uio=-\u0026cont=rs\u0026drt=0\u0026jsid=caf\u0026jsv=678245571\u0026rurl=https%3A%2F%2Fww25.lyxynyx.com%2Flogin.php%3Fsubid1%3D20241002-0459-4368-8262-86ad75c14a50","date":"2024-10-01T19:17:00.568Z","timestamp":1727810220568,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Aug 2024 07:12:09 GMT","end":"Mon, 18 Nov 2024 07:12:08 GMT"},"fingerprint":{"sha1":"3F:8C:C0:AD:01:C9:F8:FA:75:FE:BA:A4:43:75:E4:C9:60:2C:CF:A6","sha256":"81:F4:5C:15:52:40:C3:E6:82:5E:24:90:4E:72:D2:C8:4D:F0:64:53:08:75:0A:D2:B0:CC:5E:D4:B2:8A:50:B4"}}},"request":{"raw":"GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1\r\nHost: afs.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://syndicatedsearch.goog/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers\r\ncross-origin-opener-policy: same-origin; report-to=\"afs-native-asset-managers\"\r\nreport-to: {\"group\":\"afs-native-asset-managers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers\"}]}\r\ncontent-length: 278\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 01 Oct 2024 05:34:32 GMT\r\nexpires: Wed, 02 Oct 2024 04:34:32 GMT\r\ncache-control: public, max-age=82800\r\nage: 49348\r\nlast-modified: Tue, 27 Jun 2023 17:28:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":278,"size_decoded":444,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fe7dd8c3c629cc6e9cd6d3e4d3cbe905","sha1":"59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18","sha256":"5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e","sha512":"1c663e07978d95c838aed54421a9c725d7311b8c002f436b30555affb26c25f6ebecff6af5c54ef112370a36a5f5aadf611304bffe76a59fb3d206e943cf153f","ssdeep":"","tlshash":"eff055bcd2ad4914a608c7017ef8a5174066f0c563cc01ceee81ac69f0614e43a63ade","first_seen":"2023-04-07T08:14:08Z","last_seen":"2026-05-03T16:41:57.827597Z","times_seen":69546,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":290,"dns":19,"connect":21,"send":0,"wait":9,"receive":1,"ssl":247},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:17:00.906118206Z","timestamp":1727810220906,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 01 Oct 2024 19:17:00 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"71b3577a6975159c240233c31375d689","sha1":"45158107ebeed19e88e29304af8f16e13f2fa55d","sha256":"8c40b282a30cd3d4e847d04374e318d8607b9b8662f7050d30313ccc7f679bc2","sha512":"ed2245a011246f09954c659f1d8365bb3a73ad5f03565c46b8355ad8956885ed097657b0dff62c5e5dd4aa95770a9441ad4e2bc362b11c92227f273154a00f83","ssdeep":"","tlshash":"3bf0dc9126f2adce8ea34ccd7fece7192860148f499d104c513943e034ddb981609a08","first_seen":"2024-09-30T18:08:58Z","last_seen":"2024-10-04T10:58:28.637541Z","times_seen":447,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:17:01.1902393Z","timestamp":1727810221190,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"672455D99075A4581AE850704B23720BA3B94691E1038B939A5165A3B274D7F9\"\r\nLast-Modified: Mon, 30 Sep 2024 15:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12097\r\nExpires: Tue, 01 Oct 2024 22:38:38 GMT\r\nDate: Tue, 01 Oct 2024 19:17:01 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"8effaf713ecfaf968a658e5727aa9938","sha1":"2229078c48d23c1b17803a1e501bf6410c3522c9","sha256":"672455d99075a4581ae850704b23720ba3b94691e1038b939a5165a3b274d7f9","sha512":"efcabfcdfc1aad223d9a1e9210f46bef8bd5004488460967f102d4251fb8bd84f35e84667939b907414d66d071cb23216e029fd1cb8ea2dce06e83cabaa3a6d7","ssdeep":"","tlshash":"7cf0c0522476bac58ab519bf4bb4d13669783cda445a08ab1d5442e57c21b6b0101808","first_seen":"2024-10-01T02:27:52Z","last_seen":"2024-10-04T10:54:54.696342Z","times_seen":5663,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=72kakxh7xgdo\u0026aqid=rEr8ZtKZDsGtxdwP85HI4A0\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=145\u0026adbh=481\u0026adbw=700\u0026adbah=153%2C153%2C153\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=678245571\u0026csala=5%7C0%7C374%7C67%7C13\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","date":"2024-10-01T19:17:02.032Z","timestamp":1727810222032,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Aug 2024 07:24:40 GMT","end":"Mon, 18 Nov 2024 07:24:39 GMT"},"fingerprint":{"sha1":"DC:F4:EB:19:22:2A:6E:6B:EF:C2:61:EF:BE:1F:23:CF:7F:69:F5:B2","sha256":"DE:50:AA:0D:49:65:4A:27:56:F1:71:EF:EF:A7:50:AA:BA:9C:F8:AD:45:FE:32:0B:52:DD:D6:D9:08:B5:06:F1"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=72kakxh7xgdo\u0026aqid=rEr8ZtKZDsGtxdwP85HI4A0\u0026psid=3113057640\u0026pbt=bs\u0026adbx=290\u0026adby=145\u0026adbh=481\u0026adbw=700\u0026adbah=153%2C153%2C153\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=678245571\u0026csala=5%7C0%7C374%7C67%7C13\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww25.lyxynyx.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-njJnnIn_1OIylT49eQxa8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Tue, 01 Oct 2024 19:17:02 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-07T10:57:30.943449Z","times_seen":14782693,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=2bv5rtfajbyc\u0026aqid=rEr8ZtKZDsGtxdwP85HI4A0\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=145\u0026adbh=481\u0026adbw=700\u0026adbah=153%2C153%2C153\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=678245571\u0026csala=5%7C0%7C374%7C67%7C13\u0026lle=0\u0026ifv=1\u0026hpt=0","fqdn":"syndicatedsearch.goog","domain":"syndicatedsearch.goog","tld":"goog"},"ip":{"addr":"172.217.21.174","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww25.lyxynyx.com/login.php?subid1=20241002-0459-4368-8262-86ad75c14a50","date":"2024-10-01T19:17:02.535Z","timestamp":1727810222535,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"syndicatedsearch.goog","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Aug 2024 07:24:40 GMT","end":"Mon, 18 Nov 2024 07:24:39 GMT"},"fingerprint":{"sha1":"DC:F4:EB:19:22:2A:6E:6B:EF:C2:61:EF:BE:1F:23:CF:7F:69:F5:B2","sha256":"DE:50:AA:0D:49:65:4A:27:56:F1:71:EF:EF:A7:50:AA:BA:9C:F8:AD:45:FE:32:0B:52:DD:D6:D9:08:B5:06:F1"}}},"request":{"raw":"GET /afs/gen_204?client=dp-bodis30_3ph\u0026output=uds_ads_only\u0026zx=2bv5rtfajbyc\u0026aqid=rEr8ZtKZDsGtxdwP85HI4A0\u0026psid=3113057640\u0026pbt=bv\u0026adbx=290\u0026adby=145\u0026adbh=481\u0026adbw=700\u0026adbah=153%2C153%2C153\u0026adbn=master-1\u0026eawp=partner-dp-bodis30_3ph\u0026errv=678245571\u0026csala=5%7C0%7C374%7C67%7C13\u0026lle=0\u0026ifv=1\u0026hpt=0 HTTP/1.1\r\nHost: syndicatedsearch.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww25.lyxynyx.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-TDpab4EkzxjGcXAsxB_S8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\ndate: Tue, 01 Oct 2024 19:17:02 GMT\r\nserver: gws\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-07T10:57:30.943449Z","times_seen":14782693,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml","fqdn":"aus5.mozilla.org","domain":"mozilla.org","tld":"org"},"ip":{"addr":"35.244.181.201","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-10-01T19:17:18.140697982Z","timestamp":1727810238140,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1\r\nHost: aus5.mozilla.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nPragma: no-cache\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\nrule-id: unknown\r\nrule-data-version: unknown\r\ncontent-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2024-11-02-12-44-24.chain; p384ecdsa=Z0T6F7DJhXZgf08XOZi2xNByERijrtvhf26i7kR_fQfGgkU725r9-WEvAXCxlmb5XnhIcpf2Y2oYZspQUUt64waU9j2spRfqbJJ0M5GhSLRb5dbetXDs4kT89KAfAxxH\r\nstrict-transport-security: max-age=31536000;\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'none'; frame-ancestors 'none'\r\nx-proxy-cache-status: MISS\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Tue, 01 Oct 2024 19:17:10 GMT\r\ncontent-type: text/xml; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-length: 444\r\nage: 8\r\ncache-control: public,max-age=90\r\nalt-svc: clear\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":444,"size_decoded":721,"mime_type":"text/xml; charset=utf-8","magic":"XML 1.0 document, ASCII text, with very long lines (332)","md5":"3b324dec137a87ef7e24a30a65b13dd0","sha1":"c0faa95b2f1018e264b3a14aaf50d1003e6c27b3","sha256":"6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463","sha512":"eee5d0a6354c5cfafdba69236359dbb38be1d7cbfd841230c07617fa3d8982751d8ddbe4f3b9c533a277e836b28a2f483d8ddc79aa09573ca9d49fc16341c061","ssdeep":"","tlshash":"54011069bdb5f89100860aa76626c8015a232287e1541888b8df5fc04f9b9b4536f09d","first_seen":"2023-10-13T18:17:52Z","last_seen":"2025-06-20T01:29:36.566077Z","times_seen":185315,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}