200 OK 5.7 kB URL User Request GET HTTP/1.1 IP
ASN #61969 Team Internet AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1197)
Hash 151be9dda0c2bf25603550e2a78d9bbd
3f0cecd69d4a0d6d86438f910674a7676f694f98
bc7339965ad921c029e31b6f506b33b5f458107abdd2b711180bf647751ecd6f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: teitter.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Apr 2023 09:28:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Buckets: bucket060
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ArvqptIpaMBMPMVGXPO76XOPNuYnfw09yxDgl2IpdjYQPF7GA5jf/kCZQ2Wg+iIv914oWI0IwH9g4NLBP5QHUg==
X-Template: tpl_Regnitz_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: teitter.it
X-Subdomain:
Content-Encoding: gzip
www.google.com/adsense/domains/caf.js?abp=1
200 OK 54 kB URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js?abp=1
IP
File type ASCII text, with very long lines (2193)
Hash 8ea24b667d725488378a72e8c72a80b8
489e9d47ba56f2058eefbaf8548ba4e98fbb942e
916c5a6391da3a04cebc4531104bf6aca12105d7484227a9a0f91127ea3d5059
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://teitter.it/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sun, 16 Apr 2023 09:28:10 GMT
Expires: Sun, 16 Apr 2023 09:28:10 GMT
Cache-Control: private, max-age=3600
ETag: "12919843540965609039"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
teitter.it/track.php?domain=teitter.it&toggle=browserjs&uid=MTY4MTYzNzI5MC4zNDQ3OjQ5ZGY4ZjlhMTg4YWFkNmMwZTFkZGUwZDA5ZGVjM2JkMzBkOTU5ODdjNzZkM2ZkYmZhYTk4MTFiNWRjNjhkYmM6NjQzYmJmYWE1NDI2MA%3D%3D
200 OK 20 B URL GET HTTP/1.1 teitter.it/track.php?domain=teitter.it&toggle=browserjs&uid=MTY4MTYzNzI5MC4zNDQ3OjQ5ZGY4ZjlhMTg4YWFkNmMwZTFkZGUwZDA5ZGVjM2JkMzBkOTU5ODdjNzZkM2ZkYmZhYTk4MTFiNWRjNjhkYmM6NjQzYmJmYWE1NDI2MA%3D%3D
IP
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=teitter.it&toggle=browserjs&uid=MTY4MTYzNzI5MC4zNDQ3OjQ5ZGY4ZjlhMTg4YWFkNmMwZTFkZGUwZDA5ZGVjM2JkMzBkOTU5ODdjNzZkM2ZkYmZhYTk4MTFiNWRjNjhkYmM6NjQzYmJmYWE1NDI2MA%3D%3D HTTP/1.1
Host: teitter.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://teitter.it/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Apr 2023 09:28:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket060&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fteitter.it%2F%3Fts%3DfFJlZ25pdHp8fDMyYjU1fGJ1Y2tldDA2MHx8fHx8fDY0M2JiZmFhNTQyNDR8fHwxNjgxNjM3MjkwLjM1MTN8Yjk3YmQ2MjExM2VlNjM2MWI0ZDc1ODM1YjNhOGQyNWMzNjBjYTZjM3x8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8ZXlKemRIbHNaVWxrSWpvaUlEZzJOelkzTnpJNE9EQWlmUT09fHwxfFcxMD18ZWYwMzRjN2FhYzIyMDg2OGRjYzAyNWQ5NjU4MDc5NzcxNzFkNmU4MXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2819586786884488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7981681637385581&num=0&output=afd_ads&domain_name=teitter.it&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681637385583&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fteitter.it%2F&adbw=master-1%3A530
200 OK 2.5 kB URL GET HTTP/2 www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket060&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fteitter.it%2F%3Fts%3DfFJlZ25pdHp8fDMyYjU1fGJ1Y2tldDA2MHx8fHx8fDY0M2JiZmFhNTQyNDR8fHwxNjgxNjM3MjkwLjM1MTN8Yjk3YmQ2MjExM2VlNjM2MWI0ZDc1ODM1YjNhOGQyNWMzNjBjYTZjM3x8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8ZXlKemRIbHNaVWxrSWpvaUlEZzJOelkzTnpJNE9EQWlmUT09fHwxfFcxMD18ZWYwMzRjN2FhYzIyMDg2OGRjYzAyNWQ5NjU4MDc5NzcxNzFkNmU4MXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2819586786884488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7981681637385581&num=0&output=afd_ads&domain_name=teitter.it&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681637385583&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fteitter.it%2F&adbw=master-1%3A530
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint3E:43:00:13:2A:5D:12:97:9E:3A:1C:62:F3:7E:D1:C4:FB:DB:B7:73
ValidityTue, 28 Mar 2023 16:54:58 GMT - Tue, 20 Jun 2023 16:54:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6099)
Hash eb3adaa83248f2c30f47c5d0b7311084
5f98ddfee98b1e28ae8572a788dc828c3989aa37
b3e05e585991684d7174a12bbfa2f2405754de8ad6d995bccba184ce018a08b4
GET /afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket060&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fteitter.it%2F%3Fts%3DfFJlZ25pdHp8fDMyYjU1fGJ1Y2tldDA2MHx8fHx8fDY0M2JiZmFhNTQyNDR8fHwxNjgxNjM3MjkwLjM1MTN8Yjk3YmQ2MjExM2VlNjM2MWI0ZDc1ODM1YjNhOGQyNWMzNjBjYTZjM3x8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8ZXlKemRIbHNaVWxrSWpvaUlEZzJOelkzTnpJNE9EQWlmUT09fHwxfFcxMD18ZWYwMzRjN2FhYzIyMDg2OGRjYzAyNWQ5NjU4MDc5NzcxNzFkNmU4MXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2819586786884488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7981681637385581&num=0&output=afd_ads&domain_name=teitter.it&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681637385583&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fteitter.it%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://teitter.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sun, 16 Apr 2023 09:28:10 GMT
expires: Sun, 16 Apr 2023 09:28:10 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-fDOQdOAx5skbbpgVy0Xlqw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 2478
x-xss-protection: 0
set-cookie: NID=511=VYBJVVZj-9q-wOWqdgXxUaJgB_9V7wrceHFxl_KHyflCcv9mSh26Z7ITarF64c1foRbs0SlsR9BM7wkdN0bFZxy1h0AgliTh1CAfJi0oIiDWUN4m1LFfMcpqS70PsE0dzPZMk-LIG86yn6od83fHUFcMgS8F8X64silFoZq0YZI; expires=Mon, 16-Oct-2023 09:28:10 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+521; expires=Tue, 15-Apr-2025 09:28:10 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d38psrni17bvxu.cloudfront.net/themes/regnitz_0f823431/img/arrows.png
200 OK 11 kB URL GET HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/regnitz_0f823431/img/arrows.png
IP
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/regnitz_0f823431/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://teitter.it/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Sat, 15 Apr 2023 15:21:58 GMT
Last-Modified: Fri, 25 Feb 2022 11:24:01 GMT
Accept-Ranges: bytes
ETag: "6218bc51-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: ZY6O9SdQO2Ryggq2rjOZsHojlJ9jcjhmTFf0ValxY4JbrE8oL1GJgw==
Age: 65172
partner.googleadservices.com/gampad/cookie.js?domain=teitter.it&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
200 OK 239 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=teitter.it&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
Fingerprint4B:CB:DB:D2:14:E4:F5:46:FA:69:7D:5D:7F:77:3E:7B:A4:87:E2:E7
ValidityTue, 28 Mar 2023 16:51:59 GMT - Tue, 20 Jun 2023 16:51:58 GMT
File type ASCII text, with very long lines (360), with no line terminators
Hash 92c6551e5d6d5e1a484a5cfe91c165fd
84ecc92abc2ee33fbb1a6eb1f28c2ed6cc54a01f
57118330582361a3300584d5251071386aecdcdaa918fab59c9f5e4db2c22df6
GET /gampad/cookie.js?domain=teitter.it&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://teitter.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 16 Apr 2023 09:28:10 GMT
server: cafe
cache-control: private
content-length: 239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
teitter.it/favicon.ico
200 OK 0 B IP
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: teitter.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://teitter.it/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Apr 2023 09:28:10 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
teitter.it/ls.php?t=643bbfaa&token=ef034c7aac220868dcc025d965807977171d6e81
201 Created 16 B URL GET HTTP/1.1 teitter.it/ls.php?t=643bbfaa&token=ef034c7aac220868dcc025d965807977171d6e81
IP
ASN #61969 Team Internet AG
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /ls.php?t=643bbfaa&token=ef034c7aac220868dcc025d965807977171d6e81 HTTP/1.1
Host: teitter.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://teitter.it/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Server: nginx
Date: Sun, 16 Apr 2023 09:28:10 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 643bbfaa43c9030d612cae41
Charset: utf-8
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ToLIcLUIPT0/YpRFj2hR0RRq3SbhOlTHND4cZEZxRrWxlfeFomCI+BpHq4zFQGA19Kr08CXWUUhnRj69tZwT2A==
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
200 OK 270 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP
Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket060&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fteitter.it%2F%3Fts%3DfFJlZ25pdHp8fDMyYjU1fGJ1Y2tldDA2MHx8fHx8fDY0M2JiZmFhNTQyNDR8fHwxNjgxNjM3MjkwLjM1MTN8Yjk3YmQ2MjExM2VlNjM2MWI0ZDc1ODM1YjNhOGQyNWMzNjBjYTZjM3x8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8ZXlKemRIbHNaVWxrSWpvaUlEZzJOelkzTnpJNE9EQWlmUT09fHwxfFcxMD18ZWYwMzRjN2FhYzIyMDg2OGRjYzAyNWQ5NjU4MDc5NzcxNzFkNmU4MXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2819586786884488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7981681637385581&num=0&output=afd_ads&domain_name=teitter.it&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681637385583&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fteitter.it%2F&adbw=master-1%3A530
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 06:36:20 GMT
expires: Mon, 17 Apr 2023 05:36:20 GMT
cache-control: public, max-age=82800
age: 10311
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
200 OK 54 kB URL GET HTTP/3 www.google.com/adsense/domains/caf.js
IP
Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket060&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fteitter.it%2F%3Fts%3DfFJlZ25pdHp8fDMyYjU1fGJ1Y2tldDA2MHx8fHx8fDY0M2JiZmFhNTQyNDR8fHwxNjgxNjM3MjkwLjM1MTN8Yjk3YmQ2MjExM2VlNjM2MWI0ZDc1ODM1YjNhOGQyNWMzNjBjYTZjM3x8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8ZXlKemRIbHNaVWxrSWpvaUlEZzJOelkzTnpJNE9EQWlmUT09fHwxfFcxMD18ZWYwMzRjN2FhYzIyMDg2OGRjYzAyNWQ5NjU4MDc5NzcxNzFkNmU4MXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2819586786884488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7981681637385581&num=0&output=afd_ads&domain_name=teitter.it&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681637385583&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fteitter.it%2F&adbw=master-1%3A530
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type ASCII text, with very long lines (2193)
Hash e72acdd980d5e2ccf883e9c8ffee371c
c9a867e5d1ae0ef88523c507be5855a4264e1997
ff2efeb13f7601808f12d4bb3a0ff7b8c771040c20a49b56ce63bd720a6f66e1
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Alt-Used: www.google.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sun, 16 Apr 2023 09:28:10 GMT
expires: Sun, 16 Apr 2023 09:28:10 GMT
cache-control: private, max-age=3600
etag: "3306294254359549879"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
teitter.it/track.php?domain=teitter.it&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTYzNzI5MC4zNDQ3OjQ5ZGY4ZjlhMTg4YWFkNmMwZTFkZGUwZDA5ZGVjM2JkMzBkOTU5ODdjNzZkM2ZkYmZhYTk4MTFiNWRjNjhkYmM6NjQzYmJmYWE1NDI2MA%3D%3D
200 OK 20 B URL GET HTTP/1.1 teitter.it/track.php?domain=teitter.it&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTYzNzI5MC4zNDQ3OjQ5ZGY4ZjlhMTg4YWFkNmMwZTFkZGUwZDA5ZGVjM2JkMzBkOTU5ODdjNzZkM2ZkYmZhYTk4MTFiNWRjNjhkYmM6NjQzYmJmYWE1NDI2MA%3D%3D
IP
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=teitter.it&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTYzNzI5MC4zNDQ3OjQ5ZGY4ZjlhMTg4YWFkNmMwZTFkZGUwZDA5ZGVjM2JkMzBkOTU5ODdjNzZkM2ZkYmZhYTk4MTFiNWRjNjhkYmM6NjQzYmJmYWE1NDI2MA%3D%3D HTTP/1.1
Host: teitter.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://teitter.it/
Cookie: __gsas=ID=59cae877176d9780:T=1681637290:S=ALNI_MbsHfmeVuwBmVPi9TiYl-9l2GEvnQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Apr 2023 09:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=29ssvy8can9&aqid=qr87ZP_gK7mViM0P-_6sgAQ&psid=8676772880&pbt=bs&adbx=375&adby=129&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=21%7C0%7C336%7C127%7C229&lle=0&ifv=1&usr=1
204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=29ssvy8can9&aqid=qr87ZP_gK7mViM0P-_6sgAQ&psid=8676772880&pbt=bs&adbx=375&adby=129&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=21%7C0%7C336%7C127%7C229&lle=0&ifv=1&usr=1
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=29ssvy8can9&aqid=qr87ZP_gK7mViM0P-_6sgAQ&psid=8676772880&pbt=bs&adbx=375&adby=129&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=21%7C0%7C336%7C127%7C229&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://teitter.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-fmWZ9Cs8vn9uAboCNZFd7Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sun, 16 Apr 2023 09:28:12 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=RYOJgefIrFzF0BpzbZtx1Kht5UXD-sTEMuopXI9_cYF4qzRhA9jXbCrd1pdEKGyAFO4e7tiSN_A5FXqR3GRRgtTejE6pCCF9numTmunHDMS-BOze4WjobJHWPP73DyeU3YwlSvku9AGjWDQXOiQ9F7qf2Xp2LtHJFl8mh6HLffc; expires=Mon, 16-Oct-2023 09:28:12 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+207; expires=Tue, 15-Apr-2025 09:28:12 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=xgjlls3xi08&aqid=qr87ZP_gK7mViM0P-_6sgAQ&psid=8676772880&pbt=bv&adbx=375&adby=129&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=21%7C0%7C336%7C127%7C229&lle=0&ifv=1&usr=1
204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=xgjlls3xi08&aqid=qr87ZP_gK7mViM0P-_6sgAQ&psid=8676772880&pbt=bv&adbx=375&adby=129&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=21%7C0%7C336%7C127%7C229&lle=0&ifv=1&usr=1
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=xgjlls3xi08&aqid=qr87ZP_gK7mViM0P-_6sgAQ&psid=8676772880&pbt=bv&adbx=375&adby=129&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=21%7C0%7C336%7C127%7C229&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://teitter.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-TBQpaJNVP4JM5nrzunKp_Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sun, 16 Apr 2023 09:28:13 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=JRPO2T0cLa4_vBokJcsfuJdnipUAmzWIO3CEEXoQaLD0jr2gwHy5MT94AFyzIR1emIbWlyVP6Fyh4Bopeze5Qf0ALrJ6pR1b8C51RorH88_Cnlkbt0UrdZOafLvy7aZ4ANNoKhuqkaHCVfAFRt7e12KhQZLS7b_HrichX8Dh3ac; expires=Mon, 16-Oct-2023 09:28:13 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+682; expires=Tue, 15-Apr-2025 09:28:13 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
200 OK 200 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket060&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fteitter.it%2F%3Fts%3DfFJlZ25pdHp8fDMyYjU1fGJ1Y2tldDA2MHx8fHx8fDY0M2JiZmFhNTQyNDR8fHwxNjgxNjM3MjkwLjM1MTN8Yjk3YmQ2MjExM2VlNjM2MWI0ZDc1ODM1YjNhOGQyNWMzNjBjYTZjM3x8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8ZXlKemRIbHNaVWxrSWpvaUlEZzJOelkzTnpJNE9EQWlmUT09fHwxfFcxMD18ZWYwMzRjN2FhYzIyMDg2OGRjYzAyNWQ5NjU4MDc5NzcxNzFkNmU4MXwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHwwfDA%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2819586786884488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7981681637385581&num=0&output=afd_ads&domain_name=teitter.it&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681637385583&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fteitter.it%2F&adbw=master-1%3A530
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 592bbd56abac313ab322bc38f7027496
ecc40e55421cbfc9cc24e256c999a497b84d997f
fe3a1073d51df0f353dfa771acde9ea020e215a74edf7b24775e50282b6d6eda
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 05:22:59 GMT
expires: Mon, 17 Apr 2023 04:22:59 GMT
cache-control: public, max-age=82800
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 14712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
185.53.177.10
216.58.207.228