75.2.11.242 5.9 kB IP 75.2.11.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1331)
Hash 40e1374796901c0b6d5602ef58bf8f25
33d2d6c9eba46b75915610c319142de3d63a9795
059bf669b8b9d67fd797a78bb0fa5c26656c26b886b1f2d6cecf60b7421553c0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: ww38.hua11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 14:17:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket003
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_hjEIeCupUmeFqxj6Isgng2s/s9hrBmpLlGexdnQwt97QpAEtMahntbYUOh+3RORimq328kKBiKJtRt4ZH2q7ZQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: hua11.top
X-Subdomain: ww38
Content-Encoding: gzip
75.2.11.242 5.9 kB IP 75.2.11.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1331)
Hash 9210986d92f52781479347523ab8de8b
6d5b4d2014bd7cd77923b9079c0d4e35fc179725
9b483c7ef6ef42e27fd236b8c1727ac6046b17357b15750451c22d348b97a927
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: ww38.hua11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 14:17:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket003
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_hjEIeCupUmeFqxj6Isgng2s/s9hrBmpLlGexdnQwt97QpAEtMahntbYUOh+3RORimq328kKBiKJtRt4ZH2q7ZQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: hua11.top
X-Subdomain: ww38
Content-Encoding: gzip
www.google.com/adsense/domains/caf.js?abp=1
216.58.207.228200 OK 54 kB URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js?abp=1
IP 216.58.207.228:80
File type ASCII text, with very long lines (2125)
Hash da164cef33fd4a0df4a5de9ced439093
25afb132729b296c0653741bed4bf878fc6503fe
7a13d3dbc5351b4ff3d54582f1f1a56f9010ba7a7f50a5bb77fd546b1d6fa79d
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww38.hua11.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 10 Jun 2023 14:17:36 GMT
Expires: Sat, 10 Jun 2023 14:17:36 GMT
Cache-Control: private, max-age=3600
ETag: "5248816218383037191"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
c.parkingcrew.net/scripts/sale_form.js
185.53.178.30200 OK 761 B URL GET HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP 185.53.178.30:80
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww38.hua11.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Jun 2023 14:17:37 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
ww38.hua11.top/track.php?domain=hua11.top&toggle=browserjs&uid=MTY4NjQwNjY1Ni44MDY4OjkwZWE0MjhiMzFhMjQ3ZTUyNTJjMzM3MzkwM2RmMTJmNDQwMDIxNTAxMTViMzJkYzAxYWI5MjUzNjA4ZjdiNmQ6NjQ4NDg2MDBjNGY2ZQ%3D%3D
75.2.11.242200 OK 20 B URL GET HTTP/1.1 ww38.hua11.top/track.php?domain=hua11.top&toggle=browserjs&uid=MTY4NjQwNjY1Ni44MDY4OjkwZWE0MjhiMzFhMjQ3ZTUyNTJjMzM3MzkwM2RmMTJmNDQwMDIxNTAxMTViMzJkYzAxYWI5MjUzNjA4ZjdiNmQ6NjQ4NDg2MDBjNGY2ZQ%3D%3D
IP 75.2.11.242:80
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=hua11.top&toggle=browserjs&uid=MTY4NjQwNjY1Ni44MDY4OjkwZWE0MjhiMzFhMjQ3ZTUyNTJjMzM3MzkwM2RmMTJmNDQwMDIxNTAxMTViMzJkYzAxYWI5MjUzNjA4ZjdiNmQ6NjQ4NDg2MDBjNGY2ZQ%3D%3D HTTP/1.1
Host: ww38.hua11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww38.hua11.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 14:17:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 648d86782bde8cdad1f84871db069b8b
0bbf16e28ab151906a446efd842b6e74ea80754d
39fee46d2df5b8a7024f2a8a5ab7eee986e6fd12589006df57c75b08bf812c4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 14:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
54.230.245.22200 OK 11 kB URL GET HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP 54.230.245.22:80
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww38.hua11.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Sat, 10 Jun 2023 01:25:10 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BRWhcE9WPEMWh9v3YGDVHb7SlDTeDq3Cc7vgcZ80ox9dYvtsHoHpmA==
Age: 46347
ww38.hua11.top/ls.php?t=64848600&token=16c70c5113bc3f04383d8b39560ca9f67dc96e6d
75.2.11.242201 Created 16 B URL GET HTTP/1.1 ww38.hua11.top/ls.php?t=64848600&token=16c70c5113bc3f04383d8b39560ca9f67dc96e6d
IP 75.2.11.242:80
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /ls.php?t=64848600&token=16c70c5113bc3f04383d8b39560ca9f67dc96e6d HTTP/1.1
Host: ww38.hua11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww38.hua11.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 10 Jun 2023 14:17:37 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 648486015d839c32177bb441
Charset: utf-8
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_KfAQEkBKx1K4/sCVZEwNz4CH5MQk5/cyfHE8tUgOAWqTFt8W2uZ6sgLsHCUVw/+xiVRkMXvri8ECgXwyjfuziw==
www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.hua11.top%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDg0ODYwMGM0ZjU0fHx8MTY4NjQwNjY1Ni44MTc5fDAxZGJiYmE4ZmRhMmJlNTE4OWFkOTQwNWQ3N2JkN2M4MmNlMDM5NTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDE2YzcwYzUxMTNiYzNmMDQzODNkOGIzOTU2MGNhOWY2N2RjOTZlNmR8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2512606374143008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C72281503%2C72281504&format=r3%7Cs&nocache=2711686406656636&num=0&output=afd_ads&domain_name=ww38.hua11.top&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686406656638&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=537871741&uio=--&cont=tc&jsid=caf&jsv=537871741&rurl=http%3A%2F%2Fww38.hua11.top%2F&adbw=master-1%3A530
216.58.207.228200 OK 2.5 kB URL GET HTTP/2 www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.hua11.top%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDg0ODYwMGM0ZjU0fHx8MTY4NjQwNjY1Ni44MTc5fDAxZGJiYmE4ZmRhMmJlNTE4OWFkOTQwNWQ3N2JkN2M4MmNlMDM5NTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDE2YzcwYzUxMTNiYzNmMDQzODNkOGIzOTU2MGNhOWY2N2RjOTZlNmR8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2512606374143008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C72281503%2C72281504&format=r3%7Cs&nocache=2711686406656636&num=0&output=afd_ads&domain_name=ww38.hua11.top&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686406656638&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=537871741&uio=--&cont=tc&jsid=caf&jsv=537871741&rurl=http%3A%2F%2Fww38.hua11.top%2F&adbw=master-1%3A530
IP 216.58.207.228:443
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6223)
Hash 4ea38f8101a95653913ff788370e309d
674661017b8b44ccd39b79202ea66a5e65bf2bec
983fe93fefef0aa6658a86c01a9407d82b69a2f472b476d8f95b663aeefb4398
GET /afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.hua11.top%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDg0ODYwMGM0ZjU0fHx8MTY4NjQwNjY1Ni44MTc5fDAxZGJiYmE4ZmRhMmJlNTE4OWFkOTQwNWQ3N2JkN2M4MmNlMDM5NTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDE2YzcwYzUxMTNiYzNmMDQzODNkOGIzOTU2MGNhOWY2N2RjOTZlNmR8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2512606374143008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C72281503%2C72281504&format=r3%7Cs&nocache=2711686406656636&num=0&output=afd_ads&domain_name=ww38.hua11.top&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686406656638&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=537871741&uio=--&cont=tc&jsid=caf&jsv=537871741&rurl=http%3A%2F%2Fww38.hua11.top%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww38.hua11.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 10 Jun 2023 14:17:37 GMT
expires: Sat, 10 Jun 2023 14:17:37 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ChQLjXezgXAUhyPZFvZ3GQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2516
x-xss-protection: 0
set-cookie: CONSENT=PENDING+985; expires=Mon, 09-Jun-2025 14:17:37 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ce0035936997c1555b1ff99d49eea795
fedb6b2dee2b19d5bd44b3d9e7a46dc73bb7fbf9
415ab7d7536068e0e69ddff28adcf77c8e254c56abcdeb4967dcb6d2b3cc6cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 14:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww38.hua11.top/favicon.ico
75.2.11.242200 OK 0 B URL GET HTTP/1.1 ww38.hua11.top/favicon.ico
IP 75.2.11.242:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww38.hua11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww38.hua11.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 14:17:37 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8748a0f3e1abe3ad036cf9ee28b3d124
44e7298258e112896ee66a631873bdfe6dda3132
b24f245b43de6a0328dfef752fdcf83766d66c475d08b463c062e6202c2121da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 14:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
142.250.74.97200 OK 270 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP 142.250.74.97:443
Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.hua11.top%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDg0ODYwMGM0ZjU0fHx8MTY4NjQwNjY1Ni44MTc5fDAxZGJiYmE4ZmRhMmJlNTE4OWFkOTQwNWQ3N2JkN2M4MmNlMDM5NTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDE2YzcwYzUxMTNiYzNmMDQzODNkOGIzOTU2MGNhOWY2N2RjOTZlNmR8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2512606374143008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C72281503%2C72281504&format=r3%7Cs&nocache=2711686406656636&num=0&output=afd_ads&domain_name=ww38.hua11.top&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686406656638&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=537871741&uio=--&cont=tc&jsid=caf&jsv=537871741&rurl=http%3A%2F%2Fww38.hua11.top%2F&adbw=master-1%3A530
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintAC:83:32:AA:E9:4D:2F:A2:F2:C9:F0:F3:7B:98:49:1B:5B:DE:7E:44
ValidityFri, 19 May 2023 12:57:31 GMT - Fri, 11 Aug 2023 12:57:30 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 8959ddcd9712196961d93f58064ed655
62ab1e38e7e9fbf58a04381b76c2d96a9c829f24
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 10 Jun 2023 12:12:59 GMT
expires: Sun, 11 Jun 2023 11:12:59 GMT
cache-control: public, max-age=82800
age: 7478
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8748a0f3e1abe3ad036cf9ee28b3d124
44e7298258e112896ee66a631873bdfe6dda3132
b24f245b43de6a0328dfef752fdcf83766d66c475d08b463c062e6202c2121da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 14:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/adsense/domains/caf.js
216.58.207.228200 OK 54 kB URL GET HTTP/3 www.google.com/adsense/domains/caf.js
IP 216.58.207.228:443
Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.hua11.top%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDg0ODYwMGM0ZjU0fHx8MTY4NjQwNjY1Ni44MTc5fDAxZGJiYmE4ZmRhMmJlNTE4OWFkOTQwNWQ3N2JkN2M4MmNlMDM5NTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDE2YzcwYzUxMTNiYzNmMDQzODNkOGIzOTU2MGNhOWY2N2RjOTZlNmR8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2512606374143008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C72281503%2C72281504&format=r3%7Cs&nocache=2711686406656636&num=0&output=afd_ads&domain_name=ww38.hua11.top&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686406656638&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=537871741&uio=--&cont=tc&jsid=caf&jsv=537871741&rurl=http%3A%2F%2Fww38.hua11.top%2F&adbw=master-1%3A530
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2125)
Hash 65b6a6ef9f39e4a2bd1c447f8efd803e
f20dbc45bb4e6de0d21dd2eb50c30a8689560c1c
17f0f044579fc1908d715e8c274e9ab75fef8d4995cceb1057e7abe2cd12f0b5
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 10 Jun 2023 14:17:37 GMT
expires: Sat, 10 Jun 2023 14:17:37 GMT
cache-control: private, max-age=3600
etag: "1734129515357605405"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8748a0f3e1abe3ad036cf9ee28b3d124
44e7298258e112896ee66a631873bdfe6dda3132
b24f245b43de6a0328dfef752fdcf83766d66c475d08b463c062e6202c2121da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 14:17:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww38.hua11.top/track.php?domain=hua11.top&caf=1&toggle=answercheck&answer=yes&uid=MTY4NjQwNjY1Ni44MDY4OjkwZWE0MjhiMzFhMjQ3ZTUyNTJjMzM3MzkwM2RmMTJmNDQwMDIxNTAxMTViMzJkYzAxYWI5MjUzNjA4ZjdiNmQ6NjQ4NDg2MDBjNGY2ZQ%3D%3D
75.2.11.242200 OK 20 B URL GET HTTP/1.1 ww38.hua11.top/track.php?domain=hua11.top&caf=1&toggle=answercheck&answer=yes&uid=MTY4NjQwNjY1Ni44MDY4OjkwZWE0MjhiMzFhMjQ3ZTUyNTJjMzM3MzkwM2RmMTJmNDQwMDIxNTAxMTViMzJkYzAxYWI5MjUzNjA4ZjdiNmQ6NjQ4NDg2MDBjNGY2ZQ%3D%3D
IP 75.2.11.242:80
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=hua11.top&caf=1&toggle=answercheck&answer=yes&uid=MTY4NjQwNjY1Ni44MDY4OjkwZWE0MjhiMzFhMjQ3ZTUyNTJjMzM3MzkwM2RmMTJmNDQwMDIxNTAxMTViMzJkYzAxYWI5MjUzNjA4ZjdiNmQ6NjQ4NDg2MDBjNGY2ZQ%3D%3D HTTP/1.1
Host: ww38.hua11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww38.hua11.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 14:17:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.google.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=1apq28rq5abt&aqid=AYaEZNyGFYvCYeK0q4AI&psid=8676772880&pbt=bs&adbx=375&adby=132&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=537871741&csala=12%7C0%7C290%7C164%7C222&lle=0&ifv=1&usr=1
216.58.207.228204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=1apq28rq5abt&aqid=AYaEZNyGFYvCYeK0q4AI&psid=8676772880&pbt=bs&adbx=375&adby=132&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=537871741&csala=12%7C0%7C290%7C164%7C222&lle=0&ifv=1&usr=1
IP 216.58.207.228:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=1apq28rq5abt&aqid=AYaEZNyGFYvCYeK0q4AI&psid=8676772880&pbt=bs&adbx=375&adby=132&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=537871741&csala=12%7C0%7C290%7C164%7C222&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww38.hua11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-q_Zu-1pMKmiluEpge9BVGg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sat, 10 Jun 2023 14:17:39 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=iYG4AhCDVkUOr4Y9Cp3CF94Kj0Rw6ufVXfMEdEQHpm1eJzEfx9ToW2-hmQLZrNLuIGi4nEHD5VOftKg4L5OYH9E5JXCb93pLIxWlOd06eC0zDaA07xe86irKy12KpKoMjdD3fpQG_lYZOR2mm0btj7cBUyrcHPdSVIrfj5LeRTU; expires=Sun, 10-Dec-2023 14:17:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+536; expires=Mon, 09-Jun-2025 14:17:39 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=3zotmhlj73s8&aqid=AYaEZNyGFYvCYeK0q4AI&psid=8676772880&pbt=bv&adbx=375&adby=132&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=537871741&csala=12%7C0%7C290%7C164%7C222&lle=0&ifv=1&usr=1
216.58.207.228204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=3zotmhlj73s8&aqid=AYaEZNyGFYvCYeK0q4AI&psid=8676772880&pbt=bv&adbx=375&adby=132&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=537871741&csala=12%7C0%7C290%7C164%7C222&lle=0&ifv=1&usr=1
IP 216.58.207.228:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=3zotmhlj73s8&aqid=AYaEZNyGFYvCYeK0q4AI&psid=8676772880&pbt=bv&adbx=375&adby=132&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=537871741&csala=12%7C0%7C290%7C164%7C222&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww38.hua11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-34aQ-QWbWLULdHK5FBf4FQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sat, 10 Jun 2023 14:17:39 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=UQdS_sIRnny8Ur7fbj3snZstkK87WfwzU98zFLsjKiZfhwsKdmzye-66-WGhfH01XJHqlSxgBv-u5p09XQDnMp_TJfFlS5v-BhH1sFly-aO2GqCoNDrntKzhh5VKL3iMM7HEVwFxLy9OPbJWsYjwz-yd9MmgEt_KCoSj6LgxsRQ; expires=Sun, 10-Dec-2023 14:17:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+984; expires=Mon, 09-Jun-2025 14:17:39 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.97200 OK 200 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.97:443
Requested by https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.hua11.top%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NDg0ODYwMGM0ZjU0fHx8MTY4NjQwNjY1Ni44MTc5fDAxZGJiYmE4ZmRhMmJlNTE4OWFkOTQwNWQ3N2JkN2M4MmNlMDM5NTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDE2YzcwYzUxMTNiYzNmMDQzODNkOGIzOTU2MGNhOWY2N2RjOTZlNmR8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2512606374143008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C72281503%2C72281504&format=r3%7Cs&nocache=2711686406656636&num=0&output=afd_ads&domain_name=ww38.hua11.top&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686406656638&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=795&frm=0&cl=537871741&uio=--&cont=tc&jsid=caf&jsv=537871741&rurl=http%3A%2F%2Fww38.hua11.top%2F&adbw=master-1%3A530
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintAC:83:32:AA:E9:4D:2F:A2:F2:C9:F0:F3:7B:98:49:1B:5B:DE:7E:44
ValidityFri, 19 May 2023 12:57:31 GMT - Fri, 11 Aug 2023 12:57:30 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 592bbd56abac313ab322bc38f7027496
ecc40e55421cbfc9cc24e256c999a497b84d997f
fe3a1073d51df0f353dfa771acde9ea020e215a74edf7b24775e50282b6d6eda
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 10 Jun 2023 12:41:57 GMT
expires: Sun, 11 Jun 2023 11:41:57 GMT
cache-control: public, max-age=82800
age: 5740
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2