162.255.119.65302 Found 48 B URL User Request GET HTTP/1.1 IP 162.255.119.65:80
File type HTML document, ASCII text
Hash 7222d726cfaa8aba3d6abf2ea3c1612d
ce48bf570cee91c43b7097cd41ce264d22e63463
0023b679b596a214f0fefff60c90696231cddeaa41e8225a83edfb8b17100740
NIDS Severity Alert suricata low ET INFO Namecheap URL Forward
GET / HTTP/1.1
Host: slapback.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sun, 16 Apr 2023 14:20:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 48
Connection: keep-alive
Location: http://www.slapback.shop/
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx
198.54.117.212200 OK 1.9 kB URL User Request GET HTTP/1.1 IP 198.54.117.212:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (319), with CRLF line terminators
Hash 598abb3fa7454166168a8421e7717fe3
0ac86b3d1874ce7d8ff27fde87cba983fe6c0a7e
6c26dfcc91903ce58faab0e1d859f9780e00103236fefd25bb3499f7be959e0a
GET / HTTP/1.1
Host: www.slapback.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Apr 2023 14:20:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: namecheap-nginx
X-CST: HIT, MISS
Allow: GET, HEAD
Content-Encoding: gzip
i.cdnpark.com/themes/assets/style.css
65.9.55.58200 OK 359 B URL GET HTTP/1.1 i.cdnpark.com/themes/assets/style.css
IP 65.9.55.58:80
Requested by http://www.slapback.shop/
Hash 032ec25397c92f462776dcb9e6267c69
8920951fd2a5222d0776954873d3e94f2a910954
169fcc59cf94c77a091e2c55daef50b28332bf78508bf8555bb93a1e7342479f
GET /themes/assets/style.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 28 Nov 2022 10:41:35 GMT
Content-Encoding: gzip
Date: Sun, 16 Apr 2023 01:14:28 GMT
ETag: W/"6384905f-37c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0dbf67e262a6295e9e8f6570f9aae7e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: iPoqOmwlNri-oq6UV3KsXCX72KVNuO4vlP6IvajlXl3ktGwLTG2UzA==
Age: 47143
i.cdnpark.com/themes/registrar/style_namecheap.css
65.9.55.58200 OK 1.8 kB URL GET HTTP/1.1 i.cdnpark.com/themes/registrar/style_namecheap.css
IP 65.9.55.58:80
Requested by http://www.slapback.shop/
File type ASCII text, with very long lines (1313)
Hash 32662929dadf9b5a995b6a0b8106eeeb
1d8b6574edf5e05a28e5c74a6bd7359da35347a9
41a5e25c7119b26620ac929ad752b94086f5ca9fbbbf26e35af807eb4bfe2941
GET /themes/registrar/style_namecheap.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
Date: Sat, 15 Apr 2023 17:20:59 GMT
ETag: W/"5ebab1f0-fa0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d30a7800f939c215cded21c657c43fc8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: qgXG5GI1iX1qDCbKRY4Ul3l0i2Wj1WGCaBx_Jzwq688BxELTri7U4g==
Age: 75572
i.cdnpark.com/themes/registrar/images/logo_namecheap.png
65.9.55.58200 OK 4.9 kB URL GET HTTP/1.1 i.cdnpark.com/themes/registrar/images/logo_namecheap.png
IP 65.9.55.58:80
Requested by http://www.slapback.shop/
File type PNG image data, 260 x 60, 8-bit colormap, non-interlaced\012- data
Hash 24cfc82dfacb3ecc2e1ba6600391576d
49eaca85596996a749c9d7407189fdb86845667e
903046ac1355826e49c089ca2dd88c720bff908adb1760ee6e1884755b6041f1
GET /themes/registrar/images/logo_namecheap.png HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4917
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
Date: Sun, 16 Apr 2023 08:15:53 GMT
ETag: "5ebab1f0-1335"
X-Cache: Hit from cloudfront
Via: 1.1 0dbf67e262a6295e9e8f6570f9aae7e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: rGxcOPl4fNdNb-9fQFy77T_bAD9ELvzpIYTMmlN0wgl53Z5Ir52Jsw==
Age: 21883
parkingcrew.net/jsparkcaf.php?regcn=243142&_v=2&_h=www.slapback.shop&_t=1681654909832
185.53.179.29200 OK 3.6 kB URL GET HTTP/1.1 parkingcrew.net/jsparkcaf.php?regcn=243142&_v=2&_h=www.slapback.shop&_t=1681654909832
IP 185.53.179.29:80
ASN #61969 Team Internet AG
Requested by http://www.slapback.shop/
File type HTML document, ASCII text, with very long lines (2981)
Hash 712655de6592c09c165905a198ae4ffd
25d5d8a4114d92815c2ca9dfdf900c3feafaa725
cf556ae2403babf5bf0559449818b2075961f2792f1edae5363946c7b7cb96f5
GET /jsparkcaf.php?regcn=243142&_v=2&_h=www.slapback.shop&_t=1681654909832 HTTP/1.1
Host: parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Apr 2023 14:20:11 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Language: norwegian
X-Domain: slapback.shop
X-Subdomain: www
X-Template: tpl_CleanPeppermintBlack_twoclick
d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js
108.157.217.223200 OK 5.6 kB URL GET HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js
IP 108.157.217.223:80
Requested by http://www.slapback.shop/
Hash 6f95d346f97b06c2d81a5cb147d35de0
c591eaa19ed0d227b4555f5e699b668b05aa40b0
35ca990c39f9194a5a17ff664a0fdcc7dfb6cb433ea6844e2960d9744bd9b9b6
GET /scripts/jsparkcaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 5638
Connection: keep-alive
Server: nginx
Date: Sun, 16 Apr 2023 00:52:41 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
ETag: "5ebab1f0-1606"
X-Cache: Hit from cloudfront
Via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: d6Xj6sXQMaMhwP1fnMk2sl5bq9axHTGjE3SBv2iYU5GtmKlfizdkyQ==
Age: 48450
www.google.com/adsense/domains/caf.js?abp=1
142.250.74.164200 OK 54 kB URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js?abp=1
IP 142.250.74.164:80
Requested by http://www.slapback.shop/
File type ASCII text, with very long lines (2193)
Hash 75962b0ac1aa0dfafed58998e41425ad
da3ea081612734023bf99849df3cd741ad619945
24a2f491915f803079cadaadaffa3471913dc1c7f62d41ebd36fc701a1b2f87e
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sun, 16 Apr 2023 14:20:11 GMT
Expires: Sun, 16 Apr 2023 14:20:11 GMT
Cache-Control: private, max-age=3600
ETag: "1389358556727094508"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
js.parkingcrew.net/ls.php?t=643c041b&token=efcb3c5f4c566fe87b2a42243d05b4a506829554
185.53.178.30201 Created 16 B URL GET HTTP/1.1 js.parkingcrew.net/ls.php?t=643c041b&token=efcb3c5f4c566fe87b2a42243d05b4a506829554
IP 185.53.178.30:80
Requested by http://www.slapback.shop/
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /ls.php?t=643c041b&token=efcb3c5f4c566fe87b2a42243d05b4a506829554 HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.slapback.shop
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Server: nginx
Date: Sun, 16 Apr 2023 14:20:11 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 643c041b8884ad0ca1704323
Charset: utf-8
Access-Control-Allow-Origin: http://www.slapback.shop
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_DURc/4h7xanP1sgBHjiDCOm9x7al4odGAVT3lugA4O3wfvMj8WzROuPbP8r58rdjN+K9IeZo1TFiLtJYoh1giw==
js.parkingcrew.net/track.php?domain=slapback.shop&toggle=browserjs&uid=MTY4MTY1NDgxMS43MDU2OmE0YzY5N2JmYjk0MjQ3MDRiNTgxYmVmZTVlYmQ0ZTExMzZmYjk1NTI2YzFiMzE2ZjA0NjkyYjg2NjM5MTAyOTk6NjQzYzA0MWJhYzQ0OA%3D%3D
185.53.178.30200 OK 20 B URL GET HTTP/1.1 js.parkingcrew.net/track.php?domain=slapback.shop&toggle=browserjs&uid=MTY4MTY1NDgxMS43MDU2OmE0YzY5N2JmYjk0MjQ3MDRiNTgxYmVmZTVlYmQ0ZTExMzZmYjk1NTI2YzFiMzE2ZjA0NjkyYjg2NjM5MTAyOTk6NjQzYzA0MWJhYzQ0OA%3D%3D
IP 185.53.178.30:80
Requested by http://www.slapback.shop/
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=slapback.shop&toggle=browserjs&uid=MTY4MTY1NDgxMS43MDU2OmE0YzY5N2JmYjk0MjQ3MDRiNTgxYmVmZTVlYmQ0ZTExMzZmYjk1NTI2YzFiMzE2ZjA0NjkyYjg2NjM5MTAyOTk6NjQzYzA0MWJhYzQ0OA%3D%3D HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.slapback.shop
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Apr 2023 14:20:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
js.parkingcrew.net/assets/scripts/registrar-caf/243142.js
185.53.178.30200 OK 3.0 kB URL GET HTTP/1.1 js.parkingcrew.net/assets/scripts/registrar-caf/243142.js
IP 185.53.178.30:80
Requested by http://www.slapback.shop/
Hash 23316d6bbbe4b9d7c85945ce4c9428e5
f7c03d2a03416a697d658cf799620684f958664b
119710c0d9e01024bc9d65493a77b661196c02706ce008f5152f78b3c224a981
GET /assets/scripts/registrar-caf/243142.js HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Apr 2023 14:20:12 GMT
Content-Type: application/javascript
Content-Length: 2994
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-bb2"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 52905a1bf014a46a9118ac25c4514ec6
616a0a5bc1ad7b9e44f6ec4bcc5e156fd1e1068f
26e98d436e8fd2a29b27417bfc6c06cd9504555b7b183e3dd3c1b20617503053
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Apr 2023 14:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 67b2eeec8e091e65f6b9615126a5fd1c
e99dc927f2920a7cfaef174945e11201386a6d55
b624d1378a345f25eab6c96afbb8b5164e9e8c99905eadc333df3163fc631e4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Apr 2023 14:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 67b2eeec8e091e65f6b9615126a5fd1c
e99dc927f2920a7cfaef174945e11201386a6d55
b624d1378a345f25eab6c96afbb8b5164e9e8c99905eadc333df3163fc631e4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Apr 2023 14:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.slapback.shop&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
216.58.207.226200 OK 244 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.slapback.shop&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
IP 216.58.207.226:443
Requested by http://www.slapback.shop/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
Fingerprint4B:CB:DB:D2:14:E4:F5:46:FA:69:7D:5D:7F:77:3E:7B:A4:87:E2:E7
ValidityTue, 28 Mar 2023 16:51:59 GMT - Tue, 20 Jun 2023 16:51:58 GMT
File type ASCII text, with very long lines (366), with no line terminators
Hash 832ecdc3770abe2e070fc862cfb26738
8ec538718e5c5a8eed71c0df25e80c81d997050c
c215dd01dec77fb8f8a6d028ca20c417ac3914ce9ab5b789557b573793b2afa2
GET /gampad/cookie.js?domain=www.slapback.shop&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.slapback.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 16 Apr 2023 14:20:12 GMT
server: cafe
cache-control: private
content-length: 244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/afs/ads/i/iframe.html
142.250.74.164200 OK 728 B URL GET HTTP/2 www.google.com/afs/ads/i/iframe.html
IP 142.250.74.164:443
Requested by http://www.slapback.shop/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint3E:43:00:13:2A:5D:12:97:9E:3A:1C:62:F3:7E:D1:C4:FB:DB:B7:73
ValidityTue, 28 Mar 2023 16:54:58 GMT - Tue, 20 Jun 2023 16:54:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Hash 692c7dfe26dc8855bc9cb6da3273a761
c4fa6ca3a1aff2b1be672eb96cceaf06cd4dd1b6
ff72a8d612d7d2cdb99f6c55f33704aba27e46ef6f186aec6acb86fa823ff1fe
GET /afs/ads/i/iframe.html HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.slapback.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-XtK6cfVrAMjhxxbgRIvvSA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 728
date: Sun, 16 Apr 2023 14:20:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 18 Oct 2021 14:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.slapback.shop%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300965%2C17301099&format=r10%7Cs&nocache=2211681654910894&num=0&output=afd_ads&domain_name=www.slapback.shop&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681654910901&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.slapback.shop%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
142.250.74.164200 OK 3.0 kB URL GET HTTP/2 www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.slapback.shop%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300965%2C17301099&format=r10%7Cs&nocache=2211681654910894&num=0&output=afd_ads&domain_name=www.slapback.shop&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681654910901&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.slapback.shop%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
IP 142.250.74.164:443
Requested by http://www.slapback.shop/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint3E:43:00:13:2A:5D:12:97:9E:3A:1C:62:F3:7E:D1:C4:FB:DB:B7:73
ValidityTue, 28 Mar 2023 16:54:58 GMT - Tue, 20 Jun 2023 16:54:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7378)
Hash 3f3b8c6c2a4b5ccd8283ffba17628191
acf6b5c1f52995a3f8965e5be08d8c6431cf5b2b
da6d2284aed473db63700f546e7707fc93a3609fb0d76322dd9fd2bdfb1217ad
GET /afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.slapback.shop%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300965%2C17301099&format=r10%7Cs&nocache=2211681654910894&num=0&output=afd_ads&domain_name=www.slapback.shop&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681654910901&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.slapback.shop%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.slapback.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sun, 16 Apr 2023 14:20:12 GMT
expires: Sun, 16 Apr 2023 14:20:12 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-9EuhgSz8_-gbUxwlVutUYg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 3035
x-xss-protection: 0
set-cookie: NID=511=rr1jqPWm_IQ_HsawEQ9FgxzYVBNxzs5Yr2OQC6NfvtCilvccnCrORZygqDH5kP10wQ2YZmawCTNF8JF760PTdM0QYTODfIUI7Q1ZOI5qbOuwswmqDUH4WjYuQgQH6ToO90CdpOhaYh--ZS7ZtChxzUc7RtgTRfUzRZGen_9SBcg; expires=Mon, 16-Oct-2023 14:20:12 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+264; expires=Tue, 15-Apr-2025 14:20:12 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 52905a1bf014a46a9118ac25c4514ec6
616a0a5bc1ad7b9e44f6ec4bcc5e156fd1e1068f
26e98d436e8fd2a29b27417bfc6c06cd9504555b7b183e3dd3c1b20617503053
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Apr 2023 14:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 109c732502518f8438cbe0fcff7c01c5
368930947abba51bd3564e21f769bec890b3710e
662f09101b34ce9480e5bb0fd01a0e3eb9d6957c50c54e544a4480062d76f366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Apr 2023 14:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.parkingcrew.net/track.php?domain=slapback.shop&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTY1NDgxMS43MDU2OmE0YzY5N2JmYjk0MjQ3MDRiNTgxYmVmZTVlYmQ0ZTExMzZmYjk1NTI2YzFiMzE2ZjA0NjkyYjg2NjM5MTAyOTk6NjQzYzA0MWJhYzQ0OA%3D%3D
185.53.178.30200 OK 20 B URL GET HTTP/1.1 js.parkingcrew.net/track.php?domain=slapback.shop&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTY1NDgxMS43MDU2OmE0YzY5N2JmYjk0MjQ3MDRiNTgxYmVmZTVlYmQ0ZTExMzZmYjk1NTI2YzFiMzE2ZjA0NjkyYjg2NjM5MTAyOTk6NjQzYzA0MWJhYzQ0OA%3D%3D
IP 185.53.178.30:80
Requested by http://www.slapback.shop/
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=slapback.shop&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTY1NDgxMS43MDU2OmE0YzY5N2JmYjk0MjQ3MDRiNTgxYmVmZTVlYmQ0ZTExMzZmYjk1NTI2YzFiMzE2ZjA0NjkyYjg2NjM5MTAyOTk6NjQzYzA0MWJhYzQ0OA%3D%3D HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.slapback.shop
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Apr 2023 14:20:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 11d040dbaa34b7e5276037106a6680d9
60d9bc2a2a549d44d8b9df2bd5228d971e0be83a
edb63e46459061eed3051767a24ed844e82cb5603d534006dcba92d143ed7e7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Apr 2023 14:20:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 11d040dbaa34b7e5276037106a6680d9
60d9bc2a2a549d44d8b9df2bd5228d971e0be83a
edb63e46459061eed3051767a24ed844e82cb5603d534006dcba92d143ed7e7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Apr 2023 14:20:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
142.250.74.97200 OK 174 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
IP 142.250.74.97:443
Requested by https://www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.slapback.shop%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300965%2C17301099&format=r10%7Cs&nocache=2211681654910894&num=0&output=afd_ads&domain_name=www.slapback.shop&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681654910901&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.slapback.shop%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash aa3a2f86d22121bff6d29639ccf1a157
bb7bbcdc7c5391dd50b78233fefd3216df8b452e
867d889f103b1a4ce8d5d9dc67d027656ecb34002ca254a290e8ff7d64c8ee6d
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 15 Apr 2023 18:07:02 GMT
expires: Sun, 16 Apr 2023 17:07:02 GMT
cache-control: public, max-age=82800
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 72791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
142.250.74.97200 OK 273 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
IP 142.250.74.97:443
Requested by https://www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.slapback.shop%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300965%2C17301099&format=r10%7Cs&nocache=2211681654910894&num=0&output=afd_ads&domain_name=www.slapback.shop&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681654910901&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.slapback.shop%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 4879b4bfc581cab5b5c803866211a36e
e1705c1fa9103a1a9f82a1bb5cd44c8e45bd520a
6ad1ffb79c80d41ec978dd45defe97ee70d0e2efd01bfe678198248819d1b98a
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 273
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 14:20:13 GMT
expires: Mon, 17 Apr 2023 13:20:13 GMT
cache-control: public, max-age=82800
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 11d040dbaa34b7e5276037106a6680d9
60d9bc2a2a549d44d8b9df2bd5228d971e0be83a
edb63e46459061eed3051767a24ed844e82cb5603d534006dcba92d143ed7e7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Apr 2023 14:20:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=zdz28ue3rvly&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bs&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C366%7C133%7C288&lle=0&ifv=1&usr=1
142.250.74.164204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=zdz28ue3rvly&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bs&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C366%7C133%7C288&lle=0&ifv=1&usr=1
IP 142.250.74.164:443
Requested by http://www.slapback.shop/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=zdz28ue3rvly&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bs&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C366%7C133%7C288&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.slapback.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-dyIDZ1tIursla_t6Nnv8JA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sun, 16 Apr 2023 14:20:14 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=OFMVlI2SsCowY1br_uC3WLu0TwVBeXycIHmAJBNHFewqXjyO4G1xyKHgB_bYvVm9E42-WKBNEN2Qojbctmn1p1yFc54W40bdHT8HOtsdz7338y6wyVk8lkS5uPvLuqAanDGaCn49pmHBMJEJMImsqkBAX5YpmKMsh-BAdkOcg8Y; expires=Mon, 16-Oct-2023 14:20:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+356; expires=Tue, 15-Apr-2025 14:20:14 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 54 kB URL GET HTTP/3 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:443
Requested by https://www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.slapback.shop%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300965%2C17301099&format=r10%7Cs&nocache=2211681654910894&num=0&output=afd_ads&domain_name=www.slapback.shop&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681654910901&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.slapback.shop%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type ASCII text, with very long lines (2193)
Hash eccafb7faa6122047dfd6370c9a0176e
ed67620322ddc228decde86ec0ce6af671ed574b
4ac2ff1b93d2d855f5814ea456d45d4b6009ebb6bb425944151656ff7649d744
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Alt-Used: www.google.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sun, 16 Apr 2023 14:20:13 GMT
expires: Sun, 16 Apr 2023 14:20:13 GMT
cache-control: private, max-age=3600
etag: "10270508410860583183"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=17jnc34daerr&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bv&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C366%7C133%7C288&lle=0&ifv=1&usr=1
142.250.74.164204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=17jnc34daerr&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bv&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C366%7C133%7C288&lle=0&ifv=1&usr=1
IP 142.250.74.164:443
Requested by http://www.slapback.shop/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=17jnc34daerr&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bv&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C366%7C133%7C288&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.slapback.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zG2Y6a6jePOxhyrTRQDQdg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sun, 16 Apr 2023 14:20:15 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=WV27MryN4ix-XBIq0zZTUvkjt5-L1XMZdecpeLdR0hGVGOnk9jeOUjd_MwfMPIfZJPfr4Zmg-nh00mtLIxzPFYWQoumS6jWLHtsB6Szn_JxKXU40hDFI1V-HboqHGIZnI1pSgGxxgFZbkYRXxYhULCaz8cFRh2h25SKWbUF8yqM; expires=Mon, 16-Oct-2023 14:20:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+878; expires=Tue, 15-Apr-2025 14:20:15 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=v75rlevq4jb2&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bv&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C378%7C133%7C288&lle=0&ifv=1&usr=1
142.250.74.164204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=v75rlevq4jb2&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bv&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C378%7C133%7C288&lle=0&ifv=1&usr=1
IP 142.250.74.164:443
Requested by http://www.slapback.shop/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=v75rlevq4jb2&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bv&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C378%7C133%7C288&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.slapback.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-DS_QWCCPCSspKVt4KWBzaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sun, 16 Apr 2023 14:20:15 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=KmRaJEndoc0v68ag-DfOgm_ZY20dCQ0dlE-cKcE-IhteckKrmhS_Q3x2RZ2NhK_BsXSMUkp7XTveq3-Ihl7EcO7WF4wIwifyig5KNg9buaw3NbFhpmExdtwrS5m_48SJXkgybDD8wwijKEWS4JITYEesPzffKh1eRYjoYs6rFD4; expires=Mon, 16-Oct-2023 14:20:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+471; expires=Tue, 15-Apr-2025 14:20:15 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.slapback.shop/favicon.ico
0.0.0.0 0 B URL GET www.slapback.shop/favicon.ico
IP 0.0.0.0:0
Requested by http://www.slapback.shop/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.slapback.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.slapback.shop/
Pragma: no-cache
Cache-Control: no-cache
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=g6zsazdusx5m&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bs&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C378%7C133%7C288&lle=0&ifv=1&usr=1
142.250.74.164204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=g6zsazdusx5m&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bs&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C378%7C133%7C288&lle=0&ifv=1&usr=1
IP 142.250.74.164:443
Requested by http://www.slapback.shop/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=g6zsazdusx5m&aqid=HAQ8ZNi1MMPuYIXovbAF&pbt=bs&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C378%7C133%7C288&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.slapback.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ENHD--R0jrBR3KeWeKId1Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sun, 16 Apr 2023 14:20:14 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=sGM6FutlDhGXd6iecrxKKlVy6DHgjA1RX4hFkr92FN_1BUBplASUBGc3WcGL2Z9EstFoWyYMMHxrEaX8Q-dWRUGDuNM9IQEwJFCRZwQuy-bcwO3W6I8HWp-G0aEkO4ezaYiLm0EQ1WoppRqxdnKZ4JM9WttUjJ1SOiuHb1UNo40; expires=Mon, 16-Oct-2023 14:20:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+339; expires=Tue, 15-Apr-2025 14:20:14 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000