103.224.212.250302 Found 0 B URL User Request GET HTTP/1.1 IP 103.224.212.250:80
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: meneike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
date: Fri, 07 Apr 2023 01:35:07 GMT
server: Apache
set-cookie: __tad=1680831307.1150005; expires=Mon, 04-Apr-2033 01:35:07 GMT; Max-Age=315360000
location: http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
91.195.240.106200 OK 7.2 kB URL User Request GET HTTP/1.1 ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
IP 91.195.240.106:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10263)
Hash 36c8052de9d0704dda46e7fabbeef7c5
b5833bd3ad2dd13455c868eb9d50abb99c6e06b0
1347f1f70e3674275a05eb3e84ada92649b4f3e0bfeb8a79722055f1c9cd8748
GET /?sub1=20230407-1135-075f-bdaa-9fe639d6293b HTTP/1.1
Host: ww16.meneike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 07 Apr 2023 01:35:07 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.17
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_ryfR1DPeu15PC9V7DQCdpbUpsqomJq3/Gair0N1s6oPwxnnAzCJxTdIapb29CGNCFyKJg3WIBsxRLUqe4/PyxQ==
last-modified: Fri, 07 Apr 2023 01:35:07 GMT
x-cache-miss-from: parking-7486c947f4-5vgs7
server: NginX
content-encoding: gzip
img.sedoparking.com/templates/bg/arrows.png
205.234.175.175200 OK 13 kB URL GET HTTP/1.1 img.sedoparking.com/templates/bg/arrows.png
IP 205.234.175.175:80
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
File type PNG image data, 426 x 475, 8-bit/color RGBA, non-interlaced\012- data
Hash 6dc0bad9aa452ff871b282dabd47131e
01411e6726e033240caa3926141a6adbc18a2d73
3059fbd6cd3550047483dca4071c93e5cf4cc79ce8bafc4388166fbc5279644b
GET /templates/bg/arrows.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.meneike.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Apr 2023 01:35:08 GMT
Content-Type: image/png
Content-Length: 12642
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Fri, 14 Apr 2023 01:35:08 GMT
X-CFHash: "6dc0bad9aa452ff871b282dabd47131e"
X-CFF: B
Last-Modified: Mon, 11 Oct 2021 05:39:44 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1674017007
CF4ttl: 31536000.000
X-CF2: M
Server: CFS 0215
X-CF-ReqID: 14b9dcc9555f615ff1ac86047215dc87
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:80
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
File type ASCII text, with very long lines (2193)
Hash db98097aee7092e0024a4afaf122fb78
dd7d4eed8831ae5bf0a0ff07126cf14bb78191e7
d5b015107bfc2e643dd974cd42ec02171445249ab9120ec2f02d61971102fe04
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.meneike.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Fri, 07 Apr 2023 01:35:08 GMT
Expires: Fri, 07 Apr 2023 01:35:08 GMT
Cache-Control: private, max-age=3600
ETag: "10266774381748133277"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
ww16.meneike.com/search/tsc.php?200=MTMxMTkyNzI1&21=OTEuOTAuNDIuMTU0&681=MTY4MDgzMTMwN2NiYWYyNmFlOWE1MzkyY2E1Yjc5NmU3MjYzMTY1ZTAz&crc=12be6ab5a755f4fe22d2af0535fa5676eda3d91f&cv=1
91.195.240.106200 OK 0 B URL GET HTTP/1.1 ww16.meneike.com/search/tsc.php?200=MTMxMTkyNzI1&21=OTEuOTAuNDIuMTU0&681=MTY4MDgzMTMwN2NiYWYyNmFlOWE1MzkyY2E1Yjc5NmU3MjYzMTY1ZTAz&crc=12be6ab5a755f4fe22d2af0535fa5676eda3d91f&cv=1
IP 91.195.240.106:80
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=MTMxMTkyNzI1&21=OTEuOTAuNDIuMTU0&681=MTY4MDgzMTMwN2NiYWYyNmFlOWE1MzkyY2E1Yjc5NmU3MjYzMTY1ZTAz&crc=12be6ab5a755f4fe22d2af0535fa5676eda3d91f&cv=1 HTTP/1.1
Host: ww16.meneike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Fri, 07 Apr 2023 01:35:08 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.17
x-cache-miss-from: parking-7486c947f4-lzqsc
server: NginX
img.sedoparking.com/templates/logos/sedo_logo.png
205.234.175.175200 OK 15 kB URL GET HTTP/1.1 img.sedoparking.com/templates/logos/sedo_logo.png
IP 205.234.175.175:80
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash def00c11b1596db4efee6a9fbe64fc27
bd298981e6d8d7e4ffa18abcf687041f4246672d
95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4
GET /templates/logos/sedo_logo.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.meneike.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Apr 2023 01:35:08 GMT
Content-Type: image/png
Content-Length: 15086
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Fri, 14 Apr 2023 01:35:08 GMT
X-CFHash: "def00c11b1596db4efee6a9fbe64fc27"
X-CFF: B
Last-Modified: Mon, 11 Jan 2021 07:44:34 GMT
X-CF3: H
CF4Age: 10
x-cf-tsc: 1665141939
CF4ttl: 31536000.000
X-CF2: M
Server: CFS 0215
X-CF-ReqID: 79354d4ddb23a9616b2b5d2bb029e550
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 70b3f45617f3d14bbb85987c85110198
06f3713541a4fff35e197a5203a8ba4ed77dc753
b616ca4c950f70dbdf7a19d1feacd5909dd461666954bba33f056dc0a4a73467
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Apr 2023 01:35:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 70b3f45617f3d14bbb85987c85110198
06f3713541a4fff35e197a5203a8ba4ed77dc753
b616ca4c950f70dbdf7a19d1feacd5909dd461666954bba33f056dc0a4a73467
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Apr 2023 01:35:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/ads/i/iframe.html
142.250.74.132200 OK 729 B URL GET HTTP/2 www.google.com/afs/ads/i/iframe.html
IP 142.250.74.132:443
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintD3:51:DF:2C:C5:59:90:61:21:B2:F2:A0:D7:43:4E:06:00:25:AF:C9
ValidityMon, 13 Mar 2023 08:25:43 GMT - Mon, 05 Jun 2023 08:25:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Hash c6f822ffb59a9259c0723551167c5254
96a4044d1bde254d9241a0949112f80b2acf075c
a2e96925e0e0dd658b32d613babb20e3755d3157b9eee4fde4fc4f023b2ac9fc
GET /afs/ads/i/iframe.html HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww16.meneike.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-Fr08x4k7qjKbXLoyOcEsvw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 729
date: Fri, 07 Apr 2023 01:35:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 18 Oct 2021 14:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8e5fb5bdf5f374d27c6692d52352942b
e04770a6afe3ff794e665c712242f314bdc2c7cf
cd995753a8678e5e49a78a076f512cc4fa40c4ecadcfbe8feaf5f8acba2e939a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Apr 2023 01:35:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/ads?adsafe=low&adtest=off&psid=9618345430&channel=cl-003%2Cexp-0051%2Cauxa-control-1%2C317556&client=dp-sedo85_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww16.meneike.com%2Fcaf%2F%3Fses%3DY3JlPTE2ODA4MzEzMDcmdGNpZD13dzE2Lm1lbmVpa2UuY29tNjQyZjczNGJkNzBmMzQuOTMwOTM2NTEmdGFzaz1zZWFyY2gmZG9tYWluPW1lbmVpa2UuY29tJmFfaWQ9MyZzZXNzaW9uPVlqUml5b3FiUjZieldPb0ZWTm9s&type=3&uiopt=false&swp=as-drid-2605568720519176&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=7541680831308115&num=0&output=afd_ads&domain_name=ww16.meneike.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1680831308126&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=999&frm=0&cl=521491932&uio=--&cont=rb-default&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Fww16.meneike.com%2F%3Fsub1%3D20230407-1135-075f-bdaa-9fe639d6293b&adbw=slave-1-1%3A300%2Cmaster-1%3A467
142.250.74.132200 OK 2.5 kB URL GET HTTP/2 www.google.com/afs/ads?adsafe=low&adtest=off&psid=9618345430&channel=cl-003%2Cexp-0051%2Cauxa-control-1%2C317556&client=dp-sedo85_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww16.meneike.com%2Fcaf%2F%3Fses%3DY3JlPTE2ODA4MzEzMDcmdGNpZD13dzE2Lm1lbmVpa2UuY29tNjQyZjczNGJkNzBmMzQuOTMwOTM2NTEmdGFzaz1zZWFyY2gmZG9tYWluPW1lbmVpa2UuY29tJmFfaWQ9MyZzZXNzaW9uPVlqUml5b3FiUjZieldPb0ZWTm9s&type=3&uiopt=false&swp=as-drid-2605568720519176&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=7541680831308115&num=0&output=afd_ads&domain_name=ww16.meneike.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1680831308126&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=999&frm=0&cl=521491932&uio=--&cont=rb-default&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Fww16.meneike.com%2F%3Fsub1%3D20230407-1135-075f-bdaa-9fe639d6293b&adbw=slave-1-1%3A300%2Cmaster-1%3A467
IP 142.250.74.132:443
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintD3:51:DF:2C:C5:59:90:61:21:B2:F2:A0:D7:43:4E:06:00:25:AF:C9
ValidityMon, 13 Mar 2023 08:25:43 GMT - Mon, 05 Jun 2023 08:25:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5941)
Hash ccddb19775c54fa70f02269965e01fa5
0d22150fece648fb9540a70076dd0d33a852912a
a324ae38dd76b36bcaa2ca0acb5b5b82f0ce3a6684d7a9ecee96aacec947edc0
GET /afs/ads?adsafe=low&adtest=off&psid=9618345430&channel=cl-003%2Cexp-0051%2Cauxa-control-1%2C317556&client=dp-sedo85_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww16.meneike.com%2Fcaf%2F%3Fses%3DY3JlPTE2ODA4MzEzMDcmdGNpZD13dzE2Lm1lbmVpa2UuY29tNjQyZjczNGJkNzBmMzQuOTMwOTM2NTEmdGFzaz1zZWFyY2gmZG9tYWluPW1lbmVpa2UuY29tJmFfaWQ9MyZzZXNzaW9uPVlqUml5b3FiUjZieldPb0ZWTm9s&type=3&uiopt=false&swp=as-drid-2605568720519176&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=7541680831308115&num=0&output=afd_ads&domain_name=ww16.meneike.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1680831308126&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=999&frm=0&cl=521491932&uio=--&cont=rb-default&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Fww16.meneike.com%2F%3Fsub1%3D20230407-1135-075f-bdaa-9fe639d6293b&adbw=slave-1-1%3A300%2Cmaster-1%3A467 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww16.meneike.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Fri, 07 Apr 2023 01:35:08 GMT
expires: Fri, 07 Apr 2023 01:35:08 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_QtS5U-RaqeBIr-GjpPssg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2455
x-xss-protection: 0
set-cookie: CONSENT=PENDING+275; expires=Sun, 06-Apr-2025 01:35:08 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=ww16.meneike.com&client=dp-sedo85_3ph&product=SAS&callback=__sasCookie
216.58.207.226200 OK 241 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ww16.meneike.com&client=dp-sedo85_3ph&product=SAS&callback=__sasCookie
IP 216.58.207.226:443
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
FingerprintB9:8F:00:60:7A:65:2F:CC:DA:39:C3:91:DE:88:F9:E5:98:34:03:28
ValidityMon, 13 Mar 2023 08:23:28 GMT - Mon, 05 Jun 2023 08:23:27 GMT
File type ASCII text, with very long lines (362), with no line terminators
Hash 7002b8968b9e81ec2b35796289f46d78
35e8d05d65b048086e8261b13efeacf0ee66d079
ae36393f06e70c1881086be72973429d027c2a61668bbf3835735d58406ae167
GET /gampad/cookie.js?domain=ww16.meneike.com&client=dp-sedo85_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww16.meneike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 07 Apr 2023 01:35:08 GMT
server: cafe
cache-control: private
content-length: 241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 9fb9e25865d789a04e00d4dcaaeb1227
db4e6d5b1ee006e3262f07eecbaaed1dd9e839aa
7d87a30307a6d258dfbc668e9317313e89dd3ba83abd8a09c4506bbe81f3f477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Apr 2023 01:35:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8e5fb5bdf5f374d27c6692d52352942b
e04770a6afe3ff794e665c712242f314bdc2c7cf
cd995753a8678e5e49a78a076f512cc4fa40c4ecadcfbe8feaf5f8acba2e939a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Apr 2023 01:35:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 47605b92fef0ccde4f954c340bdd6883
ae52b921f6a3eb54cff2a89288ef344010a69dfc
61ba407246803693267b99700f8c39c8f1251cb6b464de102f30b18e1f008ef7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Apr 2023 01:35:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 47605b92fef0ccde4f954c340bdd6883
ae52b921f6a3eb54cff2a89288ef344010a69dfc
61ba407246803693267b99700f8c39c8f1251cb6b464de102f30b18e1f008ef7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Apr 2023 01:35:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:80
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
File type ASCII text, with very long lines (2193)
Hash 4e8bf06b73ee6cdf9a480bcb25f9b736
50f98909432add8a775b74dda6394f5ad49ebde9
ffb2b782cc56ac73fe0954f3ab54d5840d58fe49c668159abfd4d3fc266612f5
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Alt-Used: www.google.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 07 Apr 2023 01:35:08 GMT
expires: Fri, 07 Apr 2023 01:35:08 GMT
cache-control: private, max-age=3600
etag: "18123076506721609741"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.97200 OK 174 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.97:443
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=9618345430&channel=cl-003%2Cexp-0051%2Cauxa-control-1%2C317556&client=dp-sedo85_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww16.meneike.com%2Fcaf%2F%3Fses%3DY3JlPTE2ODA4MzEzMDcmdGNpZD13dzE2Lm1lbmVpa2UuY29tNjQyZjczNGJkNzBmMzQuOTMwOTM2NTEmdGFzaz1zZWFyY2gmZG9tYWluPW1lbmVpa2UuY29tJmFfaWQ9MyZzZXNzaW9uPVlqUml5b3FiUjZieldPb0ZWTm9s&type=3&uiopt=false&swp=as-drid-2605568720519176&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=7541680831308115&num=0&output=afd_ads&domain_name=ww16.meneike.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1680831308126&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=999&frm=0&cl=521491932&uio=--&cont=rb-default&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Fww16.meneike.com%2F%3Fsub1%3D20230407-1135-075f-bdaa-9fe639d6293b&adbw=slave-1-1%3A300%2Cmaster-1%3A467
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint63:B7:DA:B8:F4:6D:7F:D3:85:70:C7:6F:73:38:09:28:5E:9C:78:0C
ValidityMon, 13 Mar 2023 08:24:58 GMT - Mon, 05 Jun 2023 08:24:57 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 06 Apr 2023 12:45:26 GMT
expires: Fri, 07 Apr 2023 11:45:26 GMT
cache-control: public, max-age=82800
age: 46182
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 47605b92fef0ccde4f954c340bdd6883
ae52b921f6a3eb54cff2a89288ef344010a69dfc
61ba407246803693267b99700f8c39c8f1251cb6b464de102f30b18e1f008ef7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Apr 2023 01:35:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=1ztzyv9w6dl8&aqid=THMvZI_5EuWBiM0PyouGcA&psid=9618345430&pbt=bs&adbx=406.66668701171875&adby=134.64999389648438&adbh=604&adbw=467&adbah=178%2C178%2C226&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=20%7C0%7C292%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=1ztzyv9w6dl8&aqid=THMvZI_5EuWBiM0PyouGcA&psid=9618345430&pbt=bs&adbx=406.66668701171875&adby=134.64999389648438&adbh=604&adbw=467&adbah=178%2C178%2C226&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=20%7C0%7C292%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD7:4E:1B:2F:42:55:EA:42:0B:20:9F:F8:3C:07:ED:BE:50:2D:C0:4F
ValidityMon, 13 Mar 2023 08:18:01 GMT - Mon, 05 Jun 2023 08:18:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=1ztzyv9w6dl8&aqid=THMvZI_5EuWBiM0PyouGcA&psid=9618345430&pbt=bs&adbx=406.66668701171875&adby=134.64999389648438&adbh=604&adbw=467&adbah=178%2C178%2C226&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=20%7C0%7C292%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww16.meneike.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_S0zRpau7N69A_YFy-pHrg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Fri, 07 Apr 2023 01:35:10 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=s9xcHt3DiWAyZOaag-chvQ4EVAXETvM5SAp-rGDWDbmZK05tKZzntyj-HFK8CTrqjsImTzXrfZdgdgkVojRaescZH0tXwqkLsOTy3eqfolnXDAqsRMO5DfClx3OlP-oQzm0J_RS2yFxfli1UeVxqItZbx6BYaKrj8ym9EfZ9tcc; expires=Sat, 07-Oct-2023 01:35:10 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+965; expires=Sun, 06-Apr-2025 01:35:10 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=ogh0en1emsxu&aqid=THMvZI_5EuWBiM0PyouGcA&pbt=bs&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=5%7C0%7C307%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=ogh0en1emsxu&aqid=THMvZI_5EuWBiM0PyouGcA&pbt=bs&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=5%7C0%7C307%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD7:4E:1B:2F:42:55:EA:42:0B:20:9F:F8:3C:07:ED:BE:50:2D:C0:4F
ValidityMon, 13 Mar 2023 08:18:01 GMT - Mon, 05 Jun 2023 08:18:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=ogh0en1emsxu&aqid=THMvZI_5EuWBiM0PyouGcA&pbt=bs&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=5%7C0%7C307%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww16.meneike.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-GFMo-8uZPIFeqpQ1_PKq6Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Fri, 07 Apr 2023 01:35:10 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=gFxzY1PXUpPoPJa-Kw8-Nzpp4VPq95b7fjJD95RAQI6nt3K62Co1KpY8VwncVW94Ia4KHZLpXfTVCokXqV8c4ey1DMPguWLfDd_zBx0P6v4rONh-w8lWs4r3AeURXKCpB3S1AcOEz0zSMgK7yrTL9jHSNG6hnZ_XTMbWvZ-UffI; expires=Sat, 07-Oct-2023 01:35:10 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+454; expires=Sun, 06-Apr-2025 01:35:10 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=2a7x9zs11ft7&aqid=THMvZI_5EuWBiM0PyouGcA&pbt=bv&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=5%7C0%7C307%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=2a7x9zs11ft7&aqid=THMvZI_5EuWBiM0PyouGcA&pbt=bv&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=5%7C0%7C307%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD7:4E:1B:2F:42:55:EA:42:0B:20:9F:F8:3C:07:ED:BE:50:2D:C0:4F
ValidityMon, 13 Mar 2023 08:18:01 GMT - Mon, 05 Jun 2023 08:18:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=2a7x9zs11ft7&aqid=THMvZI_5EuWBiM0PyouGcA&pbt=bv&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=5%7C0%7C307%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww16.meneike.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3kp7aD7lhGjoz0Dfvau5Kg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Fri, 07 Apr 2023 01:35:10 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=hbO7X7PF9f-no689YTCesIupWwrvKHStN-2O0hm_-i06AzrrdNLsZlw8L0u1No3aSoxqWvltEbk-jpe6ni4aP_scPryttLu-ktsfp4cJb19q75sNt-C_4-Vvpxp59F3h5KAW-1m7D06i4CD9KuYNi-bncjzC_0NlUBVNGIIEyAQ; expires=Sat, 07-Oct-2023 01:35:10 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+454; expires=Sun, 06-Apr-2025 01:35:10 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=7o1eay3repbd&aqid=THMvZI_5EuWBiM0PyouGcA&psid=9618345430&pbt=bv&adbx=406.66668701171875&adby=134.64999389648438&adbh=604&adbw=467&adbah=178%2C178%2C226&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=20%7C0%7C292%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=7o1eay3repbd&aqid=THMvZI_5EuWBiM0PyouGcA&psid=9618345430&pbt=bv&adbx=406.66668701171875&adby=134.64999389648438&adbh=604&adbw=467&adbah=178%2C178%2C226&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=20%7C0%7C292%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://ww16.meneike.com/?sub1=20230407-1135-075f-bdaa-9fe639d6293b
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD7:4E:1B:2F:42:55:EA:42:0B:20:9F:F8:3C:07:ED:BE:50:2D:C0:4F
ValidityMon, 13 Mar 2023 08:18:01 GMT - Mon, 05 Jun 2023 08:18:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=7o1eay3repbd&aqid=THMvZI_5EuWBiM0PyouGcA&psid=9618345430&pbt=bv&adbx=406.66668701171875&adby=134.64999389648438&adbh=604&adbw=467&adbah=178%2C178%2C226&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=521491932&csala=20%7C0%7C292%7C180%7C310&lle=0&llm=1000&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww16.meneike.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-9DprhaA2UC-etffrKLSXKg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Fri, 07 Apr 2023 01:35:11 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=Q3V_Xj4p2YeDPOQ608bpK6Kf3pFQlp0nqLv3647cSdCOXcrjuePzGBxAamRBSuQE1yyahwEkGVWAWRWjAPEK10ctmxNreZHG5UA6W2RRkQz8cb6ot_bIJDuJ2GJ0XulmeDR5sYu9GYrw8HgUcwLmEQMNTCFs7-pVY7FsCQvtoGY; expires=Sat, 07-Oct-2023 01:35:10 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+375; expires=Sun, 06-Apr-2025 01:35:10 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
142.250.74.97200 OK 391 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
IP 142.250.74.97:443
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=9618345430&channel=cl-003%2Cexp-0051%2Cauxa-control-1%2C317556&client=dp-sedo85_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww16.meneike.com%2Fcaf%2F%3Fses%3DY3JlPTE2ODA4MzEzMDcmdGNpZD13dzE2Lm1lbmVpa2UuY29tNjQyZjczNGJkNzBmMzQuOTMwOTM2NTEmdGFzaz1zZWFyY2gmZG9tYWluPW1lbmVpa2UuY29tJmFfaWQ9MyZzZXNzaW9uPVlqUml5b3FiUjZieldPb0ZWTm9s&type=3&uiopt=false&swp=as-drid-2605568720519176&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=7541680831308115&num=0&output=afd_ads&domain_name=ww16.meneike.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1680831308126&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=999&frm=0&cl=521491932&uio=--&cont=rb-default&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Fww16.meneike.com%2F%3Fsub1%3D20230407-1135-075f-bdaa-9fe639d6293b&adbw=slave-1-1%3A300%2Cmaster-1%3A467
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint63:B7:DA:B8:F4:6D:7F:D3:85:70:C7:6F:73:38:09:28:5E:9C:78:0C
ValidityMon, 13 Mar 2023 08:24:58 GMT - Mon, 05 Jun 2023 08:24:57 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (406), with no line terminators
Hash 6653daca97adbad3f25e7073d2e4f999
be41fc4458f754dea51e3bbd583b47b43265471d
10efdb7103a66ef938fd3514d867b71533ae71bdfd40ab3e2aedce1918066dcf
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 273
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 06 Apr 2023 12:06:46 GMT
expires: Fri, 07 Apr 2023 11:06:46 GMT
cache-control: public, max-age=82800
age: 48502
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2