Report - resgateseuspontoslivelodescobra.in.ua/resgateaqui/index2.php

Report Overview

Submitted URL
resgateseuspontoslivelodescobra.in.ua/resgateaqui/index2.php
IP
172.67.199.2
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 15:31:20
Access
public
Website Title
Google
Final URL
www.google.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-24	1.6 kB	80 kB	142.250.74.35
apis.google.com	105	1997-09-15	2013-05-06	2024-04-23	893 B	42 kB	142.250.74.110
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	27 kB	622 kB	142.250.74.164
resgateseuspontoslivelodescobra.in.ua	unknown	unknown	No data	No data	1.6 kB	397 kB	104.21.50.12

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	resgateseuspontoslivelodescobra.in.ua	Sinkholed
2024-04-24	medium	resgateseuspontoslivelodescobra.in.ua	Sinkholed
2024-04-24	medium	resgateseuspontoslivelodescobra.in.ua	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/ck=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAACAFEAD4QAKwAYgAABAAAAAhgAAAQApeB4AIUARAgGAAQgEAXgoHxAImYCACJAAkhDkIACASCYQQCoAMA4AAAAgAQAAAwQYgIBABAgPEQAAEOgABGABABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/ujg=1/rs=ACT90oE0DNZ5MmImrzBDW5atZ9zC9RpqEA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,GU4Gab,MpJwZc,NzU6V,UUJqVe,Wo3n8,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf?xjs=s1	408 kB	2024-04-24	2024-04-24
Pretty URL www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/ck=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAACAFEAD4QAKwAYgAABAAAAAhgAAAQApeB4AIUARAgGAAQgEAXgoHxAImYCACJAAkhDkIACASCYQQCoAMA4AAAAgAQAAAwQYgIBABAgPEQAAEOgABGABABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/ujg=1/rs=ACT90oE0DNZ5MmImrzBDW5atZ9zC9RpqEA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,GU4Gab,MpJwZc,NzU6V,UUJqVe,Wo3n8,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf?xjs=s1 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:30:44 Last Seen2024-04-24 17:31:28 Times Seen6 Hash 87636846eb8666a98a566c95262bbc64 8b3800078a379aff3c6be8457700ea0a0fc73262 7c481eb3153c526fa46668780666b67ad6e22e07a37f1727a478ccb96869a002 Loading...

	www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=0/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/m=sy19e,P10Owf,syoc,sy180,sy182,gSZvdb,syts,syty,sytz,WlNQGd,syoa,syug,syui,nabPbb,syob,syod,syoe,syof,syoh,DPreE,syk2,sytr,sytt,CnSW2d,kQvlef,syuh,fXO0xe?xjs=s3	24 kB	2024-04-24	2024-04-25
Pretty URL www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=0/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/m=sy19e,P10Owf,syoc,sy180,sy182,gSZvdb,syts,syty,sytz,WlNQGd,syoa,syug,syui,nabPbb,syob,syod,syoe,syof,syoh,DPreE,syk2,sytr,sytt,CnSW2d,kQvlef,syuh,fXO0xe?xjs=s3 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:18:05 Last Seen2024-04-25 00:11:28 Times Seen52 Hash 7e9724a59dd87daced0e73a43b299745 f5e370646a7a454966aa1e40fb122aa2517b39b3 1449a3dbf07cc3879dad6aa907014d0fdf85512f7bbfd060a685cc7fb24e1749 Loading...

	www.google.com/	19 kB	2024-04-24	2024-04-24
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 17:31:27 Last Seen2024-04-24 17:31:28 Times Seen1 Hash 334a72594d0124bf12262a09cc82029e 0f7da64cb9b7b3b2bd31d3e24437960ac3665b8c 4c1bf944504c5980cdb1b10264b4833a729cb044fcab303dd1c00238d5b7c502 Loading...

	www.google.com/	919 B	2024-04-24	2024-04-24
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 17:31:28 Last Seen2024-04-24 17:31:28 Times Seen1 Hash eb84d106acf310d92062292678f47157 a74084ae45729809da2d119c0b3d8d126be09768 2b6f9c01f2c782008fee390519ab4d1b8d765eeab9d8d3ff70bb635e2978f7ed Loading...

	www.google.com/	6.6 kB	2024-04-24	2024-04-24
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 17:31:28 Last Seen2024-04-24 17:31:28 Times Seen1 Hash 7b642bcceaf7506f02c4c1c71176c46f 77b07029c35b2f121d2eb6d5b6423b0527d68f9e e2e220d53b52e417cab4f2cae71799695ec04b2c5a6eb819c13cfc60bf593007 Loading...

	www.google.com/	21 kB	2024-04-24	2024-04-24
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 17:31:28 Last Seen2024-04-24 17:31:28 Times Seen1 Hash 09b0707c789ee64c8e9903e9a0449c93 ef89fa7227a328c2d2317e28fac90b51443c8bc9 6f9e4c907e67230b87b3ee4381e255eafcdcbf3c0e8e91474ea5475bb2b55fc1 Loading...

	www.google.com/	221 B	2023-03-29	2024-05-05
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 23:43:45 Last Seen2024-05-05 20:57:47 Times Seen7555 Hash 6dc4aabf73febe642ab12cc842746ad1 022abb57c0a9c4c81396f6ecf24166963eeb9757 f3738ce7f902b9610ebc559dae34c2f3da955a8c6d5aefbaf131851735bdd01f Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0	122 kB	2024-04-22	2024-05-05
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0 IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-22 20:08:14 Last Seen2024-05-05 20:57:47 Times Seen1953 Hash f46acd807a10216e6eee8ea51e0f14d6 4702f47070f7046689432dcf605f11364bc0fbed d6b84873d27e7e83cf5184aaef778f1ccb896467576cd8af2cad09b31b3c6086 Loading...

	www.google.com/	8.4 kB	2024-04-16	2024-05-02
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 09:50:46 Last Seen2024-05-02 06:34:50 Times Seen585 Hash 430edcd3067fa5a0f2eeb4855dd054ec a37acebe342dbbb1ff82d3dcf9b908b48200a99a 26d42d5e787c761325c600dede10455b6934ecdf61e964ba82618defbfb43a9a Loading...

	www.google.com/	30 kB	2024-04-24	2024-04-24
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 17:31:28 Last Seen2024-04-24 17:31:28 Times Seen1 Hash 20b1091df2fb3f21990ab00467d8a9ba 3cf7d4ece76198844ba8400dbfda61a9ad86a7af 30328530daa06048ad4e5ab6cea0bb290c5ba9fd92bcfac06946fe2ed97016b5 Loading...

	www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=1/ed=1/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl	877 kB	2024-04-24	2024-04-25
Pretty URL www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=1/ed=1/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:18:05 Last Seen2024-04-25 00:31:58 Times Seen86 Hash 80765ee0d6efefde13887fda618c33f0 17213f5705839cf1fa8a39a251106598198d94cc cd06e29b228db2f54065f2f86a1e8f102e6a348803804740d3f6f556866f4d12 Loading...

	www.gstatic.com/og/_/js/k=og.qtm.en_US.oT1FwJRCVC4.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvBynad-nWEy1xIb9j1w6LpLOF6IQ	212 kB	2024-04-16	2024-05-02
Pretty URL www.gstatic.com/og/_/js/k=og.qtm.en_US.oT1FwJRCVC4.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvBynad-nWEy1xIb9j1w6LpLOF6IQ IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 09:50:45 Last Seen2024-05-02 06:34:51 Times Seen1173 Hash 45e1e970edc28aed4c5453e53d879eb8 42667b52c8dd17ff612a5566274a97c44e3ee164 5b08aec7133c1bccae41125ea9da612d569545b44fbeada68b791907909f52ad Loading...

	www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=0/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/m=kMFpHd,sy8l,bm51tf?xjs=s3	1.7 kB	2024-04-24	2024-04-25
Pretty URL www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=0/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/m=kMFpHd,sy8l,bm51tf?xjs=s3 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:18:05 Last Seen2024-04-25 00:31:58 Times Seen84 Hash becd95fe32448f8092923d4e57f7705d 164f7caf6dad5e61932ca3839b1e6b734a797d8e afa0ff7fc9e35d3569f7b9eaeea13ea5481ec8bf144a8dc18cfcf6cef43e2daa Loading...

HTTP Transactions (31)

URL IP Response Size

www.google.com/

142.250.74.164

200 OK

54 kB

URL User Request GET HTTP/2
www.google.com/
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (14928)
Size
54 kB (53499 bytes)
Hash
2570b5fda8dfc2d978587a7327997f7b
e1765975c0f4860cdc786e505086fcac42560c1d
fdfe16150ea0a29fa5d2e7da41c5afd6a94a4399629a22dbf4e6c1a947e52462

HTTP Headers

GET / HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 15:30:56 GMT
expires: -1
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-jr89WSSxzqQWlfV_f7WK1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 53499
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; expires=Mon, 21-Oct-2024 15:30:56 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
__Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT; expires=Sun, 25-May-2025 07:49:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/xjs/_/ss/k=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAAAAFAAC4QACwAYAAABAAAAABAAAAQAoMBwAAAABAgGAAQAAAQAADBAIAYCACJAAkhBkIACASCYQQCoAMA4AAAAgAQAAAAQIgIBABAgPEQAAEOgABCABAAAMEAIAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAggAAAAEAAAAAAAAAAAAAAAAAIA/d=1/ed=1/rs=ACT90oEq64VR6sjigETrr97GUlGgfnD1gQ/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl

142.250.74.164

200 OK

919 B

URL GET HTTP/3
www.google.com/xjs/_/ss/k=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAAAAFAAC4QACwAYAAABAAAAABAAAAQAoMBwAAAABAgGAAQAAAQAADBAIAYCACJAAkhBkIACASCYQQCoAMA4AAAAgAQAAAAQIgIBABAgPEQAAEOgABCABAAAMEAIAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAggAAAAEAAAAAAAAAAAAAAAAAIA/d=1/ed=1/rs=ACT90oEq64VR6sjigETrr97GUlGgfnD1gQ/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
ASCII text, with very long lines (2251), with no line terminators
Size
919 B (919 bytes)
Hash
353b054537d4e95bdd38163724a0b7c7
15185020eb2f311e4d1d3e62cb58acf141e8631e
a553f6274d45e0838a352dbc2f60f02142a84516a97dee7279c7e4485d6612a3

HTTP Headers

GET /xjs/_/ss/k=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAAAAFAAC4QACwAYAAABAAAAABAAAAQAoMBwAAAABAgGAAQAAAQAADBAIAYCACJAAkhBkIACASCYQQCoAMA4AAAAgAQAAAAQIgIBABAgPEQAAEOgABCABAAAMEAIAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAggAAAAEAAAAAAAAAAAAAAAAAIA/d=1/ed=1/rs=ACT90oEq64VR6sjigETrr97GUlGgfnD1gQ/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gws-team"
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-length: 919
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:53:48 GMT
expires: Thu, 24 Apr 2025 07:53:48 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 23 Apr 2024 20:56:32 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Origin
age: 27428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resgateseuspontoslivelodescobra.in.ua/resgateaqui/index2.php

104.21.50.12

302 Found

261 B

URL User Request GET HTTP/2
resgateseuspontoslivelodescobra.in.ua/resgateaqui/index2.php
IP
104.21.50.12:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectresgateseuspontoslivelodescobra.in.ua
Fingerprint61:61:B0:EA:F8:12:D6:BE:F6:03:C3:5A:DB:20:68:93:E2:89:8B:C4
ValidityWed, 10 Apr 2024 16:25:30 GMT - Tue, 09 Jul 2024 16:25:29 GMT

File type
data
Size
261 B (261 bytes)
Hash
10448dba44d95ddc161f8fa4b159d39c
f09ceecfc91afe57755188e060b7dd6b58508be7
a86f23ddbc9afd2ac3bf53d52020e96c17e6d54c4bbef2b8082ad543021f946a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /resgateaqui/index2.php HTTP/1.1
Host: resgateseuspontoslivelodescobra.in.ua
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 24 Apr 2024 15:30:54 GMT
content-type: text/html; charset=UTF-8
location: ../
x-powered-by: PHP/8.0.0
set-cookie: PHPSESSID=66p02j8pgeuqglnkcsp10on311; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y9ONC%2BHWm%2BvUVa7TLSIlSW9Y7R5xYI%2BMhqqSuj%2FYxsolI9vml11wPSkhgc3nYTzcaD1ho0b9wrDTAErsaiTfs02%2BftOzaH6AeY62YK%2BwvVhvpRG11WtqyyVnnMwUk%2F%2FgD8i%2FDDz%2BpbYd%2FO1B4DKzOqUiXh1xkQil"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87972320187456cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

142.250.74.164

200 OK

6.0 kB

URL GET HTTP/3
www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
PNG image data, 272 x 92, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (5969 bytes)
Hash
8f9327db2597fa57d2f42b4a6c5a9855
1737d3dfb411c07b86ed8bd30f5987a4dc397cc1
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_272x92dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 5969
date: Wed, 24 Apr 2024 15:30:56 GMT
expires: Wed, 24 Apr 2024 15:30:56 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/gen_204?s=webhp&t=cap&atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&rt=wsrt.2383,cbt.302,hst.302&opi=89978449

142.250.74.164

204 No Content

0 B

URL POST HTTP/3
www.google.com/gen_204?s=webhp&t=cap&atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&rt=wsrt.2383,cbt.302,hst.302&opi=89978449
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /gen_204?s=webhp&t=cap&atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&rt=wsrt.2383,cbt.302,hst.302&opi=89978449 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-WftaWRaLa4xdVqI-a93fFw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Wed, 24 Apr 2024 15:30:56 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=1/ed=1/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl

142.250.74.164

200 OK

305 kB

URL GET HTTP/3
www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=1/ed=1/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JavaScript source, ASCII text, with very long lines (549)
Size
305 kB (304767 bytes)
Hash
80765ee0d6efefde13887fda618c33f0
17213f5705839cf1fa8a39a251106598198d94cc
cd06e29b228db2f54065f2f86a1e8f102e6a348803804740d3f6f556866f4d12

HTTP Headers

GET /xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=1/ed=1/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gws-team"
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-length: 304767
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:07:53 GMT
expires: Thu, 24 Apr 2025 07:07:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 24 Apr 2024 06:32:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 30183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp

142.250.74.164

200 OK

660 B

URL GET HTTP/3
www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
660 B (660 bytes)
Hash
c3dff0d9f30ec0bcf4dec9524505916b
4b378403acbebc3747e08c69b5fd7770a850c9eb
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3

HTTP Headers

GET /images/searchbox/desktop_searchbox_sprites318_hr.webp HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-type: image/webp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 660
date: Wed, 24 Apr 2024 15:30:57 GMT
expires: Wed, 24 Apr 2024 15:30:57 GMT
cache-control: private, max-age=31536000
last-modified: Wed, 22 Apr 2020 22:00:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/xjs/_/js/md=3/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA

142.250.74.164

200 OK

98 kB

URL GET HTTP/3
www.google.com/xjs/_/js/md=3/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JSON text data
Size
98 kB (98050 bytes)
Hash
2298f3e8d41b2ea3ec94122dd91aa852
425af4a65b13afce3081848942d45f43acba9cbd
167241cd187b83b9155967a1d63bbe895d14abccd2bc4197836b97ade8a54d79

HTTP Headers

GET /xjs/_/js/md=3/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gws-team"
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-length: 98050
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:08:01 GMT
expires: Thu, 24 Apr 2025 07:08:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 24 Apr 2024 06:32:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 30176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/client_204?atyp=i&biw=1280&bih=1024&ei=sCUpZoneEeXQwPAPhfOwkAo&opi=89978449

142.250.74.164

204 No Content

0 B

URL GET HTTP/3
www.google.com/client_204?atyp=i&biw=1280&bih=1024&ei=sCUpZoneEeXQwPAPhfOwkAo&opi=89978449
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client_204?atyp=i&biw=1280&bih=1024&ei=sCUpZoneEeXQwPAPhfOwkAo&opi=89978449 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-dgzoIhCqrXSPcpro_CIxfw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Wed, 24 Apr 2024 15:30:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&rt=wsrt.2383,aft.930,afti.930,cbt.302,hst.302,prt.542&imn=12&ima=1&imad=0&imac=1&wh=1024&aft=1&aftp=1024&opi=89978449

142.250.74.164

204 No Content

0 B

URL POST HTTP/3
www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&rt=wsrt.2383,aft.930,afti.930,cbt.302,hst.302,prt.542&imn=12&ima=1&imad=0&imac=1&wh=1024&aft=1&aftp=1024&opi=89978449
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /gen_204?s=webhp&t=aft&atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&rt=wsrt.2383,aft.930,afti.930,cbt.302,hst.302,prt.542&imn=12&ima=1&imad=0&imac=1&wh=1024&aft=1&aftp=1024&opi=89978449 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-dNrhAmSOCsi8MFFOngi8BA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Wed, 24 Apr 2024 15:30:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/gen_204?atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&s=webhp&t=all&imn=12&ima=1&imad=0&imac=1&wh=1024&aft=1&aftp=1024&adh=&ime=1&imex=1&imeh=1&imeha=0&imehb=0&imea=0&imeb=0&imel=0&imed=0&scp=0&hp=&sys=hc.48&p=bs.true&rt=hst.302,cbt.302,prt.542,xjses.776,xjsee.865,xjs.865,dcl.926,afti.930,aft.930,fcp.565,aftqf.932,wsrt.2383,cst.33,dnst.0,rqst.149,rspt.16,sslt.20,rqstt.2250,unt.2213,cstt.2216,dit.2934&zx=1713972657351&opi=89978449

142.250.74.164

204 No Content

0 B

URL POST HTTP/3
www.google.com/gen_204?atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&s=webhp&t=all&imn=12&ima=1&imad=0&imac=1&wh=1024&aft=1&aftp=1024&adh=&ime=1&imex=1&imeh=1&imeha=0&imehb=0&imea=0&imeb=0&imel=0&imed=0&scp=0&hp=&sys=hc.48&p=bs.true&rt=hst.302,cbt.302,prt.542,xjses.776,xjsee.865,xjs.865,dcl.926,afti.930,aft.930,fcp.565,aftqf.932,wsrt.2383,cst.33,dnst.0,rqst.149,rspt.16,sslt.20,rqstt.2250,unt.2213,cstt.2216,dit.2934&zx=1713972657351&opi=89978449
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /gen_204?atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&s=webhp&t=all&imn=12&ima=1&imad=0&imac=1&wh=1024&aft=1&aftp=1024&adh=&ime=1&imex=1&imeh=1&imeha=0&imehb=0&imea=0&imeb=0&imel=0&imed=0&scp=0&hp=&sys=hc.48&p=bs.true&rt=hst.302,cbt.302,prt.542,xjses.776,xjsee.865,xjs.865,dcl.926,afti.930,aft.930,fcp.565,aftqf.932,wsrt.2383,cst.33,dnst.0,rqst.149,rspt.16,sslt.20,rqstt.2250,unt.2213,cstt.2216,dit.2934&zx=1713972657351&opi=89978449 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-T3xUBG-1_gmxzlgYKTKewg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Wed, 24 Apr 2024 15:30:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/inputtools/images/tia.png

142.250.74.35

200 OK

151 B

URL GET HTTP/2
www.gstatic.com/inputtools/images/tia.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
PNG image data, 19 x 11, 8-bit/color RGBA, non-interlaced
Size
151 B (151 bytes)
Hash
0667c2bf932c77b80ef533c5dc1bd7ff
18015c76d9b6861d576841652e6963dad26a3e35
4ebecfbb2c9cff1741b805876370db38d862a037f652d6f647ce51995e03df2c

HTTP Headers

GET /inputtools/images/tia.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/inputtools
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="inputtools"
report-to: {"group":"inputtools","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/inputtools"}]}
content-length: 151
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 12:25:16 GMT
expires: Tue, 22 Apr 2025 12:25:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Jan 2024 08:58:00 GMT
content-type: image/png
vary: Origin
age: 183941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/og/_/js/k=og.qtm.en_US.oT1FwJRCVC4.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvBynad-nWEy1xIb9j1w6LpLOF6IQ

142.250.74.35

200 OK

77 kB

URL GET HTTP/2
www.gstatic.com/og/_/js/k=og.qtm.en_US.oT1FwJRCVC4.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvBynad-nWEy1xIb9j1w6LpLOF6IQ
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
JavaScript source, ASCII text, with very long lines (2114)
Size
77 kB (76580 bytes)
Hash
45e1e970edc28aed4c5453e53d879eb8
42667b52c8dd17ff612a5566274a97c44e3ee164
5b08aec7133c1bccae41125ea9da612d569545b44fbeada68b791907909f52ad

HTTP Headers

GET /og/_/js/k=og.qtm.en_US.oT1FwJRCVC4.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvBynad-nWEy1xIb9j1w6LpLOF6IQ HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-length: 76580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:30:39 GMT
expires: Wed, 23 Apr 2025 07:30:39 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 13 Apr 2024 01:39:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 115218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/og/_/ss/k=og.qtm.a3zi8fXUiF0.L.F4.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTt79n3RFARCJ_GRiGdMGqawQRc7ng

142.250.74.35

200 OK

637 B

URL GET HTTP/2
www.gstatic.com/og/_/ss/k=og.qtm.a3zi8fXUiF0.L.F4.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTt79n3RFARCJ_GRiGdMGqawQRc7ng
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
ASCII text, with very long lines (1656), with no line terminators
Size
637 B (637 bytes)
Hash
6d4a0d5207d9bbbd1c2883019ce51430
1c69111af2eeed3126a7ed1bd2695a773e1e9010
5011634012c125543c665960003335fd3cc4ace3befb96b22bfe310ec8dd0c3c

HTTP Headers

GET /og/_/ss/k=og.qtm.a3zi8fXUiF0.L.F4.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTt79n3RFARCJ_GRiGdMGqawQRc7ng HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-length: 637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:30:44 GMT
expires: Wed, 23 Apr 2025 07:30:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 09 Apr 2024 01:30:25 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Origin
age: 115213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/ck=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAACAFEAD4QAKwAYgAABAAAAAhgAAAQApeB4AIUARAgGAAQgEAXgoHxAImYCACJAAkhDkIACASCYQQCoAMA4AAAAgAQAAAwQYgIBABAgPEQAAEOgABGABABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/ujg=1/rs=ACT90oE0DNZ5MmImrzBDW5atZ9zC9RpqEA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,GU4Gab,MpJwZc,NzU6V,UUJqVe,Wo3n8,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf?xjs=s1

142.250.74.164

200 OK

129 kB

URL GET HTTP/3
www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/ck=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAACAFEAD4QAKwAYgAABAAAAAhgAAAQApeB4AIUARAgGAAQgEAXgoHxAImYCACJAAkhDkIACASCYQQCoAMA4AAAAgAQAAAwQYgIBABAgPEQAAEOgABGABABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/ujg=1/rs=ACT90oE0DNZ5MmImrzBDW5atZ9zC9RpqEA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,GU4Gab,MpJwZc,NzU6V,UUJqVe,Wo3n8,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf?xjs=s1
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
ASCII text, with very long lines (8311)
Size
129 kB (128935 bytes)
Hash
87636846eb8666a98a566c95262bbc64
8b3800078a379aff3c6be8457700ea0a0fc73262
7c481eb3153c526fa46668780666b67ad6e22e07a37f1727a478ccb96869a002

HTTP Headers

GET /xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/ck=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAACAFEAD4QAKwAYgAABAAAAAhgAAAQApeB4AIUARAgGAAQgEAXgoHxAImYCACJAAkhDkIACASCYQQCoAMA4AAAAgAQAAAwQYgIBABAgPEQAAEOgABGABABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/ujg=1/rs=ACT90oE0DNZ5MmImrzBDW5atZ9zC9RpqEA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,GU4Gab,MpJwZc,NzU6V,UUJqVe,Wo3n8,aa,abd,async,epYOx,ms4mZb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf?xjs=s1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gws-team"
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-length: 128935
date: Wed, 24 Apr 2024 15:30:57 GMT
expires: Thu, 24 Apr 2025 15:30:57 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 23 Apr 2024 20:56:32 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=no&authuser=0&psi=sCUpZoneEeXQwPAPhfOwkAo.1713972657323&dpr=1&nolsbt=1

142.250.74.164

200 OK

520 B

URL GET HTTP/3
www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=no&authuser=0&psi=sCUpZoneEeXQwPAPhfOwkAo.1713972657323&dpr=1&nolsbt=1
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
ASCII text
Size
520 B (520 bytes)
Hash
ead62799d0588298bd9f014a258ab4d4
ff3ab4fe6434a9124bb447afe479767d4f49adeb
be86ac6fd8336effd03ab634e16543165f89380ef1942fc3cde77ce11a67064b

HTTP Headers

GET /complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=no&authuser=0&psi=sCUpZoneEeXQwPAPhfOwkAo.1713972657323&dpr=1&nolsbt=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 15:30:57 GMT
expires: Wed, 24 Apr 2024 15:30:57 GMT
cache-control: private, max-age=3600
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-hdGaS2FPhdWhW8JsWSMPqg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: gws
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/favicon.ico

142.250.74.164

200 OK

1.5 kB

URL GET HTTP/3
www.google.com/favicon.ico
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
1.5 kB (1494 bytes)
Hash
f3418a443e7d841097c714d69ec4bcb8
49263695f6b0cdd72f45cf1b775e660fdc36c606
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1494
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 08:54:49 GMT
expires: Thu, 02 May 2024 08:54:49 GMT
cache-control: public, max-age=691200
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
age: 23768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0

142.250.74.110

200 OK

41 kB

URL GET HTTP/2
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintE8:68:ED:59:65:88:CD:45:4F:B0:64:88:FF:F3:32:D4:8B:C7:75:F0
ValidityMon, 18 Mar 2024 20:39:12 GMT - Mon, 10 Jun 2024 20:39:11 GMT

File type
JavaScript source, ASCII text, with very long lines (2124)
Size
41 kB (41189 bytes)
Hash
f46acd807a10216e6eee8ea51e0f14d6
4702f47070f7046689432dcf605f11364bc0fbed
d6b84873d27e7e83cf5184aaef778f1ccb896467576cd8af2cad09b31b3c6086

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 41189
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 19:16:48 GMT
expires: Wed, 23 Apr 2025 19:16:48 GMT
cache-control: public, max-age=31536000
age: 72849
last-modified: Mon, 15 Apr 2024 17:34:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/xjs/_/ss/k=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAAAAFAAC4QACwAYAAABAAAAABAAAAQAoMBwAAAABAgGAAQAAAQAADBAIAYCACJAAkhBkIACASCYQQCoAMA4AAAAgAQAAAAQIgIBABAgPEQAAEOgABCABAAAMEAIAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAggAAAAEAAAAAAAAAAAAAAAAAIA/d=0/dg=2/rs=ACT90oEq64VR6sjigETrr97GUlGgfnD1gQ/m=syk2?xjs=s3

142.250.74.164

200 OK

421 B

URL GET HTTP/3
www.google.com/xjs/_/ss/k=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAAAAFAAC4QACwAYAAABAAAAABAAAAQAoMBwAAAABAgGAAQAAAQAADBAIAYCACJAAkhBkIACASCYQQCoAMA4AAAAgAQAAAAQIgIBABAgPEQAAEOgABCABAAAMEAIAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAggAAAAEAAAAAAAAAAAAAAAAAIA/d=0/dg=2/rs=ACT90oEq64VR6sjigETrr97GUlGgfnD1gQ/m=syk2?xjs=s3
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
ASCII text, with very long lines (827), with no line terminators
Size
421 B (421 bytes)
Hash
22fc5eebbc1384767fee12e2c5c84cf2
4685ea5cb2c505629ecd53ccc93dd47be46f42e1
2b14c10c303f38be853811217b64c51205417e52c4ebcca4637228fb61dc0715

HTTP Headers

GET /xjs/_/ss/k=xjs.hd.kQ6bgQPMX2A.L.F4.O/am=wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAAAAFAAC4QACwAYAAABAAAAABAAAAQAoMBwAAAABAgGAAQAAAQAADBAIAYCACJAAkhBkIACASCYQQCoAMA4AAAAgAQAAAAQIgIBABAgPEQAAEOgABCABAAAMEAIAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAggAAAAEAAAAAAAAAAAAAAAAAIA/d=0/dg=2/rs=ACT90oEq64VR6sjigETrr97GUlGgfnD1gQ/m=syk2?xjs=s3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gws-team"
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-length: 421
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 09:09:31 GMT
expires: Thu, 24 Apr 2025 09:09:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 23 Apr 2024 20:56:32 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Origin
age: 22886
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.164

200 OK

7.8 kB

URL GET HTTP/3
www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=0/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/m=sy19e,P10Owf,syoc,sy180,sy182,gSZvdb,syts,syty,sytz,WlNQGd,syoa,syug,syui,nabPbb,syob,syod,syoe,syof,syoh,DPreE,syk2,sytr,sytt,CnSW2d,kQvlef,syuh,fXO0xe?xjs=s3
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JavaScript source, ASCII text, with very long lines (519)
Size
7.8 kB (7753 bytes)
Hash
7e9724a59dd87daced0e73a43b299745
f5e370646a7a454966aa1e40fb122aa2517b39b3
1449a3dbf07cc3879dad6aa907014d0fdf85512f7bbfd060a685cc7fb24e1749

HTTP Headers

GET /xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=0/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/m=sy19e,P10Owf,syoc,sy180,sy182,gSZvdb,syts,syty,sytz,WlNQGd,syoa,syug,syui,nabPbb,syob,syod,syoe,syof,syoh,DPreE,syk2,sytr,sytt,CnSW2d,kQvlef,syuh,fXO0xe?xjs=s3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gws-team"
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-length: 7753
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:17:41 GMT
expires: Thu, 24 Apr 2025 07:17:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 24 Apr 2024 06:32:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 29596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/gen_204?atyp=i&ei=sCUpZoneEeXQwPAPhfOwkAo&dt19=2&zx=1713972657728&opi=89978449

142.250.74.164

204 No Content

0 B

URL POST HTTP/3
www.google.com/gen_204?atyp=i&ei=sCUpZoneEeXQwPAPhfOwkAo&dt19=2&zx=1713972657728&opi=89978449
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /gen_204?atyp=i&ei=sCUpZoneEeXQwPAPhfOwkAo&dt19=2&zx=1713972657728&opi=89978449 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-NDttqyfSZZgfCck9Fiemww' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Wed, 24 Apr 2024 15:30:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/gen_204?atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&s=promo&rt=hpbas.1313&zx=1713972657730&opi=89978449

142.250.74.164

204 No Content

0 B

URL POST HTTP/3
www.google.com/gen_204?atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&s=promo&rt=hpbas.1313&zx=1713972657730&opi=89978449
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /gen_204?atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&s=promo&rt=hpbas.1313&zx=1713972657730&opi=89978449 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-qcHoxkQRIH6Ti20nxDzOJw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Wed, 24 Apr 2024 15:30:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/client_204?cs=1&opi=89978449

142.250.74.164

204 No Content

0 B

URL GET HTTP/3
www.google.com/client_204?cs=1&opi=89978449
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client_204?cs=1&opi=89978449 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-KqnBS72dqhQGkwTUig90jg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Wed, 24 Apr 2024 15:30:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: __Secure-ENID=19.SE=YuyHvwpOVQTA2RVCegFVPbYnBEEN4A0q7NEn6WDXSkya7sdq4hfTN_Hz5cstSIbvDLYvRJo5sWpF_4jr1tQKthyodAMNqZgMXWVtosSiII_TZbGtCMjjCg0tP2YKdQUVMccG0rtqwVD4GYP-jjXacpC0hit-7B8Ycclqlh_zRLv1-pmU7YYadWuLrxnH84wk2ExWr9VNjBc; expires=Sun, 25-May-2025 07:49:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.164

200 OK

828 B

URL GET HTTP/3
www.google.com/xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=0/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/m=kMFpHd,sy8l,bm51tf?xjs=s3
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
JavaScript source, ASCII text, with very long lines (596)
Size
828 B (828 bytes)
Hash
becd95fe32448f8092923d4e57f7705d
164f7caf6dad5e61932ca3839b1e6b734a797d8e
afa0ff7fc9e35d3569f7b9eaeea13ea5481ec8bf144a8dc18cfcf6cef43e2daa

HTTP Headers

GET /xjs/_/js/k=xjs.hd.en.UgW3itXhU94.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh/d=0/dg=2/rs=ACT90oHvOnqcVlJkKsUVUdNsJHtxnhBufA/m=kMFpHd,sy8l,bm51tf?xjs=s3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gws-team"
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-length: 828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:17:42 GMT
expires: Thu, 24 Apr 2025 07:17:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 24 Apr 2024 06:32:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 29595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=sCUpZoneEeXQwPAPhfOwkAo&zx=1713972657821&opi=89978449

142.250.74.164

204 No Content

0 B

URL GET HTTP/3
www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=sCUpZoneEeXQwPAPhfOwkAo&zx=1713972657821&opi=89978449
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=sCUpZoneEeXQwPAPhfOwkAo&zx=1713972657821&opi=89978449 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=YuyHvwpOVQTA2RVCegFVPbYnBEEN4A0q7NEn6WDXSkya7sdq4hfTN_Hz5cstSIbvDLYvRJo5sWpF_4jr1tQKthyodAMNqZgMXWVtosSiII_TZbGtCMjjCg0tP2YKdQUVMccG0rtqwVD4GYP-jjXacpC0hit-7B8Ycclqlh_zRLv1-pmU7YYadWuLrxnH84wk2ExWr9VNjBc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-w1NFfGyhgN6Dh9EnGjtlWA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Wed, 24 Apr 2024 15:30:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/gen_204?atyp=csi&ei=sSUpZoWfL5W7wPAPpvCYsAU&s=async&astyp=hpba&ima=0&imn=0&hp=&rt=ttfb.79,st.93,bs.27,aaft.95,acrt.95,art.95&zx=1713972657826&opi=89978449

142.250.74.164

204 No Content

0 B

URL POST HTTP/3
www.google.com/gen_204?atyp=csi&ei=sSUpZoWfL5W7wPAPpvCYsAU&s=async&astyp=hpba&ima=0&imn=0&hp=&rt=ttfb.79,st.93,bs.27,aaft.95,acrt.95,art.95&zx=1713972657826&opi=89978449
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /gen_204?atyp=csi&ei=sSUpZoWfL5W7wPAPpvCYsAU&s=async&astyp=hpba&ima=0&imn=0&hp=&rt=ttfb.79,st.93,bs.27,aaft.95,acrt.95,art.95&zx=1713972657826&opi=89978449 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=YuyHvwpOVQTA2RVCegFVPbYnBEEN4A0q7NEn6WDXSkya7sdq4hfTN_Hz5cstSIbvDLYvRJo5sWpF_4jr1tQKthyodAMNqZgMXWVtosSiII_TZbGtCMjjCg0tP2YKdQUVMccG0rtqwVD4GYP-jjXacpC0hit-7B8Ycclqlh_zRLv1-pmU7YYadWuLrxnH84wk2ExWr9VNjBc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-42dLuwaGr91H_pXHm74A5A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Wed, 24 Apr 2024 15:30:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/gen_204?atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&s=promo&rt=hpbas.1313,hpbarr.98&zx=1713972657827&opi=89978449

142.250.74.164

204 No Content

0 B

URL POST HTTP/3
www.google.com/gen_204?atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&s=promo&rt=hpbas.1313,hpbarr.98&zx=1713972657827&opi=89978449
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /gen_204?atyp=csi&ei=sCUpZoneEeXQwPAPhfOwkAo&s=promo&rt=hpbas.1313,hpbarr.98&zx=1713972657827&opi=89978449 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=YuyHvwpOVQTA2RVCegFVPbYnBEEN4A0q7NEn6WDXSkya7sdq4hfTN_Hz5cstSIbvDLYvRJo5sWpF_4jr1tQKthyodAMNqZgMXWVtosSiII_TZbGtCMjjCg0tP2YKdQUVMccG0rtqwVD4GYP-jjXacpC0hit-7B8Ycclqlh_zRLv1-pmU7YYadWuLrxnH84wk2ExWr9VNjBc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zgK7zCZI3iRLXCgYQAtRCQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Wed, 24 Apr 2024 15:30:57 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/async/hpba?vet=10ahUKEwiJ9tTalduFAxVlKBAIHYU5DKIQj-0KCCA..i&ei=sCUpZoneEeXQwPAPhfOwkAo&opi=89978449&yv=3&cs=0&async=isImageHp:false,eventId:sCUpZoneEeXQwPAPhfOwkAo,_ck:xjs.hd.kQ6bgQPMX2A.L.F4.O,_k:xjs.hd.en.UgW3itXhU94.O,_am:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh,_cssam:wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAAAAFAAC4QACwAYAAABAAAAABAAAAQAoMBwAAAABAgGAAQAAAQAADBAIAYCACJAAkhBkIACASCYQQCoAMA4AAAAgAQAAAAQIgIBABAgPEQAAEOgABCABAAAMEAIAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAggAAAAEAAAAAAAAAAAAAAAAAIA,_csss:ACT90oEq64VR6sjigETrr97GUlGgfnD1gQ,_fmt:prog,_id:a3JU5b

142.250.74.164

200 OK

84 B

URL GET HTTP/3
www.google.com/async/hpba?vet=10ahUKEwiJ9tTalduFAxVlKBAIHYU5DKIQj-0KCCA..i&ei=sCUpZoneEeXQwPAPhfOwkAo&opi=89978449&yv=3&cs=0&async=isImageHp:false,eventId:sCUpZoneEeXQwPAPhfOwkAo,_ck:xjs.hd.kQ6bgQPMX2A.L.F4.O,_k:xjs.hd.en.UgW3itXhU94.O,_am:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh,_cssam:wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAAAAFAAC4QACwAYAAABAAAAABAAAAQAoMBwAAAABAgGAAQAAAQAADBAIAYCACJAAkhBkIACASCYQQCoAMA4AAAAgAQAAAAQIgIBABAgPEQAAEOgABCABAAAMEAIAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAggAAAAEAAAAAAAAAAAAAAAAAIA,_csss:ACT90oEq64VR6sjigETrr97GUlGgfnD1gQ,_fmt:prog,_id:a3JU5b
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
ASCII text, with no line terminators
Size
84 B (84 bytes)
Hash
595fbea4f42b8da21d4eb7f6c72d0cc0
cf42b8cce73520877949448881b0fd9aa6571c44
8589d2085f5a769f064ada3f733d9d6bcd71e3366c75841ea1b80f359a462433

HTTP Headers

GET /async/hpba?vet=10ahUKEwiJ9tTalduFAxVlKBAIHYU5DKIQj-0KCCA..i&ei=sCUpZoneEeXQwPAPhfOwkAo&opi=89978449&yv=3&cs=0&async=isImageHp:false,eventId:sCUpZoneEeXQwPAPhfOwkAo,_ck:xjs.hd.kQ6bgQPMX2A.L.F4.O,_k:xjs.hd.en.UgW3itXhU94.O,_am:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACAEEABAAAKAAAgAAAAAAAAhgAAAQAheB4AIUAQAgGAAQgEAXgoHwAImACAAIAAgBCAIAAASAAAACgAAAAAAAAAAAAAAwQQAAAAAAAAAAAAAOgAAEAAABAMEAIAEAAAAIA8AMEBMEhBAAAAAAAAAAAAAIAAJgjmggQEBEAAAAAAAAAAAAAAAKTSiYUh,_cssam:wAoAAAAAAAAGAAAAAAAAAAAAAAAAAAQAQAAAAAAAFAAC4QACwAYAAABAAAAABAAAAQAoMBwAAAABAgGAAQAAAQAADBAIAYCACJAAkhBkIACASCYQQCoAMA4AAAAgAQAAAAQIgIBABAgPEQAAEOgABCABAAAMEAIAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAggAAAAEAAAAAAAAAAAAAAAAAIA,_csss:ACT90oEq64VR6sjigETrr97GUlGgfnD1gQ,_fmt:prog,_id:a3JU5b HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
version: 627089961
x-content-type-options: nosniff
content-type: text/plain; charset=UTF-8
content-disposition: attachment; filename="f.txt"
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
content-encoding: br
date: Wed, 24 Apr 2024 15:30:57 GMT
server: gws
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resgateseuspontoslivelodescobra.in.ua/resgateaqui/

104.21.50.12

302 Found

197 kB

URL User Request GET HTTP/3
resgateseuspontoslivelodescobra.in.ua/resgateaqui/
IP
104.21.50.12:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectresgateseuspontoslivelodescobra.in.ua
Fingerprint61:61:B0:EA:F8:12:D6:BE:F6:03:C3:5A:DB:20:68:93:E2:89:8B:C4
ValidityWed, 10 Apr 2024 16:25:30 GMT - Tue, 09 Jul 2024 16:25:29 GMT

File type

Size
197 kB (197370 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /resgateaqui/ HTTP/1.1
Host: resgateseuspontoslivelodescobra.in.ua
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=66p02j8pgeuqglnkcsp10on311
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 24 Apr 2024 15:30:56 GMT
content-type: text/html; charset=UTF-8
location: https://www.google.com
x-powered-by: PHP/8.0.0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oarUHDx8eKUvOnRyQ0wbNCCa1d1x9uASnQ6G0kAPDjlpKPF6p1RghIiIiwJHtd4%2Fogb%2BHJtrl4vzFpG5oivYXrixtv%2B%2BCENqFJN2vRn8V0fhmmEoFvWO8ps2MEA51mFpYPVELk6SFnFHyaEX8XB24UkY6bFdMVgs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87972329ac8f7128-OSL
alt-svc: h3=":443"; ma=86400

resgateseuspontoslivelodescobra.in.ua/

104.21.50.12

302 Found

197 kB

URL User Request GET HTTP/2
resgateseuspontoslivelodescobra.in.ua/
IP
104.21.50.12:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectresgateseuspontoslivelodescobra.in.ua
Fingerprint61:61:B0:EA:F8:12:D6:BE:F6:03:C3:5A:DB:20:68:93:E2:89:8B:C4
ValidityWed, 10 Apr 2024 16:25:30 GMT - Tue, 09 Jul 2024 16:25:29 GMT

File type

Size
197 kB (197370 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: resgateseuspontoslivelodescobra.in.ua
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=66p02j8pgeuqglnkcsp10on311
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 24 Apr 2024 15:30:55 GMT
content-type: text/html; charset=UTF-8
location: resgateaqui/
x-powered-by: PHP/8.0.0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FnCh6yxQZjYWZE%2BIIcEsEXVzUYiDHWmhxyZ0JnTxZjF0dY2WakAae%2B8A6xXViAiPFEbxkF7mpBvm3vjyyl0b0Yzq3OQXlZbRPu08cEsKlyQ1VO1LpyyFg%2FyG%2F9msJhN7pW0gaHXn5qZZwKsPHAn3QJhz9WAv9%2Bd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87972322db4556cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/tia/tia.png

142.250.74.164

200 OK

258 B

URL GET HTTP/3
www.google.com/tia/tia.png
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
PNG image data, 27 x 23, 8-bit/color RGB, non-interlaced
Size
258 B (258 bytes)
Hash
201e50d8dd7a30c0a918213686ca43b7
6678592120e899f0d2245c8afeaf9d4a3043c41b
c532312eea8020a0370685b222a02b11becd58cd394b509029dff5956127dd81

HTTP Headers

GET /tia/tia.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; AEC=AQTF6HxFlHSGbEtlrneu6MXognf8E3kUDDAW0tkLXOvpFb0_EjCCvjuHVgI; __Secure-ENID=19.SE=H3tPjhufRfo1g8kztC52FN6BHdLG0V5zzQKanvV9_oTxApTkEgMw9QWIiG5N6E3uD13UDoBBzqHxp6a2Xa-OQK889fWRtXjs4xAowSmsz1vIqJoVAHKCBjO7e6eTJC9hvW7cdXEfsnIFEcd5OHM-c5HJyP_koTnKCGVUJpLdCQCak3Ck6gDQjHNT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 258
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:50:16 GMT
expires: Fri, 18 Apr 2025 02:50:16 GMT
cache-control: public, max-age=31536000
age: 564040
last-modified: Fri, 27 Sep 2019 01:00:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML