192.64.119.46302 Found 49 B URL User Request GET HTTP/1.1 IP 192.64.119.46:80
File type HTML document, ASCII text
Hash 9b72d909b830815b281e34316ebd9a9b
5bc4512831a10857db7ddcd14f9c15b68ae11ad9
eabf3187dca830c48fd1c26732021800444c060ea6549c4a3d4b059a3d4fb729
NIDS Severity Alert suricata low ET INFO Namecheap URL Forward
GET / HTTP/1.1
Host: tripodus.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 15 Apr 2023 18:03:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 49
Connection: keep-alive
Location: http://www.tripodus.click/
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx
198.54.117.215200 OK 1.9 kB URL User Request GET HTTP/1.1 IP 198.54.117.215:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (319), with CRLF line terminators
Hash 36d8b3cf22d8a31ce3f0c12dc2f63b54
b94daba2aba3d479ba16c638577fc34997e28251
962060edf6f6e49402f04b67b38e3735805b76b9c965decc63c7e77d13c5eed9
GET / HTTP/1.1
Host: www.tripodus.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 18:03:00 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: namecheap-nginx
X-CST: MISS, HIT
Allow: GET, HEAD
Content-Encoding: gzip
i.cdnpark.com/themes/assets/style.css
143.204.55.68200 OK 359 B URL GET HTTP/1.1 i.cdnpark.com/themes/assets/style.css
IP 143.204.55.68:80
Requested by http://www.tripodus.click/
Hash 032ec25397c92f462776dcb9e6267c69
8920951fd2a5222d0776954873d3e94f2a910954
169fcc59cf94c77a091e2c55daef50b28332bf78508bf8555bb93a1e7342479f
GET /themes/assets/style.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 28 Nov 2022 10:41:35 GMT
Content-Encoding: gzip
Date: Sat, 15 Apr 2023 02:37:19 GMT
ETag: W/"6384905f-37c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dPjl84XGOwEHuJKzNUErXeQC94tWxMxpjDgYOo_vJl22h0Asdfguuw==
Age: 57477
i.cdnpark.com/themes/registrar/style_namecheap.css
143.204.55.68200 OK 1.8 kB URL GET HTTP/1.1 i.cdnpark.com/themes/registrar/style_namecheap.css
IP 143.204.55.68:80
Requested by http://www.tripodus.click/
File type ASCII text, with very long lines (1313)
Hash 32662929dadf9b5a995b6a0b8106eeeb
1d8b6574edf5e05a28e5c74a6bd7359da35347a9
41a5e25c7119b26620ac929ad752b94086f5ca9fbbbf26e35af807eb4bfe2941
GET /themes/registrar/style_namecheap.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
Date: Sat, 15 Apr 2023 02:37:19 GMT
ETag: W/"5ebab1f0-fa0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JN4__bImb7Cdeyrc1kfsi5gZj4ZkbUlQYvPC7OmZK4NlttiWuEnkGQ==
Age: 57036
i.cdnpark.com/themes/registrar/images/logo_namecheap.png
143.204.55.68200 OK 4.9 kB URL GET HTTP/1.1 i.cdnpark.com/themes/registrar/images/logo_namecheap.png
IP 143.204.55.68:80
Requested by http://www.tripodus.click/
File type PNG image data, 260 x 60, 8-bit colormap, non-interlaced\012- data
Hash 24cfc82dfacb3ecc2e1ba6600391576d
49eaca85596996a749c9d7407189fdb86845667e
903046ac1355826e49c089ca2dd88c720bff908adb1760ee6e1884755b6041f1
GET /themes/registrar/images/logo_namecheap.png HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4917
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 06:15:55 GMT
ETag: "5ebab1f0-1335"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UgOMFxyiIk1oYAMRwM0p2acI1BXqRUSq-5yE3Q_hwnox9FSCPWGOAQ==
Age: 43176
parkingcrew.net/jsparkcaf.php?regcn=243142&_v=2&_h=www.tripodus.click&_t=1681581865710
185.53.179.29200 OK 3.6 kB URL GET HTTP/1.1 parkingcrew.net/jsparkcaf.php?regcn=243142&_v=2&_h=www.tripodus.click&_t=1681581865710
IP 185.53.179.29:80
ASN #61969 Team Internet AG
Requested by http://www.tripodus.click/
File type HTML document, ASCII text, with very long lines (2972)
Hash 4f3b59d961e653ee42ebd7c78161c498
cdbc51da995325cc4628ed6aeb8983ce8db751be
a7eb07c156971db9780e5e50cbf1426a439f376a31c93e76d48c1d46ad56afc8
GET /jsparkcaf.php?regcn=243142&_v=2&_h=www.tripodus.click&_t=1681581865710 HTTP/1.1
Host: parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 15 Apr 2023 18:03:01 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Language: norwegian
X-Domain: tripodus.click
X-Subdomain: www
X-Template: tpl_CleanPeppermintBlack_twoclick
www.google.com/adsense/domains/caf.js?abp=1
142.250.74.132200 OK 54 kB URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js?abp=1
IP 142.250.74.132:80
Requested by http://www.tripodus.click/
File type ASCII text, with very long lines (2193)
Hash 09f08f68fef663e132607dbbcb7d6f83
0c63e033580eb2990428967e3ca355044fd1dd6f
e9d8409ba2021d9ed6509d4b5acca91c17c1d679ad72401fd0232f6f823a1dcb
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 15 Apr 2023 18:03:01 GMT
Expires: Sat, 15 Apr 2023 18:03:01 GMT
Cache-Control: private, max-age=3600
ETag: "7798281312181003785"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js
18.66.121.190200 OK 5.6 kB URL GET HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js
IP 18.66.121.190:80
Requested by http://www.tripodus.click/
Hash 6f95d346f97b06c2d81a5cb147d35de0
c591eaa19ed0d227b4555f5e699b668b05aa40b0
35ca990c39f9194a5a17ff664a0fdcc7dfb6cb433ea6844e2960d9744bd9b9b6
GET /scripts/jsparkcaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 5638
Connection: keep-alive
Server: nginx
Date: Sat, 15 Apr 2023 00:52:40 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
ETag: "5ebab1f0-1606"
X-Cache: Hit from cloudfront
Via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Cf-Id: R5i6RW8CNKS1SSlaOzUbOZ4MhmjhBfLf4TM8rNT5AsK8JbrAnqjsmA==
Age: 61821
js.parkingcrew.net/ls.php?t=643ae6d5&token=551e7678e3e2277c324524e4a350359ce0434ed4
185.53.178.30201 Created 16 B URL GET HTTP/1.1 js.parkingcrew.net/ls.php?t=643ae6d5&token=551e7678e3e2277c324524e4a350359ce0434ed4
IP 185.53.178.30:80
Requested by http://www.tripodus.click/
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /ls.php?t=643ae6d5&token=551e7678e3e2277c324524e4a350359ce0434ed4 HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.tripodus.click
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Server: nginx
Date: Sat, 15 Apr 2023 18:03:01 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 643ae6d5fe1c9814ca08f084
Charset: utf-8
Access-Control-Allow-Origin: http://www.tripodus.click
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_f5b5QtL4b7b3hmysnEtv38dOF2yU0EE5Sv7TLuLt+9pfkwXkq0543eqomJIOr3UlmEtnqdCC10rIFQzPVl8l9w==
js.parkingcrew.net/track.php?domain=tripodus.click&toggle=browserjs&uid=MTY4MTU4MTc4MS4xODY6Y2JhY2FiOGU5YTNmMDRlODJkYWJiZDJlNTAzNjdmZDZjMWNhZDRjM2IzNGQwZWY2MzJiZjcxZjZlMmY3YjFlZjo2NDNhZTZkNTJkNjY4
185.53.178.30200 OK 20 B URL GET HTTP/1.1 js.parkingcrew.net/track.php?domain=tripodus.click&toggle=browserjs&uid=MTY4MTU4MTc4MS4xODY6Y2JhY2FiOGU5YTNmMDRlODJkYWJiZDJlNTAzNjdmZDZjMWNhZDRjM2IzNGQwZWY2MzJiZjcxZjZlMmY3YjFlZjo2NDNhZTZkNTJkNjY4
IP 185.53.178.30:80
Requested by http://www.tripodus.click/
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=tripodus.click&toggle=browserjs&uid=MTY4MTU4MTc4MS4xODY6Y2JhY2FiOGU5YTNmMDRlODJkYWJiZDJlNTAzNjdmZDZjMWNhZDRjM2IzNGQwZWY2MzJiZjcxZjZlMmY3YjFlZjo2NDNhZTZkNTJkNjY4 HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.tripodus.click
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 15 Apr 2023 18:03:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
js.parkingcrew.net/assets/scripts/registrar-caf/243142.js
185.53.178.30200 OK 3.0 kB URL GET HTTP/1.1 js.parkingcrew.net/assets/scripts/registrar-caf/243142.js
IP 185.53.178.30:80
Requested by http://www.tripodus.click/
Hash 23316d6bbbe4b9d7c85945ce4c9428e5
f7c03d2a03416a697d658cf799620684f958664b
119710c0d9e01024bc9d65493a77b661196c02706ce008f5152f78b3c224a981
GET /assets/scripts/registrar-caf/243142.js HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 15 Apr 2023 18:03:02 GMT
Content-Type: application/javascript
Content-Length: 2994
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-bb2"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 00e01e626f30855236b5e4c948c7746b
ccdb7e19dccadccd20ed6a2f65d7c83e49ba4590
976a751eb1236e7dda59d25208f1d4faff243f819b25ddeed0164113cd5a7b59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 18:03:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash a5372c680ccd9d577eeb4e35e4c48a07
d7cad1ad6e74f42f5fd2400ebbba0b20955d6f82
5cf5619f88df379b21a203f37fd5efbb73a36f3e3c4c7b78d19a1b857d2860ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 18:03:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 00e01e626f30855236b5e4c948c7746b
ccdb7e19dccadccd20ed6a2f65d7c83e49ba4590
976a751eb1236e7dda59d25208f1d4faff243f819b25ddeed0164113cd5a7b59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 18:03:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/ads/i/iframe.html
142.250.74.132200 OK 729 B URL GET HTTP/2 www.google.com/afs/ads/i/iframe.html
IP 142.250.74.132:443
Requested by http://www.tripodus.click/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint3E:43:00:13:2A:5D:12:97:9E:3A:1C:62:F3:7E:D1:C4:FB:DB:B7:73
ValidityTue, 28 Mar 2023 16:54:58 GMT - Tue, 20 Jun 2023 16:54:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Hash d852f0a2df2ad4046b6b9b48b64ccb27
7b880ad7b79104117cdfb7e2d08dce527bffafda
259bdf55857a7274d351515dc571131a3098c90bb6fb0379771d95d963792508
GET /afs/ads/i/iframe.html HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tripodus.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-hdVRjQ624Eqd0b-VpZfduA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 729
date: Sat, 15 Apr 2023 18:03:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 18 Oct 2021 14:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=www.tripodus.click&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
216.58.207.226200 OK 242 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.tripodus.click&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
IP 216.58.207.226:443
Requested by http://www.tripodus.click/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
Fingerprint4B:CB:DB:D2:14:E4:F5:46:FA:69:7D:5D:7F:77:3E:7B:A4:87:E2:E7
ValidityTue, 28 Mar 2023 16:51:59 GMT - Tue, 20 Jun 2023 16:51:58 GMT
File type ASCII text, with very long lines (368), with no line terminators
Hash dd09b1adc0a006210722fa81440999ce
ffbaa04023fb30988db64d8730de76d6c64c1bd8
ab5e911eb755e79af1478d8496ac911ee775e407b75e0a28861c86a3890a1a33
GET /gampad/cookie.js?domain=www.tripodus.click&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tripodus.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 15 Apr 2023 18:03:02 GMT
server: cafe
cache-control: private
content-length: 242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.tripodus.click%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300000&format=r10%7Cs&nocache=4941681581866800&num=0&output=afd_ads&domain_name=www.tripodus.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681581866807&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.tripodus.click%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
142.250.74.132200 OK 3.0 kB URL GET HTTP/2 www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.tripodus.click%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300000&format=r10%7Cs&nocache=4941681581866800&num=0&output=afd_ads&domain_name=www.tripodus.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681581866807&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.tripodus.click%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
IP 142.250.74.132:443
Requested by http://www.tripodus.click/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint3E:43:00:13:2A:5D:12:97:9E:3A:1C:62:F3:7E:D1:C4:FB:DB:B7:73
ValidityTue, 28 Mar 2023 16:54:58 GMT - Tue, 20 Jun 2023 16:54:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7395)
Hash ddea69179cc5a24bfb087accaf8d0062
c42c78152cdb3912548580a35c6d7ace5b0c03fb
eca72cecd213151642d8076bd7b73c11441e6c83674533d9e448b22ba3c38b15
GET /afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.tripodus.click%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300000&format=r10%7Cs&nocache=4941681581866800&num=0&output=afd_ads&domain_name=www.tripodus.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681581866807&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.tripodus.click%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tripodus.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 15 Apr 2023 18:03:02 GMT
expires: Sat, 15 Apr 2023 18:03:02 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-1u5-FAX4JfWlGndhj3afGA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 3024
x-xss-protection: 0
set-cookie: NID=511=Rp13VM8w3fAtv_1XSPGwWKNMLzXW52kvfYnVkLFgdsDRYUcHWJO27VlLWKPRIh2x6FuqNVPzm7x-4hnQ5xoJrWU4xEZhrsau5q2g3v4wAv3ZPYaxFzSV3bs2mFerkF6IE4rqCy1DKC3ZRwzILtQXB04LIRd7UCBHzEF1FCgD0xE; expires=Sun, 15-Oct-2023 18:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+099; expires=Mon, 14-Apr-2025 18:03:02 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 4450867227bc81baa89c9e135f91e537
260e302cf5302fab19b92430bf84dafd1f42264c
d2c192beac9317754b0754287fb8a2373a60a1fc3ace1e55c88d92744b1abcba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 18:03:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash a5372c680ccd9d577eeb4e35e4c48a07
d7cad1ad6e74f42f5fd2400ebbba0b20955d6f82
5cf5619f88df379b21a203f37fd5efbb73a36f3e3c4c7b78d19a1b857d2860ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 18:03:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL GET HTTP/3 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:443
Requested by https://www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.tripodus.click%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300000&format=r10%7Cs&nocache=4941681581866800&num=0&output=afd_ads&domain_name=www.tripodus.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681581866807&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.tripodus.click%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type ASCII text, with very long lines (2193)
Hash 166254cf95d517b09c7e5955714d65cd
6c5c11e41ece6d2dac5bf7f656bf6b9efb892827
b2c4d22f2414e7ca73760ea6400fdb94a7da4e31f10346e469bc6cd5d10d80ec
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Alt-Used: www.google.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 15 Apr 2023 18:03:02 GMT
expires: Sat, 15 Apr 2023 18:03:02 GMT
cache-control: private, max-age=3600
etag: "3306294254359549879"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ef38c91decc87d52e74191fae8678822
d979abf0931454ed2807174d06c435c8532ea68b
4a1a81a187ddcda8ca7c50fed7f452930726771843181d0dbdf8f3016523e75c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 18:03:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ef38c91decc87d52e74191fae8678822
d979abf0931454ed2807174d06c435c8532ea68b
4a1a81a187ddcda8ca7c50fed7f452930726771843181d0dbdf8f3016523e75c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 18:03:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
142.250.74.97200 OK 273 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
IP 142.250.74.97:443
Requested by https://www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.tripodus.click%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300000&format=r10%7Cs&nocache=4941681581866800&num=0&output=afd_ads&domain_name=www.tripodus.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681581866807&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.tripodus.click%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 4879b4bfc581cab5b5c803866211a36e
e1705c1fa9103a1a9f82a1bb5cd44c8e45bd520a
6ad1ffb79c80d41ec978dd45defe97ee70d0e2efd01bfe678198248819d1b98a
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 273
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 15 Apr 2023 18:03:02 GMT
expires: Sun, 16 Apr 2023 17:03:02 GMT
cache-control: public, max-age=82800
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
142.250.74.97200 OK 174 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
IP 142.250.74.97:443
Requested by https://www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww.tripodus.click%2F%3Fcaf&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300000&format=r10%7Cs&nocache=4941681581866800&num=0&output=afd_ads&domain_name=www.tripodus.click&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681581866807&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=329&frm=0&cl=523105112&uio=--&cont=tc_holder1&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fwww.tripodus.click%2F&adbw=slave-1-1%3A720%2Cmaster-1%3A720
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash aa3a2f86d22121bff6d29639ccf1a157
bb7bbcdc7c5391dd50b78233fefd3216df8b452e
867d889f103b1a4ce8d5d9dc67d027656ecb34002ca254a290e8ff7d64c8ee6d
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 15 Apr 2023 18:03:02 GMT
expires: Sun, 16 Apr 2023 17:03:02 GMT
cache-control: public, max-age=82800
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ef38c91decc87d52e74191fae8678822
d979abf0931454ed2807174d06c435c8532ea68b
4a1a81a187ddcda8ca7c50fed7f452930726771843181d0dbdf8f3016523e75c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 18:03:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=7tp9vcdd9ib&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bs&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C398%7C126%7C287&lle=0&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=7tp9vcdd9ib&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bs&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C398%7C126%7C287&lle=0&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://www.tripodus.click/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=7tp9vcdd9ib&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bs&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C398%7C126%7C287&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.tripodus.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-hNr_Wt0vtobCHwepnts50g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sat, 15 Apr 2023 18:03:04 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=niFXQ5QWJw22MXwgSEvSvy_4WHMCITZa3NVAtDmCmDrtY3H6BQb02BNvpwd0cBSMJhoEsp7ASx0B7q3d0BAlX4buhaaECM7ejBIpEPpR0shjGxhJue6HzZdJwx6zYYTA3nAEbcNET7kogLR0zg-frxBOiNI8Z3QP8wGyQofF4AM; expires=Sun, 15-Oct-2023 18:03:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+112; expires=Mon, 14-Apr-2025 18:03:04 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=w7snw336bhy&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bs&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=19%7C0%7C385%7C126%7C287&lle=0&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=w7snw336bhy&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bs&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=19%7C0%7C385%7C126%7C287&lle=0&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://www.tripodus.click/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=w7snw336bhy&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bs&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=19%7C0%7C385%7C126%7C287&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.tripodus.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-A7KJHnVgmM_LbSxCGcL1bg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sat, 15 Apr 2023 18:03:04 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=GLjSFu05UONGY1BEedZ0WcIZxjrnmK7nujLD7_c7vHSx34Rorv3DIR670tCbn-wl3W9gIdzTz23lkmnCX0ApMoYUw2tXU1ew1LOufx-i_RNnfrWyAe8BM_1gDGqnfo3pn4czaCRLf0672LD23JOsZp7cXF9iL6RgU_pq-Iv3NNk; expires=Sun, 15-Oct-2023 18:03:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+027; expires=Mon, 14-Apr-2025 18:03:04 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=sq0gzwikketq&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bv&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C398%7C126%7C287&lle=0&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=sq0gzwikketq&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bv&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C398%7C126%7C287&lle=0&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://www.tripodus.click/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=sq0gzwikketq&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bv&adbx=280&adby=807&adbh=36&adbw=720&adbn=slave-1-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=6%7C0%7C398%7C126%7C287&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.tripodus.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-C-Ne8HZWyFvVPcgSYD-yEg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sat, 15 Apr 2023 18:03:05 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=ZDMHBRgssL-ivcjfK2Ij5KiWDt8wlkWYa3CmRNP3QHIzZ-EGAyu7iMit8qhvQZtCygmenoM75oFMOdaHFZKFI6w5eGw6ogRqKN5I83rwSW8SuxK0WmM-Axnan61y_KwkPMNynoHZM25RKeyEXmPbWhQ_7fW9M54ORgjc4f3n44E; expires=Sun, 15-Oct-2023 18:03:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+437; expires=Mon, 14-Apr-2025 18:03:04 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=8bufrcik0qmr&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bv&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=19%7C0%7C385%7C126%7C287&lle=0&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=8bufrcik0qmr&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bv&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=19%7C0%7C385%7C126%7C287&lle=0&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://www.tripodus.click/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=8bufrcik0qmr&aqid=1uY6ZIHOEf2JiM0Pn8ijsAI&pbt=bv&adbx=280&adby=169&adbh=594&adbw=720&adbah=56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56%2C56&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=19%7C0%7C385%7C126%7C287&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://www.tripodus.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-jTVJ5K6BHWTmLqkgFhLrHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sat, 15 Apr 2023 18:03:05 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=HsBU4gF29JA0GaylGhqubnFi9oiSQoH5fXEzNr82mXUq3qxrmm2obfTY2r-T6n-uIBkwqAHRLk2jNp7yyLoea2sZHqizR6_tAHkf78ePZbb37MiYuYN3D2gCDjqmZaFlgrqBwXEr5UV8EXD90f9uEVdX7bjn0nCEDpj5-zqdgmo; expires=Sun, 15-Oct-2023 18:03:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+436; expires=Mon, 14-Apr-2025 18:03:04 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js.parkingcrew.net/track.php?domain=tripodus.click&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTU4MTc4MS4xODY6Y2JhY2FiOGU5YTNmMDRlODJkYWJiZDJlNTAzNjdmZDZjMWNhZDRjM2IzNGQwZWY2MzJiZjcxZjZlMmY3YjFlZjo2NDNhZTZkNTJkNjY4
185.53.178.30200 OK 0 B URL GET HTTP/1.1 js.parkingcrew.net/track.php?domain=tripodus.click&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTU4MTc4MS4xODY6Y2JhY2FiOGU5YTNmMDRlODJkYWJiZDJlNTAzNjdmZDZjMWNhZDRjM2IzNGQwZWY2MzJiZjcxZjZlMmY3YjFlZjo2NDNhZTZkNTJkNjY4
IP 185.53.178.30:80
Requested by http://www.tripodus.click/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track.php?domain=tripodus.click&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTU4MTc4MS4xODY6Y2JhY2FiOGU5YTNmMDRlODJkYWJiZDJlNTAzNjdmZDZjMWNhZDRjM2IzNGQwZWY2MzJiZjcxZjZlMmY3YjFlZjo2NDNhZTZkNTJkNjY4 HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.tripodus.click
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 15 Apr 2023 18:03:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.tripodus.click/favicon.ico
0.0.0.0 0 B URL GET www.tripodus.click/favicon.ico
IP 0.0.0.0:0
Requested by http://www.tripodus.click/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.tripodus.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tripodus.click/
Pragma: no-cache
Cache-Control: no-cache