Report - yansex.net/

Report Overview

Submitted URL
yansex.net/
IP
185.53.177.50
ASN
#61969 Team Internet AG
Submitted
2024-04-25 22:15:55
Access
public
Website Title
yansex.net
Final URL
yansex.net/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
d38psrni17bvxu.cloudfront.net	unknown	2008-04-25	2022-09-22	2024-04-24	471 B	12 kB	54.230.241.34
yansex.net	unknown	unknown	No data	No data	2.5 kB	102 kB	185.53.177.50
www.adsensecustomsearchads.com	unknown	2011-01-28	2015-09-02	2024-04-25	3.3 kB	196 kB	216.58.211.14
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2024-04-25	995 B	2.1 kB	142.250.74.97
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	427 B	191 kB	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	yansex.net	Sinkholed
2024-04-25	medium	yansex.net	Sinkholed
2024-04-25	medium	yansex.net	Sinkholed
2024-04-25	medium	yansex.net	Sinkholed
2024-04-25	medium	yansex.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	yansex.net/	968 B	2023-03-08	2024-05-05
Pretty URL yansex.net/ IP 185.53.177.50 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:24:08 Last Seen2024-05-05 10:30:14 Times Seen27869 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	yansex.net/	8.0 kB	2024-04-26	2024-04-26
Pretty URL yansex.net/ IP 185.53.177.50 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 00:16:01 Last Seen2024-04-26 00:16:01 Times Seen1 Hash 36c614b4f02b28a991b84aac849d5dc2 4db99e858f6bddc5515adadd41777ef097575a81 f012b529b0240469441385cad3afa3ff4e35c3e8adc7208e786064d8f697244c Loading...

	www.adsensecustomsearchads.com/adsense/domains/caf.js	190 kB	2024-04-25	2024-05-01
Pretty URL www.adsensecustomsearchads.com/adsense/domains/caf.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 21:33:28 Last Seen2024-05-01 20:38:29 Times Seen1006 Hash 7e32a8295164af82782088e06187ca26 6cae04ee783892e8ae1844506d9ee2b3dcc4ffa7 decd6ea4efaa872dc1edcdd29a07207efb282c79b903a885f5f3efcd64b526c1 Loading...

	www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fyansex.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjJhZDYwMjQwNTMwfHx8MTcxNDA4MzMzMC4yNzQ5fGJlZDhlMzA2MmIxYmRkMjBiZjlkN2IzMjdjMGVmMTA1ZGU3ZmI1MDR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmYjIxMjNiY2M2ZjA0ZjBjZGE2YWZjNzNjNDBhYjYwN2JiMzBiZjA1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2581136258048968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=661714083330786&num=0&output=afd_ads&domain_name=yansex.net&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1714083330787&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=627058929&rurl=https%3A%2F%2Fyansex.net%2F	915 B	2024-04-26	2024-04-26
Pretty URL www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fyansex.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjJhZDYwMjQwNTMwfHx8MTcxNDA4MzMzMC4yNzQ5fGJlZDhlMzA2MmIxYmRkMjBiZjlkN2IzMjdjMGVmMTA1ZGU3ZmI1MDR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmYjIxMjNiY2M2ZjA0ZjBjZGE2YWZjNzNjNDBhYjYwN2JiMzBiZjA1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2581136258048968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=661714083330786&num=0&output=afd_ads&domain_name=yansex.net&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1714083330787&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=627058929&rurl=https%3A%2F%2Fyansex.net%2F IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 00:16:01 Last Seen2024-04-26 00:16:01 Times Seen1 Hash ef158cbc9f3a0e085f39291af3c77ae5 a5c30655158ad6b9f5254de7bfd42fd168843c11 3981f91f48b8c2175757db690c415360c92973195d12511776f012bc4d4a6dca Loading...

	yansex.net/	669 B	2024-04-26	2024-04-26
Pretty URL yansex.net/ IP 185.53.177.50 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 00:16:01 Last Seen2024-04-26 00:16:01 Times Seen1 Hash 2452903b0ac5d655612657351a61bafa 5af6e5dc5899ee1282c3f60c8b3bdb6c70b516f7 77ce82c5343478bb307eedcc82f46e0fbbbf5c2404b805a1dd08849f6779da68 Loading...

	yansex.net/	40 B	2023-08-09	2024-05-05
Pretty URL yansex.net/ IP 185.53.177.50 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-09 10:52:17 Last Seen2024-05-05 10:30:14 Times Seen9096 Hash fca3e6a61d4a07440e4f10c4dbaad8e3 41480802bf872b2d15f9cbcadba025fe326eac03 dfe5c5e10934e7abf7903d4ede3b8fa091c11bef63d675808e6314ec763185ee Loading...

	yansex.net/	483 B	2024-01-04	2024-05-05
Pretty URL yansex.net/ IP 185.53.177.50 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-04 10:26:15 Last Seen2024-05-05 10:30:14 Times Seen2910 Hash 18f2edc58d8a7b9e6b82454e8658c157 e5dfdd0fa61b3a5ef68dab382a0ba93e9e7b67fb 2d9b07a0704d92dda4deae88bc582aeb659923c8d44d0e7362e13cb28d88d250 Loading...

	yansex.net/	50 B	2024-01-04	2024-05-05
Pretty URL yansex.net/ IP 185.53.177.50 ASN #61969 Team Internet AG Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-04 10:26:15 Last Seen2024-05-05 10:30:14 Times Seen2872 Hash 1b334e0123cf0cb113092022fb726782 45abb42a6680499daa10d83d2859329de1843de2 42591f96b9a41a7e2e5ecd0240dd7fecdcf03ef8454b57c68f08697474a4b579 Loading...

	www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true	190 kB	2024-04-24	2024-04-30
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:28:04 Last Seen2024-04-30 17:42:34 Times Seen596 Hash 897277c2483f5e2098436b44787fbd62 903f66035a40f652f160272214c7ddf40ae12b2a 75c094124cda3ce0beba1b35bd4bea5a85495d53a871c66f55fbb8b027a63996 Loading...

HTTP Transactions (13)

URL IP Response Size

d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png

54.230.241.34

200 OK

11 kB

URL GET HTTP/2
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP
54.230.241.34:443
ASN
#16509 AMAZON-02

Requested by
https://yansex.net/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced
Size
11 kB (11375 bytes)
Hash
0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

HTTP Headers

GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yansex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 11375
server: nginx
date: Thu, 25 Apr 2024 17:26:57 GMT
last-modified: Thu, 21 Mar 2024 11:48:11 GMT
accept-ranges: bytes
etag: "65fc1e7b-2c6f"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xYzkQRmd2YZWwoE79qr5rTbmEiuh3FhygFAs8g7EaiI_KWbg_Uaxig==
age: 17313
X-Firefox-Spdy: h2

yansex.net/

185.53.177.50

200 OK

5.8 kB

URL User Request GET HTTP/2
yansex.net/
IP
185.53.177.50:443
ASN
#61969 Team Internet AG

Certificate
IssuerLet's Encrypt
Subjectyansex.net
Fingerprint0E:56:EB:45:44:AB:B5:C0:E2:0D:16:6F:70:8F:B6:10:BE:39:0F:AF
ValidityTue, 05 Mar 2024 08:49:26 GMT - Mon, 03 Jun 2024 08:49:25 GMT

File type
HTML document, ASCII text, with very long lines (8019)
Size
5.8 kB (5776 bytes)
Hash
13ab4e742bdaa9f6fa827574342e1e62
cbe7780d7a5b35d855458862edf6a4eb31950a88
87315c7523d1303a3e0c35e2a068045dc159235c28a97111d1e0676c40c09329

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: yansex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
alt-svc: h3=":8443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 22:15:30 GMT
server: Caddy, nginx
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Q2IuId9emOvGOCMUGmXpTBJSwHrxtXZTT/C0md/nbYyLvTW5qMTQlAkJYNfA/0xYWdDqGDSmfyg6dS59uXGbhQ==
x-buckets: bucket102
x-domain: yansex.net
x-forwarded-host: yansex.net
x-language: norwegian
x-ssl-c: v1
x-ssl-proxy: v2
x-subdomain: 
x-template: tpl_CleanPeppermintBlack_twoclick
X-Firefox-Spdy: h2

www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fyansex.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjJhZDYwMjQwNTMwfHx8MTcxNDA4MzMzMC4yNzQ5fGJlZDhlMzA2MmIxYmRkMjBiZjlkN2IzMjdjMGVmMTA1ZGU3ZmI1MDR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmYjIxMjNiY2M2ZjA0ZjBjZGE2YWZjNzNjNDBhYjYwN2JiMzBiZjA1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2581136258048968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=661714083330786&num=0&output=afd_ads&domain_name=yansex.net&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1714083330787&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=627058929&rurl=https%3A%2F%2Fyansex.net%2F

216.58.211.14

200 OK

2.9 kB

URL GET HTTP/2
www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fyansex.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjJhZDYwMjQwNTMwfHx8MTcxNDA4MzMzMC4yNzQ5fGJlZDhlMzA2MmIxYmRkMjBiZjlkN2IzMjdjMGVmMTA1ZGU3ZmI1MDR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmYjIxMjNiY2M2ZjA0ZjBjZGE2YWZjNzNjNDBhYjYwN2JiMzBiZjA1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2581136258048968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=661714083330786&num=0&output=afd_ads&domain_name=yansex.net&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1714083330787&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=627058929&rurl=https%3A%2F%2Fyansex.net%2F
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://yansex.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
Fingerprint49:07:4A:21:AA:02:3C:78:A7:B4:D3:71:AA:98:EE:0F:2D:3F:5C:99
ValidityMon, 18 Mar 2024 19:42:57 GMT - Mon, 10 Jun 2024 19:42:56 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (13906)
Size
2.9 kB (2915 bytes)
Hash
cdafe5d3dc9db3d6b3077c6afa0ee5ef
dc04897c8ebada03fcca1073e650b07a86fa8dbb
be4ac67bc55d37bd52e099bbe88a7507d656bdaa346d52efce4d59cb010f1bb2

HTTP Headers

GET /afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fyansex.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjJhZDYwMjQwNTMwfHx8MTcxNDA4MzMzMC4yNzQ5fGJlZDhlMzA2MmIxYmRkMjBiZjlkN2IzMjdjMGVmMTA1ZGU3ZmI1MDR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmYjIxMjNiY2M2ZjA0ZjBjZGE2YWZjNzNjNDBhYjYwN2JiMzBiZjA1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2581136258048968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=661714083330786&num=0&output=afd_ads&domain_name=yansex.net&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1714083330787&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=627058929&rurl=https%3A%2F%2Fyansex.net%2F HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yansex.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 25 Apr 2024 22:15:30 GMT
expires: Thu, 25 Apr 2024 22:15:30 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-rRynGBSw8d1r7Sww3oBeeA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.74.97

200 OK

174 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fyansex.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjJhZDYwMjQwNTMwfHx8MTcxNDA4MzMzMC4yNzQ5fGJlZDhlMzA2MmIxYmRkMjBiZjlkN2IzMjdjMGVmMTA1ZGU3ZmI1MDR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmYjIxMjNiY2M2ZjA0ZjBjZGE2YWZjNzNjNDBhYjYwN2JiMzBiZjA1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2581136258048968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=661714083330786&num=0&output=afd_ads&domain_name=yansex.net&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1714083330787&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=627058929&rurl=https%3A%2F%2Fyansex.net%2F
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47
ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT

File type
SVG Scalable Vector Graphics image
Size
174 B (174 bytes)
Hash
11b3089d616633ca6b73b57aa877eeb4
07632f63e06b30d9b63c97177d3a8122629bda9b
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.adsensecustomsearchads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 00:37:38 GMT
expires: Thu, 25 Apr 2024 23:37:38 GMT
cache-control: public, max-age=82800
age: 77873
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

yansex.net/track.php?domain=yansex.net&toggle=browserjs&uid=MTcxNDA4MzMzMC4yNjM1OjhjZWEwZDhjOGU5YWFhNmFkYWQyZDNhNDVlMzJjYWVmN2JmNmFmOTBkYmM2NWNlNGFiYTgyODhkYTQzY2I3ZGI6NjYyYWQ2MDI0MDU2Yg%3D%3D

185.53.177.50

200 OK

9.8 kB

URL GET HTTP/2
yansex.net/track.php?domain=yansex.net&toggle=browserjs&uid=MTcxNDA4MzMzMC4yNjM1OjhjZWEwZDhjOGU5YWFhNmFkYWQyZDNhNDVlMzJjYWVmN2JmNmFmOTBkYmM2NWNlNGFiYTgyODhkYTQzY2I3ZGI6NjYyYWQ2MDI0MDU2Yg%3D%3D
IP
185.53.177.50:443
ASN
#61969 Team Internet AG

Requested by
https://yansex.net/
Certificate
IssuerLet's Encrypt
Subjectyansex.net
Fingerprint0E:56:EB:45:44:AB:B5:C0:E2:0D:16:6F:70:8F:B6:10:BE:39:0F:AF
ValidityTue, 05 Mar 2024 08:49:26 GMT - Mon, 03 Jun 2024 08:49:25 GMT

File type
gzip compressed data, max speed, from Unix
Size
9.8 kB (9833 bytes)
Hash
e56a5d7cb9c7644d94e20fc84420261d
86491888b603ddc53c577cad469cd954f7d22c53
646d7aed89c01a89ad129cf0635c7d856f4a425a0967cf7b34f26eb614e13060

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /track.php?domain=yansex.net&toggle=browserjs&uid=MTcxNDA4MzMzMC4yNjM1OjhjZWEwZDhjOGU5YWFhNmFkYWQyZDNhNDVlMzJjYWVmN2JmNmFmOTBkYmM2NWNlNGFiYTgyODhkYTQzY2I3ZGI6NjYyYWQ2MDI0MDU2Yg%3D%3D HTTP/1.1
Host: yansex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yansex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-origin: *
alt-svc: h3=":8443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 22:15:30 GMT
server: Caddy, nginx
vary: Accept-Encoding
x-custom-track: browserjs
x-forwarded-host: yansex.net
x-ssl-c: v1
x-ssl-proxy: v2
X-Firefox-Spdy: h2

yansex.net/ls.php?t=662ad602&token=fb2123bcc6f04f0cda6afc73c40ab607bb30bf05

185.53.177.50

201 Created

84 kB

URL GET HTTP/2
yansex.net/ls.php?t=662ad602&token=fb2123bcc6f04f0cda6afc73c40ab607bb30bf05
IP
185.53.177.50:443
ASN
#61969 Team Internet AG

Requested by
https://yansex.net/
Certificate
IssuerLet's Encrypt
Subjectyansex.net
Fingerprint0E:56:EB:45:44:AB:B5:C0:E2:0D:16:6F:70:8F:B6:10:BE:39:0F:AF
ValidityTue, 05 Mar 2024 08:49:26 GMT - Mon, 03 Jun 2024 08:49:25 GMT

File type
data
Size
84 kB (83498 bytes)
Hash
50bed0d8f69d1a415df545e35388ccbd
d7fc68caac410d3d725a60e07c279412ef8bf158
8ac7a8eb79a0482b013d41caba25ba7a68a45e90fe5dc5a1a0faab0e1fc4d9eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ls.php?t=662ad602&token=fb2123bcc6f04f0cda6afc73c40ab607bb30bf05 HTTP/1.1
Host: yansex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yansex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 201 Created
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: 
access-control-max-age: 86400
alt-svc: h3=":8443"; ma=2592000
charset: utf-8
content-type: text/javascript;charset=UTF-8
date: Thu, 25 Apr 2024 22:15:30 GMT
server: Caddy, nginx
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_BVOCD0Ht18ORHZULlldE7nCP3y7rqn8kV5sQhM/QwpTwz+OzYDOYi5+iGKzQ0IcEaXgMMhIbW00FQ5sawaWIbg==
x-forwarded-host: yansex.net
x-log-success: 662ad602a84d8189dc0abcc5
x-ssl-c: v1
x-ssl-proxy: v2
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

142.250.74.97

200 OK

270 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fyansex.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjJhZDYwMjQwNTMwfHx8MTcxNDA4MzMzMC4yNzQ5fGJlZDhlMzA2MmIxYmRkMjBiZjlkN2IzMjdjMGVmMTA1ZGU3ZmI1MDR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmYjIxMjNiY2M2ZjA0ZjBjZGE2YWZjNzNjNDBhYjYwN2JiMzBiZjA1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2581136258048968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=661714083330786&num=0&output=afd_ads&domain_name=yansex.net&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1714083330787&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=627058929&rurl=https%3A%2F%2Fyansex.net%2F
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47
ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT

File type
SVG Scalable Vector Graphics image
Size
270 B (270 bytes)
Hash
8959ddcd9712196961d93f58064ed655
62ab1e38e7e9fbf58a04381b76c2d96a9c829f24
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.adsensecustomsearchads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:47:07 GMT
expires: Thu, 25 Apr 2024 22:47:07 GMT
cache-control: public, max-age=82800
age: 80904
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=m1omb61kpnte&aqid=AtYqZs2GN_CAxdwP2b26qAY&psid=1167268112&pbt=bs&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=627058929&csala=7%7C0%7C446%7C86%7C78&lle=0&ifv=1&hpt=1

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=m1omb61kpnte&aqid=AtYqZs2GN_CAxdwP2b26qAY&psid=1167268112&pbt=bs&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=627058929&csala=7%7C0%7C446%7C86%7C78&lle=0&ifv=1&hpt=1
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://yansex.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
Fingerprint49:07:4A:21:AA:02:3C:78:A7:B4:D3:71:AA:98:EE:0F:2D:3F:5C:99
ValidityMon, 18 Mar 2024 19:42:57 GMT - Mon, 10 Jun 2024 19:42:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=m1omb61kpnte&aqid=AtYqZs2GN_CAxdwP2b26qAY&psid=1167268112&pbt=bs&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=627058929&csala=7%7C0%7C446%7C86%7C78&lle=0&ifv=1&hpt=1 HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yansex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-FJvTKT5F6F3QU5EqE2dz5A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Thu, 25 Apr 2024 22:15:32 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=lsnuv8d24o0i&aqid=AtYqZs2GN_CAxdwP2b26qAY&psid=1167268112&pbt=bv&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=627058929&csala=7%7C0%7C446%7C86%7C78&lle=0&ifv=1&hpt=1

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.adsensecustomsearchads.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=lsnuv8d24o0i&aqid=AtYqZs2GN_CAxdwP2b26qAY&psid=1167268112&pbt=bv&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=627058929&csala=7%7C0%7C446%7C86%7C78&lle=0&ifv=1&hpt=1
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://yansex.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
Fingerprint49:07:4A:21:AA:02:3C:78:A7:B4:D3:71:AA:98:EE:0F:2D:3F:5C:99
ValidityMon, 18 Mar 2024 19:42:57 GMT - Mon, 10 Jun 2024 19:42:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=lsnuv8d24o0i&aqid=AtYqZs2GN_CAxdwP2b26qAY&psid=1167268112&pbt=bv&adbx=375&adby=94&adbh=496&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=627058929&csala=7%7C0%7C446%7C86%7C78&lle=0&ifv=1&hpt=1 HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yansex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-amtHkEd58JnM3RQAKSxiCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Thu, 25 Apr 2024 22:15:33 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

yansex.net/track.php?domain=yansex.net&caf=1&toggle=answercheck&answer=yes&uid=MTcxNDA4MzMzMC4yNjM1OjhjZWEwZDhjOGU5YWFhNmFkYWQyZDNhNDVlMzJjYWVmN2JmNmFmOTBkYmM2NWNlNGFiYTgyODhkYTQzY2I3ZGI6NjYyYWQ2MDI0MDU2Yg%3D%3D

185.53.177.50

200 OK

0 B

URL GET HTTP/2
yansex.net/track.php?domain=yansex.net&caf=1&toggle=answercheck&answer=yes&uid=MTcxNDA4MzMzMC4yNjM1OjhjZWEwZDhjOGU5YWFhNmFkYWQyZDNhNDVlMzJjYWVmN2JmNmFmOTBkYmM2NWNlNGFiYTgyODhkYTQzY2I3ZGI6NjYyYWQ2MDI0MDU2Yg%3D%3D
IP
185.53.177.50:443
ASN
#61969 Team Internet AG

Requested by
https://yansex.net/
Certificate
IssuerLet's Encrypt
Subjectyansex.net
Fingerprint0E:56:EB:45:44:AB:B5:C0:E2:0D:16:6F:70:8F:B6:10:BE:39:0F:AF
ValidityTue, 05 Mar 2024 08:49:26 GMT - Mon, 03 Jun 2024 08:49:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /track.php?domain=yansex.net&caf=1&toggle=answercheck&answer=yes&uid=MTcxNDA4MzMzMC4yNjM1OjhjZWEwZDhjOGU5YWFhNmFkYWQyZDNhNDVlMzJjYWVmN2JmNmFmOTBkYmM2NWNlNGFiYTgyODhkYTQzY2I3ZGI6NjYyYWQ2MDI0MDU2Yg%3D%3D HTTP/1.1
Host: yansex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yansex.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-origin: *
alt-svc: h3=":8443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 22:15:31 GMT
server: Caddy, nginx
vary: Accept-Encoding
x-custom-track: answercheck
x-forwarded-host: yansex.net
x-ssl-c: v1
x-ssl-proxy: v2
X-Firefox-Spdy: h2

www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true

142.250.74.164

200 OK

190 kB

URL GET HTTP/2
www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://yansex.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT

File type
JavaScript source, ASCII text, with very long lines (2247)
Size
190 kB (190510 bytes)
Hash
897277c2483f5e2098436b44787fbd62
903f66035a40f652f160272214c7ddf40ae12b2a
75c094124cda3ce0beba1b35bd4bea5a85495d53a871c66f55fbb8b027a63996

HTTP Headers

GET /adsense/domains/caf.js?abp=1&adsdeli=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yansex.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 25 Apr 2024 22:15:30 GMT
expires: Thu, 25 Apr 2024 22:15:30 GMT
cache-control: private, max-age=3600
etag: "7572795066147886669"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

yansex.net/favicon.ico

185.53.177.50

200 OK

0 B

URL GET HTTP/2
yansex.net/favicon.ico
IP
185.53.177.50:443
ASN
#61969 Team Internet AG

Requested by
https://yansex.net/
Certificate
IssuerLet's Encrypt
Subjectyansex.net
Fingerprint0E:56:EB:45:44:AB:B5:C0:E2:0D:16:6F:70:8F:B6:10:BE:39:0F:AF
ValidityTue, 05 Mar 2024 08:49:26 GMT - Mon, 03 Jun 2024 08:49:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: yansex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yansex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
alt-svc: h3=":8443"; ma=2592000
content-type: image/x-icon
date: Thu, 25 Apr 2024 22:15:30 GMT
etag: "66262f9a-0"
last-modified: Mon, 22 Apr 2024 09:36:26 GMT
server: Caddy, nginx
x-forwarded-host: yansex.net
x-ssl-c: v1
x-ssl-proxy: v2
content-length: 0
X-Firefox-Spdy: h2

www.adsensecustomsearchads.com/adsense/domains/caf.js

216.58.211.14

200 OK

190 kB

URL GET HTTP/3
www.adsensecustomsearchads.com/adsense/domains/caf.js
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Fyansex.net%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NjJhZDYwMjQwNTMwfHx8MTcxNDA4MzMzMC4yNzQ5fGJlZDhlMzA2MmIxYmRkMjBiZjlkN2IzMjdjMGVmMTA1ZGU3ZmI1MDR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxmYjIxMjNiY2M2ZjA0ZjBjZGE2YWZjNzNjNDBhYjYwN2JiMzBiZjA1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2581136258048968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=661714083330786&num=0&output=afd_ads&domain_name=yansex.net&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1714083330787&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=627058929&rurl=https%3A%2F%2Fyansex.net%2F
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
Fingerprint49:07:4A:21:AA:02:3C:78:A7:B4:D3:71:AA:98:EE:0F:2D:3F:5C:99
ValidityMon, 18 Mar 2024 19:42:57 GMT - Mon, 10 Jun 2024 19:42:56 GMT

File type
JavaScript source, ASCII text, with very long lines (2247)
Size
190 kB (190517 bytes)
Hash
7e32a8295164af82782088e06187ca26
6cae04ee783892e8ae1844506d9ee2b3dcc4ffa7
decd6ea4efaa872dc1edcdd29a07207efb282c79b903a885f5f3efcd64b526c1

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.adsensecustomsearchads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 25 Apr 2024 22:15:31 GMT
expires: Thu, 25 Apr 2024 22:15:31 GMT
cache-control: private, max-age=3600
etag: "16105270348029751202"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML