504 B IP
ASN #20940 Akamai International B.V.
Hash 686480d25645ac2aca7a99974693a82f
55ca9d53bd758d2afc75e8a9b59c656ff26a3f70
8902058e383c2f43751417e1af1d582f7a16ce0b6fc180ab20cbc76c4b00f914
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8902058E383C2F43751417E1AF1D582F7A16CE0B6FC180AB20CBC76C4B00F914"
Last-Modified: Wed, 14 Aug 2024 12:55:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14377
Expires: Fri, 16 Aug 2024 08:42:25 GMT
Date: Fri, 16 Aug 2024 04:42:48 GMT
Connection: keep-alive
504 B IP
ASN #20940 Akamai International B.V.
Hash 90149b127cd563315012f026a9e0544f
1e148905fa524fb8fec15249f30f33085978dc2e
7098a3b23aece2b00e86fd3a23c5e532001a5002b061170d3ed53ddd36bf8f5b
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "7098A3B23AECE2B00E86FD3A23C5E532001A5002B061170D3ED53DDD36BF8F5B"
Last-Modified: Tue, 13 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5213
Expires: Fri, 16 Aug 2024 06:09:41 GMT
Date: Fri, 16 Aug 2024 04:42:48 GMT
Connection: keep-alive
504 B IP
ASN #20940 Akamai International B.V.
Hash 4d209e16679910b467c26590a0073236
ddd59fa6902b498e9c0cfb22e342757f954789d0
9ef3dab56215a67804db0e12d33772a1902f5914b788530717712902a294bcb5
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9EF3DAB56215A67804DB0E12D33772A1902F5914B788530717712902A294BCB5"
Last-Modified: Wed, 14 Aug 2024 21:59:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8134
Expires: Fri, 16 Aug 2024 06:58:22 GMT
Date: Fri, 16 Aug 2024 04:42:48 GMT
Connection: keep-alive
504 B IP
ASN #20940 Akamai International B.V.
Hash e4a9f1133ab7ff8fdfec972dc9d80181
2a253964c7b022d903b90b57585333f32f730527
62acc6047405e1e5e89c898325a6f5ba2d9f993214648dc9e50cf0d4f5aa9baa
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "62ACC6047405E1E5E89C898325A6F5BA2D9F993214648DC9E50CF0D4F5AA9BAA"
Last-Modified: Tue, 13 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5026
Expires: Fri, 16 Aug 2024 06:06:34 GMT
Date: Fri, 16 Aug 2024 04:42:48 GMT
Connection: keep-alive
504 B IP
ASN #20940 Akamai International B.V.
Hash 0c49d2f67fbb12f6dc6d09b863584786
050ec3c2d3c06db28ab5d52addcf71d7736ca6ab
e32f58e8425fde941fb43b5f67ce69103dfb8efc569195619a21d9465d888d16
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E32F58E8425FDE941FB43B5F67CE69103DFB8EFC569195619A21D9465D888D16"
Last-Modified: Fri, 16 Aug 2024 04:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 16 Aug 2024 10:42:49 GMT
Date: Fri, 16 Aug 2024 04:42:49 GMT
Connection: keep-alive
302 Found 11 B URL User Request GET HTTP/2 IP
ASN #46475 LIMESTONENETWORKS
Certificate IssuerLet's Encrypt
Subjectstreamcomplet.click
Fingerprint00:C2:7A:0E:37:64:AB:F0:A9:DF:DD:4B:8F:C5:4D:AB:19:4D:7A:E6
ValidityFri, 21 Jun 2024 07:48:37 GMT - Thu, 19 Sep 2024 07:48:36 GMT
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: streamcomplet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Fri, 16 Aug 2024 04:42:49 GMT
location: http://ww1.streamcomplet.click
server: Cowboy
set-cookie: sid=fd7ff6ea-5b89-11ef-842e-45992940fc8a; path=/; domain=.streamcomplet.click; expires=Wed, 03 Sep 2092 07:56:56 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
GET ww1.streamcomplet.click/
200 OK 1.1 kB URL User Request GET HTTP/1.1 IP
File type HTML document, ASCII text, with very long lines (334)
Hash 2b4617277e1319c881a33d4eef16d478
16ca20498bdd1aa55901a1cd105d8db714ad749a
b0c1f79f8a097f22ef17c98ec83814a4659f4459f8dafe10e6e5a81578391e94
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: ww1.streamcomplet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 16 Aug 2024 04:42:49 GMT
content-type: text/html; charset=utf-8
content-length: 1066
x-request-id: ce9e56ee-93ef-4edb-a5e9-877e884bef7a
cache-control: no-store, max-age=0
accept-ch: sec-ch-prefers-color-scheme
critical-ch: sec-ch-prefers-color-scheme
vary: sec-ch-prefers-color-scheme
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_cEzNL9CTHdJbrQLXG0PA5HmsgwV1WPTK/HIKwOthnYHXxEiNOIsVF+SvnQSyTi98xx5exLFOTdygvsboH1hlyw==
set-cookie: parking_session=ce9e56ee-93ef-4edb-a5e9-877e884bef7a; expires=Fri, 16 Aug 2024 04:57:50 GMT; path=/
GET ww1.streamcomplet.click/bWrcvZxRf.js
200 OK 34 kB URL GET HTTP/1.1 ww1.streamcomplet.click/bWrcvZxRf.js
IP
Requested by http://ww1.streamcomplet.click/
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (33926)
Hash 54285d7f26ed4bc84ba79113426dcecb
17dc89efec5df34a280459ffc0e27cb8467045ab
b0754afe500a24201f740ed9c023d64483ca9183fa6361d759bb329462d25344
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bWrcvZxRf.js HTTP/1.1
Host: ww1.streamcomplet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.streamcomplet.click/
Cookie: parking_session=ce9e56ee-93ef-4edb-a5e9-877e884bef7a
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 16 Aug 2024 04:42:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 33929
x-request-id: 22baf7e8-7b15-44fe-88a6-5e2709becc98
set-cookie: parking_session=ce9e56ee-93ef-4edb-a5e9-877e884bef7a; expires=Fri, 16 Aug 2024 04:57:50 GMT
POST ww1.streamcomplet.click/_fd
200 OK 5.2 kB URL POST HTTP/1.1 ww1.streamcomplet.click/_fd
IP
Requested by http://ww1.streamcomplet.click/
File type ASCII text, with very long lines (5221), with no line terminators
Hash ea4d6ff96f32767fd19405f0a9517404
abfb86653ceb066075b35c972c7aef609318c2a9
38b9680e630c14ea932685e044c1dc5fcd74b38722ab3538386e9138b9005038
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /_fd HTTP/1.1
Host: ww1.streamcomplet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.streamcomplet.click/
Content-Type: application/json
Origin: http://ww1.streamcomplet.click
DNT: 1
Connection: keep-alive
Cookie: parking_session=ce9e56ee-93ef-4edb-a5e9-877e884bef7a
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 OK
date: Fri, 16 Aug 2024 04:42:49 GMT
content-type: application/json; charset=utf-8
content-length: 5221
x-request-id: 100dcabb-3784-45ef-8905-c5fe35070d10
set-cookie: parking_session=ce9e56ee-93ef-4edb-a5e9-877e884bef7a; expires=Fri, 16 Aug 2024 04:57:50 GMT
504 B IP
ASN #20940 Akamai International B.V.
Hash 3c14cfb85dc9ceb923d7d3c3648719d2
10ea83f83398870f50ca771216ad77bd95aa66cc
bc868b2a34fe0c66d7a2dc1754676cc4031891c797fdd23e82d135559bd82c1b
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BC868B2A34FE0C66D7A2DC1754676CC4031891C797FDD23E82D135559BD82C1B"
Last-Modified: Thu, 15 Aug 2024 09:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9060
Expires: Fri, 16 Aug 2024 07:13:50 GMT
Date: Fri, 16 Aug 2024 04:42:50 GMT
Connection: keep-alive
504 B IP
ASN #20940 Akamai International B.V.
Hash 3c14cfb85dc9ceb923d7d3c3648719d2
10ea83f83398870f50ca771216ad77bd95aa66cc
bc868b2a34fe0c66d7a2dc1754676cc4031891c797fdd23e82d135559bd82c1b
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BC868B2A34FE0C66D7A2DC1754676CC4031891C797FDD23E82D135559BD82C1B"
Last-Modified: Thu, 15 Aug 2024 09:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9060
Expires: Fri, 16 Aug 2024 07:13:50 GMT
Date: Fri, 16 Aug 2024 04:42:50 GMT
Connection: keep-alive
471 B IP
Hash 5cfd2a2a2e029e24b24994e16e0661e1
c3087ffb69bf25201ca3931424418033b962058a
6c0af69a5f0f3002a9068fe83b62998103b48267acaf80290d901adf68fc3084
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Aug 2024 04:42:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET www.google.com/adsense/domains/caf.js?abp=1&bodis=true
200 OK 56 kB URL GET HTTP/2 www.google.com/adsense/domains/caf.js?abp=1&bodis=true
IP
Requested by http://ww1.streamcomplet.click/
Certificate IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint78:90:10:00:62:E9:32:D2:E2:99:72:73:B5:44:27:CB:98:2E:AD:29
ValidityTue, 30 Jul 2024 12:50:13 GMT - Tue, 22 Oct 2024 12:50:12 GMT
File type gzip compressed data, max compression
Hash bed76f24910f5ad723196cce634ea8f8
136954cac181bd289c36deb629732cac497a090e
35e150f9c4ebbcbd27238e1dfc6c88fa90be0ee15cb5d8240ae350dc7e582079
GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.streamcomplet.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 16 Aug 2024 04:42:50 GMT
expires: Fri, 16 Aug 2024 04:42:50 GMT
cache-control: private, max-age=3600
etag: "10497243427879602522"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
472 B IP
Hash 428b4d8c535f8b80b9fdfc657d8ec1fc
2a518e4f1c0ee96e987a2a47286cc1e00544b3dd
ca71394638251cd81b8af4d6c51f9611b5f648f7287d8ca5f9df48338f9b2bd3
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Aug 2024 04:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol418%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww1.streamcomplet.click%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&format=r3&nocache=2461723783370941&num=0&output=afd_ads&domain_name=ww1.streamcomplet.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1723783370943&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=662499046&rurl=http%3A%2F%2Fww1.streamcomplet.click%2F
200 OK 2.5 kB URL GET HTTP/2 syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol418%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww1.streamcomplet.click%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&format=r3&nocache=2461723783370941&num=0&output=afd_ads&domain_name=ww1.streamcomplet.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1723783370943&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=662499046&rurl=http%3A%2F%2Fww1.streamcomplet.click%2F
IP
Requested by http://ww1.streamcomplet.click/
Certificate IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
FingerprintC0:13:68:7E:4C:B8:86:2A:AD:FE:9B:2F:EB:17:6F:94:F1:76:26:28
ValidityTue, 30 Jul 2024 12:54:31 GMT - Tue, 22 Oct 2024 12:54:30 GMT
File type HTML document, ASCII text, with very long lines (13115)
Hash d3ed6b5511e2fe0ec285c053d98de7ba
f60d30cdfc98e8fa26708cc9d70ea7011b579892
6da44ac6d42eaf56885f764c8036b2894bfe41fee683cb37006aeb01a6251848
GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol418%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww1.streamcomplet.click%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&format=r3&nocache=2461723783370941&num=0&output=afd_ads&domain_name=ww1.streamcomplet.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1723783370943&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=662499046&rurl=http%3A%2F%2Fww1.streamcomplet.click%2F HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.streamcomplet.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Fri, 16 Aug 2024 04:42:51 GMT
expires: Fri, 16 Aug 2024 04:42:51 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-vI3sz5WkztJLtHaDYY6Ecg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2537
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
472 B IP
Hash 428b4d8c535f8b80b9fdfc657d8ec1fc
2a518e4f1c0ee96e987a2a47286cc1e00544b3dd
ca71394638251cd81b8af4d6c51f9611b5f648f7287d8ca5f9df48338f9b2bd3
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Aug 2024 04:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
POST ww1.streamcomplet.click/_tr
200 OK 2 B URL POST HTTP/1.1 ww1.streamcomplet.click/_tr
IP
Requested by http://ww1.streamcomplet.click/
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /_tr HTTP/1.1
Host: ww1.streamcomplet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.streamcomplet.click/
Content-Type: application/json
Content-Length: 1829
Origin: http://ww1.streamcomplet.click
DNT: 1
Connection: keep-alive
Cookie: parking_session=ce9e56ee-93ef-4edb-a5e9-877e884bef7a
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 16 Aug 2024 04:42:50 GMT
content-type: application/json; charset=utf-8
content-length: 2
x-request-id: 9765dff9-eeab-4142-ae52-e3b092e6d05d
set-cookie: parking_session=ce9e56ee-93ef-4edb-a5e9-877e884bef7a; expires=Fri, 16 Aug 2024 04:57:51 GMT
471 B IP
Hash 669543805b473ad49af2ab3a009f7c67
a260c6a808234019b9b6be38391f63e6b4fc6424
4c952d73702457386107510ddaa0da8f8e41b383dd2b74adb36f7ee13e349f7e
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Aug 2024 04:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
471 B IP
Hash d610b442cf1f036563bacebf5abbbc8c
8a82f7a3f3848717276b4a21480db99b5cf90eb2
436a91a70ae9b69f50d454d5a369f4457ddab955f50581ec60516cbe7b19ef80
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Aug 2024 04:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
200 OK 278 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP
Requested by https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol418%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww1.streamcomplet.click%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&format=r3&nocache=2461723783370941&num=0&output=afd_ads&domain_name=ww1.streamcomplet.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1723783370943&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=662499046&rurl=http%3A%2F%2Fww1.streamcomplet.click%2F
Certificate IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintA6:0A:39:C6:7C:75:70:95:1C:CC:6E:1F:5D:AF:3C:FD:47:BB:4D:A0
ValidityTue, 30 Jul 2024 12:49:08 GMT - Tue, 22 Oct 2024 12:49:07 GMT
File type SVG Scalable Vector Graphics image
Hash fe7dd8c3c629cc6e9cd6d3e4d3cbe905
59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Aug 2024 08:15:11 GMT
expires: Fri, 16 Aug 2024 07:15:11 GMT
cache-control: public, max-age=82800
age: 73660
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
200 OK 174 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
IP
Requested by https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol418%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww1.streamcomplet.click%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&format=r3&nocache=2461723783370941&num=0&output=afd_ads&domain_name=ww1.streamcomplet.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1723783370943&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=662499046&rurl=http%3A%2F%2Fww1.streamcomplet.click%2F
Certificate IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintA6:0A:39:C6:7C:75:70:95:1C:CC:6E:1F:5D:AF:3C:FD:47:BB:4D:A0
ValidityTue, 30 Jul 2024 12:49:08 GMT - Tue, 22 Oct 2024 12:49:07 GMT
File type SVG Scalable Vector Graphics image
Hash d47125b2ba92be53dcff07ba322ce1de
e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Aug 2024 06:03:08 GMT
expires: Fri, 16 Aug 2024 05:03:08 GMT
cache-control: public, max-age=82800
age: 81583
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
471 B IP
Hash 669543805b473ad49af2ab3a009f7c67
a260c6a808234019b9b6be38391f63e6b4fc6424
4c952d73702457386107510ddaa0da8f8e41b383dd2b74adb36f7ee13e349f7e
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Aug 2024 04:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=4efxdyic0le9&aqid=y9i-ZviSA47KxdwP_p2heQ&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=662499046&csala=3%7C0%7C257%7C60%7C18&lle=0&ifv=1&hpt=0
204 No Content 0 B URL GET HTTP/3 syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=4efxdyic0le9&aqid=y9i-ZviSA47KxdwP_p2heQ&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=662499046&csala=3%7C0%7C257%7C60%7C18&lle=0&ifv=1&hpt=0
IP
Requested by http://ww1.streamcomplet.click/
Certificate IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
FingerprintC0:13:68:7E:4C:B8:86:2A:AD:FE:9B:2F:EB:17:6F:94:F1:76:26:28
ValidityTue, 30 Jul 2024 12:54:31 GMT - Tue, 22 Oct 2024 12:54:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=4efxdyic0le9&aqid=y9i-ZviSA47KxdwP_p2heQ&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=662499046&csala=3%7C0%7C257%7C60%7C18&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.streamcomplet.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-PIPmJa13ZFzUF0hhiJCF2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Fri, 16 Aug 2024 04:42:52 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=uhmlfnbe2p2u&aqid=y9i-ZviSA47KxdwP_p2heQ&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=662499046&csala=3%7C0%7C257%7C60%7C18&lle=0&ifv=1&hpt=0
204 No Content 0 B URL GET HTTP/3 syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=uhmlfnbe2p2u&aqid=y9i-ZviSA47KxdwP_p2heQ&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=662499046&csala=3%7C0%7C257%7C60%7C18&lle=0&ifv=1&hpt=0
IP
Requested by http://ww1.streamcomplet.click/
Certificate IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
FingerprintC0:13:68:7E:4C:B8:86:2A:AD:FE:9B:2F:EB:17:6F:94:F1:76:26:28
ValidityTue, 30 Jul 2024 12:54:31 GMT - Tue, 22 Oct 2024 12:54:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=uhmlfnbe2p2u&aqid=y9i-ZviSA47KxdwP_p2heQ&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=662499046&csala=3%7C0%7C257%7C60%7C18&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww1.streamcomplet.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-po18Ab1SRiv7Kvoem6SX6w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Fri, 16 Aug 2024 04:42:53 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET syndicatedsearch.goog/adsense/domains/caf.js
200 OK 155 kB URL GET HTTP/3 syndicatedsearch.goog/adsense/domains/caf.js
IP
Requested by https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol418%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww1.streamcomplet.click%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301511%2C17301516%2C17301266&format=r3&nocache=2461723783370941&num=0&output=afd_ads&domain_name=ww1.streamcomplet.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1723783370943&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=662499046&rurl=http%3A%2F%2Fww1.streamcomplet.click%2F
Certificate IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
FingerprintC0:13:68:7E:4C:B8:86:2A:AD:FE:9B:2F:EB:17:6F:94:F1:76:26:28
ValidityTue, 30 Jul 2024 12:54:31 GMT - Tue, 22 Oct 2024 12:54:30 GMT
File type JavaScript source, ASCII text, with very long lines (2250)
Size 155 kB (154799 bytes)
Hash aaa1212c6e8b0cf719da6869db74b9f3
6e032cf9ad1af40b282d28b3823f9922758ec970
875d240f2306366f9840c39fa7e6009b7fa970ddc471b0a8a6670b947470658d
GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 16 Aug 2024 04:42:51 GMT
expires: Fri, 16 Aug 2024 04:42:51 GMT
cache-control: private, max-age=3600
etag: "17562436979687453625"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
74.63.241.28
23.33.119.27