302 Found 47 B URL User Request GET HTTP/1.1 IP
File type HTML document, ASCII text
Hash 659e689a34454e14eac49c1daab96d96
78e90225d4c11925fcb3c2d80025815ed0f52b89
ddcb5a7fc956427ebe1ab5a8a1f08de293db65cb67b5708118608eaac40947b8
NIDS Severity Alert suricata low ET INFO Namecheap URL Forward
GET / HTTP/1.1
Host: sophsoph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 18 Apr 2023 09:20:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 47
Connection: keep-alive
Location: http://www.sophsoph.com/
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx
i.cdnpark.com/themes/registrar/style_namecheap.css
200 OK 1.8 kB URL GET HTTP/1.1 i.cdnpark.com/themes/registrar/style_namecheap.css
IP
File type ASCII text, with very long lines (1313)
Hash 32662929dadf9b5a995b6a0b8106eeeb
1d8b6574edf5e05a28e5c74a6bd7359da35347a9
41a5e25c7119b26620ac929ad752b94086f5ca9fbbbf26e35af807eb4bfe2941
GET /themes/registrar/style_namecheap.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
Date: Tue, 18 Apr 2023 02:14:41 GMT
ETag: W/"5ebab1f0-fa0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2QIapFjk6Z73c8ieNOXDBQXKoxXwzjQTAnYbCYGgRMNgymc0UCjOiw==
Age: 25662
i.cdnpark.com/themes/assets/style.css
200 OK 359 B URL GET HTTP/1.1 i.cdnpark.com/themes/assets/style.css
IP
Hash 032ec25397c92f462776dcb9e6267c69
8920951fd2a5222d0776954873d3e94f2a910954
169fcc59cf94c77a091e2c55daef50b28332bf78508bf8555bb93a1e7342479f
GET /themes/assets/style.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Tue, 18 Apr 2023 06:17:55 GMT
Last-Modified: Mon, 28 Nov 2022 10:41:35 GMT
ETag: W/"6384905f-37c"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yzps6S84CodfJbIh9n27_lwk8CWwEb8FozeO4eFXqsTPuMNmuXj5KA==
Age: 10933
i.cdnpark.com/themes/registrar/images/logo_namecheap.png
200 OK 4.9 kB URL GET HTTP/1.1 i.cdnpark.com/themes/registrar/images/logo_namecheap.png
IP
File type PNG image data, 260 x 60, 8-bit colormap, non-interlaced\012- data
Hash 24cfc82dfacb3ecc2e1ba6600391576d
49eaca85596996a749c9d7407189fdb86845667e
903046ac1355826e49c089ca2dd88c720bff908adb1760ee6e1884755b6041f1
GET /themes/registrar/images/logo_namecheap.png HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4917
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
Date: Mon, 17 Apr 2023 21:09:37 GMT
ETag: "5ebab1f0-1335"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RzS5672FqwF16JJQZArm9wAvoFAeUHRjSxKXwebpxOoQiiHQVTOZmw==
Age: 44141
parkingcrew.net/jsparkcaf.php?regcn=243142&_v=2&_h=www.sophsoph.com&_t=1681809735049
200 OK 3.6 kB URL GET HTTP/1.1 parkingcrew.net/jsparkcaf.php?regcn=243142&_v=2&_h=www.sophsoph.com&_t=1681809735049
IP
ASN #61969 Team Internet AG
File type HTML document, ASCII text, with very long lines (2978)
Hash 418dbaea8c69b6e33a70559e2d2c1a8e
1602faa15d647d0dce5e56b500a652a568e05c04
713cbb7441d4d8a83317ae81d386711e6a762ac4916b2be6950bd81e94e64d44
GET /jsparkcaf.php?regcn=243142&_v=2&_h=www.sophsoph.com&_t=1681809735049 HTTP/1.1
Host: parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 18 Apr 2023 09:20:08 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Language: norwegian
X-Domain: sophsoph.com
X-Subdomain: www
X-Template: tpl_CleanPeppermintBlack_twoclick
d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js
200 OK 5.6 kB URL GET HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js
IP
Hash 6f95d346f97b06c2d81a5cb147d35de0
c591eaa19ed0d227b4555f5e699b668b05aa40b0
35ca990c39f9194a5a17ff664a0fdcc7dfb6cb433ea6844e2960d9744bd9b9b6
GET /scripts/jsparkcaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 5638
Connection: keep-alive
Server: nginx
Date: Tue, 18 Apr 2023 00:52:42 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
ETag: "5ebab1f0-1606"
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h1RbyfoEiL4f1ZzxHIGBoQixbDfykGY5p2x4K3ym-g1WcOfdNR026g==
Age: 30446
www.google.com/adsense/domains/caf.js?abp=1
200 OK 54 kB URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js?abp=1
IP
File type ASCII text, with very long lines (2193)
Hash 2482f485a9a0b28fb8e285bea2a5403c
ee251f2161b6a7b2b6941262e285673954b3df00
dc0143410470d8be1e03353635f2b1a4ee96c5a0d14027015af53e2f9772eaa9
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Tue, 18 Apr 2023 09:20:08 GMT
Expires: Tue, 18 Apr 2023 09:20:08 GMT
Cache-Control: private, max-age=3600
ETag: "17700383185653091626"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
js.parkingcrew.net/ls.php?t=643e60c8&token=b4de2fe13a4aa12c0f621bdbc85076a807ab6848
201 Created 16 B URL GET HTTP/1.1 js.parkingcrew.net/ls.php?t=643e60c8&token=b4de2fe13a4aa12c0f621bdbc85076a807ab6848
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /ls.php?t=643e60c8&token=b4de2fe13a4aa12c0f621bdbc85076a807ab6848 HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.sophsoph.com
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Server: nginx
Date: Tue, 18 Apr 2023 09:20:08 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 643e60c81f2c7f1d2d4f5ef5
Charset: utf-8
Access-Control-Allow-Origin: http://www.sophsoph.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_AeA81RB/acRmGIHPaTCyl+MEA/a+uyKoSW7VxWRE5TODo3RgJbhKL9FDIItBr+NvWdFICuunX+Ze4pgo8SwcuA==
200 OK 1.9 kB URL User Request GET HTTP/1.1 IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (319), with CRLF line terminators
Hash 8e54e77fba019cf104646eb7f63fac1c
bc880d1639b3139710d1432dd8518e39af12cbb6
f5de52d2d628466cc60ec05fa832a1b8ce7c8e83e8a04803b0070da1f66311e4
GET / HTTP/1.1
Host: www.sophsoph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Apr 2023 09:20:07 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: namecheap-nginx
X-CST: MISS, MISS
Allow: GET, HEAD
Content-Encoding: gzip
js.parkingcrew.net/track.php?domain=sophsoph.com&toggle=browserjs&uid=MTY4MTgwOTYwOC4xMjg0OjBlMjcyNGI3ZWIzOTUwNjFkMzgyZDNmNTAyZGQ1ZDJlMzJlOTliOWJlZDg1MDFiYWE5NjU2OGExMjU4NjFlZjU6NjQzZTYwYzgxZjU2Ng%3D%3D
200 OK 20 B URL GET HTTP/1.1 js.parkingcrew.net/track.php?domain=sophsoph.com&toggle=browserjs&uid=MTY4MTgwOTYwOC4xMjg0OjBlMjcyNGI3ZWIzOTUwNjFkMzgyZDNmNTAyZGQ1ZDJlMzJlOTliOWJlZDg1MDFiYWE5NjU2OGExMjU4NjFlZjU6NjQzZTYwYzgxZjU2Ng%3D%3D
IP
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=sophsoph.com&toggle=browserjs&uid=MTY4MTgwOTYwOC4xMjg0OjBlMjcyNGI3ZWIzOTUwNjFkMzgyZDNmNTAyZGQ1ZDJlMzJlOTliOWJlZDg1MDFiYWE5NjU2OGExMjU4NjFlZjU6NjQzZTYwYzgxZjU2Ng%3D%3D HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.sophsoph.com
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 18 Apr 2023 09:20:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
js.parkingcrew.net/assets/scripts/registrar-caf/243142.js
200 OK 3.0 kB URL GET HTTP/1.1 js.parkingcrew.net/assets/scripts/registrar-caf/243142.js
IP
Hash 23316d6bbbe4b9d7c85945ce4c9428e5
f7c03d2a03416a697d658cf799620684f958664b
119710c0d9e01024bc9d65493a77b661196c02706ce008f5152f78b3c224a981
GET /assets/scripts/registrar-caf/243142.js HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 18 Apr 2023 09:20:09 GMT
Content-Type: application/javascript
Content-Length: 2994
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-bb2"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
471 B IP
Hash 612a4035440aad44cff3ef492cfe67af
6b6a546e1f866b7ebe8ae64ebfb36b7c2f9b48f4
0d20ba7383f08606086b604f36457448a7530e4587a30a0a2f143ab92883a75f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 09:20:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 85452eab1011b8c45a2349f68a2a4a26
9cf24b7995f796fc23c7b7f82cc9e42f9e3e05ff
64bed84c5b60234572ca1a0d281c494c0ebbec7084ad5006c3e4b569c3805a00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 09:20:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 85452eab1011b8c45a2349f68a2a4a26
9cf24b7995f796fc23c7b7f82cc9e42f9e3e05ff
64bed84c5b60234572ca1a0d281c494c0ebbec7084ad5006c3e4b569c3805a00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 09:20:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.sophsoph.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
200 OK 242 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.sophsoph.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
Fingerprint4B:CB:DB:D2:14:E4:F5:46:FA:69:7D:5D:7F:77:3E:7B:A4:87:E2:E7
ValidityTue, 28 Mar 2023 16:51:59 GMT - Tue, 20 Jun 2023 16:51:58 GMT
File type ASCII text, with very long lines (364), with no line terminators
Hash 6bcbfee01a38f8a3a4ea24b1feb20a42
a14aa7eb23c81fc35d05a9cdc7820fc662f95798
dc9c587a6afe60f657135b9a2858d2cc70b237d73e9351dd249b38991e94e029
GET /gampad/cookie.js?domain=www.sophsoph.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sophsoph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 18 Apr 2023 09:20:09 GMT
server: cafe
cache-control: private
content-length: 242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/afs/ads/i/iframe.html
200 OK 728 B URL GET HTTP/2 www.google.com/afs/ads/i/iframe.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint3E:43:00:13:2A:5D:12:97:9E:3A:1C:62:F3:7E:D1:C4:FB:DB:B7:73
ValidityTue, 28 Mar 2023 16:54:58 GMT - Tue, 20 Jun 2023 16:54:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Hash 92bc19b77aba8788cf481c4d86631b40
252c17fa82820223ff600312b3789fa3044bdccc
1d5138eed599417b857eab7a2379a92c9c28c4f76250e17ee15e9a99b1b51604
GET /afs/ads/i/iframe.html HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sophsoph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-Cr703ugjv3l9FlsJ5N2Bvw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 728
date: Tue, 18 Apr 2023 09:20:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 18 Oct 2021 14:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.sophsoph.com%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r10%7Cs&nocache=1261681809736457&num=0&output=afd_ads&domain_name=www.sophsoph.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681809736463&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.sophsoph.com%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
200 OK 3.1 kB URL GET HTTP/2 www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.sophsoph.com%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r10%7Cs&nocache=1261681809736457&num=0&output=afd_ads&domain_name=www.sophsoph.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681809736463&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.sophsoph.com%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint3E:43:00:13:2A:5D:12:97:9E:3A:1C:62:F3:7E:D1:C4:FB:DB:B7:73
ValidityTue, 28 Mar 2023 16:54:58 GMT - Tue, 20 Jun 2023 16:54:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7482)
Hash 872c3fb9f68bc693d9dd08fad714b12c
2c04090a3d66a0673bf8fa3a4d8c9a93bef3fd73
90b0ab8f1a3faf32c373d8e904106becc8cc1a02b643d9c7909d0d713d5ee7ef
GET /afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.sophsoph.com%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r10%7Cs&nocache=1261681809736457&num=0&output=afd_ads&domain_name=www.sophsoph.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681809736463&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.sophsoph.com%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sophsoph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Tue, 18 Apr 2023 09:20:09 GMT
expires: Tue, 18 Apr 2023 09:20:09 GMT
cache-control: private, max-age=3600
x-content-security-policy-report-only: default-src https: data:; options eval-script inline-script; report-uri /csp_report; referrer origin
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-17zfQGlk-U2ZbxkI1z5SeA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 3126
x-xss-protection: 0
set-cookie: NID=511=jOajy59svZ9YpH_fEwZ_fbcF01ltjGSuHiXJ9aUFXsI1ONK9sUSxT2Drk2b4H3dBOC7BQs_741GcnCPk3404aYCvaF6TyGaFV9WPb4s2YPKfRD4vJtKGEZz8iyxh06sVlCaV8f5g0Eq7_-zfLCCHpN1VQNOT24YdE1wNZK5EvOU; expires=Wed, 18-Oct-2023 09:20:09 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+208; expires=Thu, 17-Apr-2025 09:20:09 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 612a4035440aad44cff3ef492cfe67af
6b6a546e1f866b7ebe8ae64ebfb36b7c2f9b48f4
0d20ba7383f08606086b604f36457448a7530e4587a30a0a2f143ab92883a75f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 09:20:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 2bb32eb287a980b1e3d6225302f2a399
2c5bfdfe6c3b0be4d73096793bdc6167ef920e4d
9fd58d9d6500c88f270ed41816a2d87472ce1fd1332e7a934e37cd499e39104a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 09:20:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.parkingcrew.net/track.php?domain=sophsoph.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTgwOTYwOC4xMjg0OjBlMjcyNGI3ZWIzOTUwNjFkMzgyZDNmNTAyZGQ1ZDJlMzJlOTliOWJlZDg1MDFiYWE5NjU2OGExMjU4NjFlZjU6NjQzZTYwYzgxZjU2Ng%3D%3D
200 OK 20 B URL GET HTTP/1.1 js.parkingcrew.net/track.php?domain=sophsoph.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTgwOTYwOC4xMjg0OjBlMjcyNGI3ZWIzOTUwNjFkMzgyZDNmNTAyZGQ1ZDJlMzJlOTliOWJlZDg1MDFiYWE5NjU2OGExMjU4NjFlZjU6NjQzZTYwYzgxZjU2Ng%3D%3D
IP
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=sophsoph.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTgwOTYwOC4xMjg0OjBlMjcyNGI3ZWIzOTUwNjFkMzgyZDNmNTAyZGQ1ZDJlMzJlOTliOWJlZDg1MDFiYWE5NjU2OGExMjU4NjFlZjU6NjQzZTYwYzgxZjU2Ng%3D%3D HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.sophsoph.com
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 18 Apr 2023 09:20:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
471 B IP
Hash de13eb66d448cbaec89de874dd4e2e34
d749cadf1f018be76a6533b28e5f30501bcb9d6a
85e3dd55e2d283817cd9c477ababb09f7baf1a0113c115101bd1971afdd24742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 09:20:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash de13eb66d448cbaec89de874dd4e2e34
d749cadf1f018be76a6533b28e5f30501bcb9d6a
85e3dd55e2d283817cd9c477ababb09f7baf1a0113c115101bd1971afdd24742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 09:20:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/adsense/domains/caf.js
200 OK 54 kB URL GET HTTP/3 www.google.com/adsense/domains/caf.js
IP
Requested by https://www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.sophsoph.com%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r10%7Cs&nocache=1261681809736457&num=0&output=afd_ads&domain_name=www.sophsoph.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681809736463&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.sophsoph.com%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type ASCII text, with very long lines (2193)
Hash f324b679546c2484c899dad0b5c16d13
f4d8a9e2eaa3215c7b4fd25269c79d5440b5152e
b77c3a0d645a899e468e4fcbfdeec451e3dcbd3b87bdd13a135d37b4e0990f69
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Alt-Used: www.google.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Tue, 18 Apr 2023 09:20:09 GMT
expires: Tue, 18 Apr 2023 09:20:09 GMT
cache-control: private, max-age=3600
etag: "3078882827275884539"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
200 OK 273 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
IP
Requested by https://www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.sophsoph.com%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r10%7Cs&nocache=1261681809736457&num=0&output=afd_ads&domain_name=www.sophsoph.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681809736463&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.sophsoph.com%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 4879b4bfc581cab5b5c803866211a36e
e1705c1fa9103a1a9f82a1bb5cd44c8e45bd520a
6ad1ffb79c80d41ec978dd45defe97ee70d0e2efd01bfe678198248819d1b98a
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 273
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 18 Apr 2023 09:20:10 GMT
expires: Wed, 19 Apr 2023 08:20:10 GMT
cache-control: public, max-age=82800
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash de13eb66d448cbaec89de874dd4e2e34
d749cadf1f018be76a6533b28e5f30501bcb9d6a
85e3dd55e2d283817cd9c477ababb09f7baf1a0113c115101bd1971afdd24742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 09:20:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=oabkk6mb373c&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bs&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C321%7C127%7C289&lle=0&ifv=1&usr=1
204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=oabkk6mb373c&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bs&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C321%7C127%7C289&lle=0&ifv=1&usr=1
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=oabkk6mb373c&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bs&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C321%7C127%7C289&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.sophsoph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-X4heXSzOp7hwHddS9wUNgw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Tue, 18 Apr 2023 09:20:11 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=M169ecseTrFUn_tHmgffHfoUkSlXqoB5LTwdv0bPtdfZX3XFJEI0VXv-3j6fdWM39TYjqYfipHUFwD96UZUkL4UKv5QKOhf03l4HCtsV1i0czJYI9WxLj6gY99rQX5HrV9tptdmP1-uDLExuE9sIAg23fFlmBO00xDdK4qA489g; expires=Wed, 18-Oct-2023 09:20:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+562; expires=Thu, 17-Apr-2025 09:20:11 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=f15c84lrlx9&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bs&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=4%7C0%7C335%7C127%7C289&lle=0&ifv=1&usr=1
204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=f15c84lrlx9&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bs&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=4%7C0%7C335%7C127%7C289&lle=0&ifv=1&usr=1
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=f15c84lrlx9&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bs&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=4%7C0%7C335%7C127%7C289&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.sophsoph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ExkBBkSCeGs1lt5W2gwP7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Tue, 18 Apr 2023 09:20:11 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=ICupx_UgjnvIjVhXk7lU3jsaoNpnWySkTcamVQMPePV3XgKlScDTsmQyv3fphHZY1iMEOsExuf7hNire6iyPol1GTyjZd_EYljy5hELZZ0AR6Inb70Ym7EzcSE07OlatJn9hc0BhGeTPQxqgLBxg36nA199KK_aOWD9lOBMpq38; expires=Wed, 18-Oct-2023 09:20:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+937; expires=Thu, 17-Apr-2025 09:20:11 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=8h5k3fx1zmg1&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bv&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C321%7C127%7C289&lle=0&ifv=1&usr=1
204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=8h5k3fx1zmg1&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bv&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C321%7C127%7C289&lle=0&ifv=1&usr=1
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=8h5k3fx1zmg1&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bv&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=18%7C0%7C321%7C127%7C289&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.sophsoph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-WOKT7VKv9ExY38atJ99Y1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Tue, 18 Apr 2023 09:20:12 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=SzYY7qJiTUYnFtUvIsszveTY9C7xgdtQLHXH-PKDT06Jtc6sjGrF3dXtCIbURrp3CRL-oWWPYXoilSZsJ35qEDJeM6_nzFmyzM2EhA2iX_lBDqDEtO1QYaGJsOyz04z5r-vK3d40T7YcI2H53ge6D0JRiB-INQ3YZuIaNvF5Sqw; expires=Wed, 18-Oct-2023 09:20:12 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+869; expires=Thu, 17-Apr-2025 09:20:12 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=1zscqmq2109b&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bv&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=4%7C0%7C335%7C127%7C289&lle=0&ifv=1&usr=1
204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=1zscqmq2109b&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bv&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=4%7C0%7C335%7C127%7C289&lle=0&ifv=1&usr=1
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=1zscqmq2109b&aqid=yWA-ZLbDIaWOxdwPjcOb6Ac&pbt=bv&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=4%7C0%7C335%7C127%7C289&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.sophsoph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-459MCeDnDDfu_ByKTdLWzg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Tue, 18 Apr 2023 09:20:12 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=rTDDsFohivZLhK17WnV1hnBHDhJDEoyCNhvRrsa715-z8CfoO-z0R4CiSCkhWYzvTtuv53xqYf3HWevQAvp9p_im6sV3vzFtgUB3KBvjKGjrcBOj5pP9SXC_EQ3rfH67dcT-wtTA2apBzLaV915Z09uhRbtuOVrc1KTkmh6a0OE; expires=Wed, 18-Oct-2023 09:20:12 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+423; expires=Thu, 17-Apr-2025 09:20:12 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.sophsoph.com/favicon.ico
0 B URL GET www.sophsoph.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.sophsoph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sophsoph.com/
Pragma: no-cache
Cache-Control: no-cache
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
200 OK 200 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
IP
Requested by https://www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.sophsoph.com%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r10%7Cs&nocache=1261681809736457&num=0&output=afd_ads&domain_name=www.sophsoph.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681809736463&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.sophsoph.com%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash c2f9f9b2de7be29dbdd2a707760bd8d7
3c1ca2c1f77ab056138e753c2633d807036b601b
9425ae6c4f167f3464382a52467482368a5fa21c246a0deffa13f3293db7ec80
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 17 Apr 2023 16:07:54 GMT
expires: Tue, 18 Apr 2023 15:07:54 GMT
cache-control: public, max-age=82800
age: 61936
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
192.64.119.40
185.53.179.29
0.0.0.0