Report - whoyd.usa.cc/document/secure/management

Report Overview

Visited public
2023-09-26 17:52:37
Tags
URL
whoyd.usa.cc/document/secure/management
Finishing URL
ww7.usa.cc/document/secure/management
IP / ASN
69.16.231.57
#32244 LIQUIDWEB
Title
Usa.cc

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-09-25 23:16:14	425 B	1.5 kB	142.250.74.138
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-09-20 20:05:47	3.1 kB	62 kB	216.58.207.228
afs.googleusercontent.com	12123	2008-11-17	2013-05-06 21:11:00	2023-09-25 18:12:21	983 B	2.1 kB	142.250.74.129
whoyd.usa.cc	unknown	2019-11-17	2023-07-27 10:55:22	2023-07-27 10:55:22	411 B	344 B	69.16.231.57
ww7.usa.cc	unknown	2019-11-17	2021-02-11 22:09:12	2023-09-16 17:00:40	2.7 kB	46 kB	199.59.243.224
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-25 18:12:03	2.0 kB	4.2 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-26 17:52:19	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-26 17:52:19	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-26 17:52:19	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-26 17:52:20	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-26 17:52:20	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-26 17:52:20	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-26 17:52:20	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	ww7.usa.cc/beaawZjsq.js	ScriptElement	41 kB	2023-09-26	2023-09-28
Pretty URL ww7.usa.cc/beaawZjsq.js IP 199.59.243.224 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 16:01 Last Seen2023-09-28 17:51 Times Seen107 Hash 814d96e6ccfb23151425b4f6a4b426d4 7f2f1a602b14674a8597858e4b93ed6bc064ca30 d590bcca5983ac911fb6e70a5f2943b22421a6833ff45db433aa67f92b996e90 Loading...

	www.google.com/adsense/domains/caf.js	ScriptElement	152 kB	2023-09-22	2024-08-21
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-22 16:11 Last Seen2024-08-21 06:05 Times Seen165 Hash 5ee29d19f178f1cf433ca48eb0b1d2a5 e14920b7baf6b4c0c1fe5ec4010b4328dd27d26b 5682db9a6d13b5c88119a6de133b6b839e9c25d851a61f940c146e9163fac832 Loading...

	www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol317%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol471&client=dp-bodis31_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww7.usa.cc%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=991695750742389&num=0&output=afd_ads&domain_name=ww7.usa.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1695750742391&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=566716232&uio=-&cont=rs&jsid=caf&jsv=566716232&rurl=http%3A%2F%2Fww7.usa.cc%2Fdocument%2Fsecure%2Fmanagement&adbw=master-1%3A1280	ScriptElement	1.6 kB	2024-08-21	2024-08-21
Pretty URL www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol317%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol471&client=dp-bodis31_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww7.usa.cc%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=991695750742389&num=0&output=afd_ads&domain_name=ww7.usa.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1695750742391&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=566716232&uio=-&cont=rs&jsid=caf&jsv=566716232&rurl=http%3A%2F%2Fww7.usa.cc%2Fdocument%2Fsecure%2Fmanagement&adbw=master-1%3A1280 IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen1 Hash 40aafa3f1550611ded247e21510e27ee 3ded005341f757a98382aff0c8c7ae6cfbffa7cc 7b4e3981bb67355930c555185000147c28ace3e6dd02df639a2f0b86917efc65 Loading...

	www.google.com/adsense/domains/caf.js	ScriptElement	152 kB	2023-09-22	2023-09-28
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-22 15:55 Last Seen2023-09-28 11:07 Times Seen92 Hash eb16d20135bf8db456a8bb2b4055bedd 51718735d4b69ec54db63acb2792c4f4d8e9393d d8cb72918f23dcb51d809d96bbbe0161b5364c39ab3794c5ae21ae05671f75c6 Loading...

	ww7.usa.cc/document/secure/management	ScriptElement	319 B	2024-08-21	2024-08-21
Pretty URL ww7.usa.cc/document/secure/management IP 199.59.243.224 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen1 Hash d9553bab7444dd8f2d86b3c09eb33644 f095869ca81deacfd993a711c658113e4ea696b7 3220ab64445e3f56520551bd3cc8bce96462b6d3cd6df82336133c564c4e0874 Loading...

HTTP Transactions (20)

	URL	IP	Response	Size
	whoyd.usa.cc/document/secure/management	69.16.231.57		0 B
URL User Request GET whoyd.usa.cc/document/secure/management IP 69.16.231.57:0 ASN #32244 LIQUIDWEB File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /document/secure/management HTTP/1.1 Host: whoyd.usa.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Moved Temporarily Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 Cache-Control: no-cache Content-Type: text/html; charset=UTF-8 Date: Tue, 26 Sep 2023 17:52:20 GMT Location: http://ww7.usa.cc/document/secure/management Pragma: no-cache Connection: Keep-Alive X-Powered-By: PHP/5.4.16 Content-Length: 0`

	ww7.usa.cc/document/secure/management	199.59.243.224	200 OK	1.0 kB
URL User Request GET HTTP/1.1 ww7.usa.cc/document/secure/management IP 199.59.243.224:80 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (334) Size 1.0 kB (1037 bytes) Hash 10dc380b68553842cb5a2fb66e23e182 188546e568005eb1b4fcc26979d02e8187a4887b e56ecbb8540a867bd64dabf18fa21d9f14fb83b9efaea56fd21613d254fb5038 HTTP Headers `GET /document/secure/management HTTP/1.1 Host: ww7.usa.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK date: Tue, 26 Sep 2023 17:52:20 GMT content-type: text/html; charset=utf-8 content-length: 1037 x-request-id: df82b6f5-9061-4d70-a850-c96ee94068ac cache-control: no-store, max-age=0 accept-ch: sec-ch-prefers-color-scheme critical-ch: sec-ch-prefers-color-scheme vary: sec-ch-prefers-color-scheme x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_n7c5KeBoJLPpc0U+hY4XZp63VUBSyBPaybW0vndnzmYsntlqRvH8OW770yC1qIXBsyTKjM22kq1wPds8trIV+A== set-cookie: parking_session=df82b6f5-9061-4d70-a850-c96ee94068ac; expires=Tue, 26 Sep 2023 18:07:20 GMT; path=/

	ww7.usa.cc/beaawZjsq.js	199.59.243.224	200 OK	41 kB
URL GET HTTP/1.1 ww7.usa.cc/beaawZjsq.js IP 199.59.243.224:80 ASN #16509 AMAZON-02 Requested by http://ww7.usa.cc/document/secure/management File type Unicode text, UTF-8 text, with very long lines (40547) Size 41 kB (40550 bytes) Hash 814d96e6ccfb23151425b4f6a4b426d4 7f2f1a602b14674a8597858e4b93ed6bc064ca30 d590bcca5983ac911fb6e70a5f2943b22421a6833ff45db433aa67f92b996e90 HTTP Headers `GET /beaawZjsq.js HTTP/1.1 Host: ww7.usa.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww7.usa.cc/document/secure/management Cookie: parking_session=df82b6f5-9061-4d70-a850-c96ee94068ac Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK date: Tue, 26 Sep 2023 17:52:21 GMT content-type: application/javascript; charset=utf-8 content-length: 40550 x-request-id: ec90cdee-06b0-430c-a95d-0c3f15db0f31 set-cookie: parking_session=df82b6f5-9061-4d70-a850-c96ee94068ac; expires=Tue, 26 Sep 2023 18:07:21 GMT`

	ww7.usa.cc/_fd	199.59.243.224	200 OK	2.0 kB
URL POST HTTP/1.1 ww7.usa.cc/_fd IP 199.59.243.224:80 ASN #16509 AMAZON-02 Requested by http://ww7.usa.cc/document/secure/management File type ASCII text, with very long lines (3913), with no line terminators Size 2.0 kB (2017 bytes) Hash d21f62d0cb8ee50b77478206545c82e7 3f8bcb74d1ae95b0c1141a9eeff7837e205305b1 b45f45b37346015038a7e6ba6d82051ecf047669ecd0eb03428bd5c1aeab3c28 HTTP Headers `POST /_fd HTTP/1.1 Host: ww7.usa.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ww7.usa.cc/document/secure/management Content-Type: application/json Origin: http://ww7.usa.cc DNT: 1 Connection: keep-alive Cookie: parking_session=df82b6f5-9061-4d70-a850-c96ee94068ac Pragma: no-cache Cache-Control: no-cache Content-Length: 0` `HTTP/1.1 200 OK server: openresty date: Tue, 26 Sep 2023 17:52:20 GMT content-type: text/html; charset=UTF-8 content-encoding: gzip content-length: 2017 x-version: 2.106.5 expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma: no-cache set-cookie: parking_session=df82b6f5-9061-4d70-a850-c96ee94068ac; expires=Tue, 26 Sep 2023 18:07:21 GMT; Max-Age=900; path=/; httponly`

	ww7.usa.cc/px.gif?ch=1&rn=7.829965520213963	199.59.243.224	200 OK	42 B
URL GET HTTP/1.1 ww7.usa.cc/px.gif?ch=1&rn=7.829965520213963 IP 199.59.243.224:80 ASN #16509 AMAZON-02 Requested by http://ww7.usa.cc/document/secure/management File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /px.gif?ch=1&rn=7.829965520213963 HTTP/1.1 Host: ww7.usa.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww7.usa.cc/document/secure/management Cookie: parking_session=df82b6f5-9061-4d70-a850-c96ee94068ac Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: openresty date: Tue, 26 Sep 2023 17:52:21 GMT content-type: image/gif content-length: 42 last-modified: Tue, 18 Jul 2023 15:33:43 GMT expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma: no-cache accept-ranges: bytes`

	ww7.usa.cc/px.gif?ch=2&rn=7.829965520213963	199.59.243.224	200 OK	42 B
URL GET HTTP/1.1 ww7.usa.cc/px.gif?ch=2&rn=7.829965520213963 IP 199.59.243.224:80 ASN #16509 AMAZON-02 Requested by http://ww7.usa.cc/document/secure/management File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /px.gif?ch=2&rn=7.829965520213963 HTTP/1.1 Host: ww7.usa.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://ww7.usa.cc/document/secure/management Cookie: parking_session=df82b6f5-9061-4d70-a850-c96ee94068ac Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: openresty date: Tue, 26 Sep 2023 17:52:21 GMT content-type: image/gif content-length: 42 last-modified: Tue, 18 Jul 2023 15:33:43 GMT expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma: no-cache accept-ranges: bytes`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ca3afb7df10c01fb4a7514ea3f1493e1 7b234d99c8683384c389995c31d4b60b65ae8c53 d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 26 Sep 2023 17:52:21 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Quicksand	142.250.74.138	200 OK	916 B
URL GET HTTP/2 fonts.googleapis.com/css?family=Quicksand IP 142.250.74.138:443 ASN #15169 GOOGLE Requested by http://ww7.usa.cc/document/secure/management Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49 ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT File type gzip compressed data, max compression\012- data Size 916 B (916 bytes) Hash 9a8bb3bce701705e568b127e43581d1e fb6b2ceaabae58acb08df1ef2befab6000892ef0 48f2cd8a8f479c26cde71443d0827b3de6cc6874ec46f4ba96bf2c9192c5b353 HTTP Headers `GET /css?family=Quicksand HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww7.usa.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 26 Sep 2023 17:52:21 GMT date: Tue, 26 Sep 2023 17:52:21 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ca3afb7df10c01fb4a7514ea3f1493e1 7b234d99c8683384c389995c31d4b60b65ae8c53 d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 26 Sep 2023 17:52:21 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash e5f9f802e548a076e6066ecff6aa5bbb fb8dfabace38ae24e462d84eddc3d25b48b23a20 20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 26 Sep 2023 17:52:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol317%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol471&client=dp-bodis31_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww7.usa.cc%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=991695750742389&num=0&output=afd_ads&domain_name=ww7.usa.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1695750742391&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=566716232&uio=-&cont=rs&jsid=caf&jsv=566716232&rurl=http%3A%2F%2Fww7.usa.cc%2Fdocument%2Fsecure%2Fmanagement&adbw=master-1%3A1280	216.58.207.228	200 OK	3.0 kB
URL GET HTTP/3 www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol317%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol471&client=dp-bodis31_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww7.usa.cc%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=991695750742389&num=0&output=afd_ads&domain_name=ww7.usa.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1695750742391&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=566716232&uio=-&cont=rs&jsid=caf&jsv=566716232&rurl=http%3A%2F%2Fww7.usa.cc%2Fdocument%2Fsecure%2Fmanagement&adbw=master-1%3A1280 IP 216.58.207.228:443 ASN #15169 GOOGLE Requested by http://ww7.usa.cc/document/secure/management Certificate IssuerGoogle Trust Services LLC Subject.google.com FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12935) Size 3.0 kB (2978 bytes) Hash da0d9c63e9cd44e2fae0305aad1fa57f e44e5be5226867cb81f223155f9a0daeceb4aecd 54c64e4df4fa4898dd19fa4211499e0eeb37f3146d3bdc682a6bdf92647ea7c7 HTTP Headers GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol317%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol471&client=dp-bodis31_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww7.usa.cc%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=991695750742389&num=0&output=afd_ads&domain_name=ww7.usa.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1695750742391&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=566716232&uio=-&cont=rs&jsid=caf&jsv=566716232&rurl=http%3A%2F%2Fww7.usa.cc%2Fdocument%2Fsecure%2Fmanagement&adbw=master-1%3A1280 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww7.usa.cc/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Tue, 26 Sep 2023 17:52:22 GMT expires: Tue, 26 Sep 2023 17:52:22 GMT cache-control: private, max-age=3600 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-JRclmjyVXrbiHmxjyoLBLA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-encoding: br server: gws content-length: 2978 x-xss-protection: 0 set-cookie: CONSENT=PENDING+820; expires=Thu, 25-Sep-2025 17:52:22 GMT; path=/; domain=.google.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash c0253495b9450234d02a692781f7d467 d2d244ab2c8669c0d0739c694d304fcc9c8a7b46 1875ff3c73d0060fa7d88bbd791a1999e25b8379de7624b507a017c1c7861820 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 26 Sep 2023 17:52:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/adsense/domains/caf.js	216.58.207.228	200 OK	55 kB
URL GET HTTP/3 www.google.com/adsense/domains/caf.js IP 216.58.207.228:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol317%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol471&client=dp-bodis31_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww7.usa.cc%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=991695750742389&num=0&output=afd_ads&domain_name=ww7.usa.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1695750742391&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=566716232&uio=-&cont=rs&jsid=caf&jsv=566716232&rurl=http%3A%2F%2Fww7.usa.cc%2Fdocument%2Fsecure%2Fmanagement&adbw=master-1%3A1280 Certificate IssuerGoogle Trust Services LLC Subject.google.com FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type ASCII text, with very long lines (2067) Size 55 kB (55300 bytes) Hash 604577f16f8a188b8d1c198518360aa1 210932b523055a60bdeb91595f23334e8593a1c4 582d4b1d4ccb1ef780c364edb606ed04b7ab86e68abd01cbaf2dd963ecc8015c HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Tue, 26 Sep 2023 17:52:22 GMT expires: Tue, 26 Sep 2023 17:52:22 GMT cache-control: private, max-age=3600 etag: "11791791817676355318" x-content-type-options: nosniff link: <https://afs.googlesyndication.com>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 86f13e0e5bd629070766ef73e2a67867 ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d 3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 26 Sep 2023 17:52:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff	142.250.74.129	200 OK	278 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff IP 142.250.74.129:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol317%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol471&client=dp-bodis31_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww7.usa.cc%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=991695750742389&num=0&output=afd_ads&domain_name=ww7.usa.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1695750742391&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=566716232&uio=-&cont=rs&jsid=caf&jsv=566716232&rurl=http%3A%2F%2Fww7.usa.cc%2Fdocument%2Fsecure%2Fmanagement&adbw=master-1%3A1280 Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5 ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306) Size 278 B (278 bytes) Hash fe7dd8c3c629cc6e9cd6d3e4d3cbe905 59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18 5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e HTTP Headers `GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 278 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 26 Sep 2023 14:58:04 GMT expires: Wed, 27 Sep 2023 13:58:04 GMT cache-control: public, max-age=82800 age: 10458 last-modified: Tue, 27 Jun 2023 17:28:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 86f13e0e5bd629070766ef73e2a67867 ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d 3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 26 Sep 2023 17:52:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ww7.usa.cc/_tr	199.59.243.224	200 OK	22 B
URL POST HTTP/1.1 ww7.usa.cc/_tr IP 199.59.243.224:80 ASN #16509 AMAZON-02 Requested by http://ww7.usa.cc/document/secure/management File type ASCII text, with no line terminators Size 22 B (22 bytes) Hash 444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df HTTP Headers `POST /_tr HTTP/1.1 Host: ww7.usa.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ww7.usa.cc/document/secure/management Content-Type: application/json Content-Length: 1597 Origin: http://ww7.usa.cc DNT: 1 Connection: keep-alive Cookie: parking_session=df82b6f5-9061-4d70-a850-c96ee94068ac Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: openresty date: Tue, 26 Sep 2023 17:52:22 GMT content-type: text/html; charset=UTF-8 content-encoding: gzip content-length: 22 x-version: 2.106.5 expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma: no-cache set-cookie: parking_session=df82b6f5-9061-4d70-a850-c96ee94068ac; expires=Tue, 26 Sep 2023 18:07:23 GMT; Max-Age=900; path=/; httponly`

	www.google.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=gty04iskryrn&aqid=VhoTZYiYD6O7xdwPoKyWEA&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=566716232&csala=10%7C0%7C409%7C152%7C226&lle=0&ifv=1&usr=0&hpt=0	216.58.207.228	204 No Content	0 B
URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=gty04iskryrn&aqid=VhoTZYiYD6O7xdwPoKyWEA&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=566716232&csala=10%7C0%7C409%7C152%7C226&lle=0&ifv=1&usr=0&hpt=0 IP 216.58.207.228:443 ASN #15169 GOOGLE Requested by http://ww7.usa.cc/document/secure/management Certificate IssuerGoogle Trust Services LLC Subject.google.com FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=gty04iskryrn&aqid=VhoTZYiYD6O7xdwPoKyWEA&psid=3113057640&pbt=bs&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=566716232&csala=10%7C0%7C409%7C152%7C226&lle=0&ifv=1&usr=0&hpt=0 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww7.usa.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-t3K2VYfIZjtz3mRtNvM4kg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Tue, 26 Sep 2023 17:52:24 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: NID=511=oo_u1Ep_BI6L1SUU_wyR5MJIkzgQq-NSjxViA8_wnRMbW5moZC8EgaSJxp-1lAF9uSjTse6czdmUi9PJBAKdY-sG72zwdcYx-ctpCsLi_rGVhMalaeVDcl8S6F5iCpew6oDHi8bIrTPNKSrZto6mxS97-5f6OsDjrfvMswhauwg; expires=Wed, 27-Mar-2024 17:52:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+463; expires=Thu, 25-Sep-2025 17:52:24 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=1kl4j2gkvlom&aqid=VhoTZYiYD6O7xdwPoKyWEA&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=566716232&csala=10%7C0%7C409%7C152%7C226&lle=0&ifv=1&usr=0&hpt=0	216.58.207.228	204 No Content	0 B
URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=1kl4j2gkvlom&aqid=VhoTZYiYD6O7xdwPoKyWEA&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=566716232&csala=10%7C0%7C409%7C152%7C226&lle=0&ifv=1&usr=0&hpt=0 IP 216.58.207.228:443 ASN #15169 GOOGLE Requested by http://ww7.usa.cc/document/secure/management Certificate IssuerGoogle Trust Services LLC Subject.google.com FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=1kl4j2gkvlom&aqid=VhoTZYiYD6O7xdwPoKyWEA&psid=3113057640&pbt=bv&adbx=290&adby=145&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=566716232&csala=10%7C0%7C409%7C152%7C226&lle=0&ifv=1&usr=0&hpt=0 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://ww7.usa.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-bNpbrPfVlylnHA8avuwJNQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Tue, 26 Sep 2023 17:52:24 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: NID=511=KRHMZ1VnG09nWmuA_dB-6JYKUT43PSWFzG_8ZhDmE52jjHSZTgOPy0MNU8U684hJSP8KK0Pk534UAVFI8G0dAxANL68-NGmuf7gQcdwu6fRZeJyOgEUpr3eE3WgUeFz8h519IXnsX4JI2ahvox18Ald1aziHgQ52n6Ok7xOYb6g; expires=Wed, 27-Mar-2024 17:52:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+205; expires=Thu, 25-Sep-2025 17:52:24 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b	142.250.74.129	200 OK	200 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b IP 142.250.74.129:443 ASN #15169 GOOGLE Requested by https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol317%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol471&client=dp-bodis31_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww7.usa.cc%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3&nocache=991695750742389&num=0&output=afd_ads&domain_name=ww7.usa.cc&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1695750742391&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=566716232&uio=-&cont=rs&jsid=caf&jsv=566716232&rurl=http%3A%2F%2Fww7.usa.cc%2Fdocument%2Fsecure%2Fmanagement&adbw=master-1%3A1280 Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5 ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 200 B (200 bytes) Hash e81eb30a6c5589e7f39436e40b400822 ca2513ede010b3db00099335b809ca693c2cd65c 055ae1fef3be182534069c718e2dc0ab07d7464bcc3ded19553da07d37333657 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 26 Sep 2023 14:59:01 GMT expires: Wed, 27 Sep 2023 13:59:01 GMT cache-control: public, max-age=82800 age: 10401 last-modified: Tue, 27 Jun 2023 17:28:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (20)

URL User Request GET

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL POST HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1