Report - gahyqah.com/login.php-~L

Report Overview

Submitted URL
gahyqah.com/login.php-~L
IP
162.255.119.102
ASN
#22612 NAMECHEAP-NET
Submitted
2024-04-16 20:23:27
Access
public
Website Title
gahyqah.com - gahyqah Ressurser og informasjon
Final URL
www.gahyqah.com/login.php-~L
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2024-04-16	995 B	2.1 kB	142.250.74.97
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	413 B	192 kB	142.250.74.164
gahyqah.com	unknown	2019-10-03	2013-01-30	2024-04-15	394 B	307 B	162.255.119.102
img.sedoparking.com	54200	2001-09-18	2013-04-23	2024-04-15	1.3 kB	50 kB	205.234.175.175
www.gahyqah.com	unknown	2019-10-03	2018-06-21	2024-04-15	1.1 kB	8.6 kB	91.195.240.19
www.adsensecustomsearchads.com	unknown	2011-01-28	2015-09-02	2024-04-16	5.2 kB	84 kB	216.58.211.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	gahyqah.com	Sinkholed
2024-04-16	medium	gahyqah.com	Sinkholed
2024-04-16	medium	gahyqah.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	www.adsensecustomsearchads.com/afs/ads/i/iframe.html	1.3 kB	2023-04-05	2024-04-29
Pretty URL www.adsensecustomsearchads.com/afs/ads/i/iframe.html IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 04:36:39 Last Seen2024-04-29 20:54:31 Times Seen22753 Hash 33839cb72649c81ab58b763c95b4a163 0c9b62881e660fded013cee58439ae287690065a cdded269406c9b2b49a3066d12e75913abf338cdd7fa00e31fff299efef1cb76 Loading...

	www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C44786252&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fwww.gahyqah.com%2Fcaf%2F%3Fses%3DY3JlPTE3MTMyOTg5ODMmdGNpZD13d3cuZ2FoeXFhaC5jb202NjFlZGUyNzQ3MDhhMS42MzU3MDM3MCZ0YXNrPXNlYXJjaCZkb21haW49Z2FoeXFhaC5jb20mYV9pZD0zJnNlc3Npb249LWxCLVNzSmVqeWVrTkdrQ3NRLWs%3D&type=3&uiopt=false&swp=as-drid-2280784292183247&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301447%2C17301481&client_gdprApplies=1&format=r3%7Cs&nocache=501713298983740&num=0&output=afd_ads&domain_name=www.gahyqah.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713298983747&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1146&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=https%3A%2F%2Fwww.gahyqah.com%2Flogin.php-~L	905 B	2024-04-16	2024-04-16
Pretty URL www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C44786252&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fwww.gahyqah.com%2Fcaf%2F%3Fses%3DY3JlPTE3MTMyOTg5ODMmdGNpZD13d3cuZ2FoeXFhaC5jb202NjFlZGUyNzQ3MDhhMS42MzU3MDM3MCZ0YXNrPXNlYXJjaCZkb21haW49Z2FoeXFhaC5jb20mYV9pZD0zJnNlc3Npb249LWxCLVNzSmVqeWVrTkdrQ3NRLWs%3D&type=3&uiopt=false&swp=as-drid-2280784292183247&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301447%2C17301481&client_gdprApplies=1&format=r3%7Cs&nocache=501713298983740&num=0&output=afd_ads&domain_name=www.gahyqah.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713298983747&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1146&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=https%3A%2F%2Fwww.gahyqah.com%2Flogin.php-~L IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 22:23:28 Last Seen2024-04-16 22:23:28 Times Seen1 Hash 6816328174e20040b4cf4acd272f1027 10142cd1ab5e1c5d3d6dbe3f2cecdb5b0cc46ada c78e129edfe1630f4265fc62766d02a6073d195dc66164742c7f4fe41f32d2f2 Loading...

	www.adsensecustomsearchads.com/adsense/domains/caf.js	191 kB	2024-04-15	2024-04-17
Pretty URL www.adsensecustomsearchads.com/adsense/domains/caf.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 23:06:22 Last Seen2024-04-17 12:43:39 Times Seen10 Hash d1e6fdd7f5fb16747cbd48714a18187b 2e9fab5053777ed6bca5f3fa8248894a424a6a32 d51c4c571e293112507e321997b5557809d8f59c36b773ace4bbf80b70b5c35c Loading...

	www.gahyqah.com/login.php-~L	2.9 kB	2024-04-16	2024-04-16
Pretty URL www.gahyqah.com/login.php-~L IP 91.195.240.19 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 22:23:28 Last Seen2024-04-16 22:23:28 Times Seen1 Hash af1ddd923d631591529a923eca1c35cd 366e643ea467d71d3a23eaa96dd2966656092d80 78cf10bb98d97f062bb32ba0541468ed7561a467dee91d25b6aca5f0ab39cf06 Loading...

	www.google.com/adsense/domains/caf.js	191 kB	2024-04-15	2024-04-18
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 21:36:05 Last Seen2024-04-18 15:19:22 Times Seen53 Hash c990091375893edb85ded051e06583f2 82fd16ab35b63d29af901b93a4d923b62934d3cd f13024dfb05dccf8e4bfaf8be6198146ce5e0e862ed5eeadaeca3ca938baf810 Loading...

	www.gahyqah.com/login.php-~L	622 B	2023-03-07	2024-04-29
Pretty URL www.gahyqah.com/login.php-~L IP 91.195.240.19 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:15 Last Seen2024-04-29 20:54:31 Times Seen7402 Hash a250fbc5a068488660893f64bcbd3883 a1b5f3c0b8e3d1d4b24c80a2b0ec26e1bfdb710b c23bcb1a9582fa5e6a7640914593be32834a9f9c9996d30c430906c46a448b49 Loading...

	www.gahyqah.com/login.php-~L	5.5 kB	2024-01-10	2024-04-29
Pretty URL www.gahyqah.com/login.php-~L IP 91.195.240.19 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-10 16:33:42 Last Seen2024-04-29 20:54:31 Times Seen6530 Hash 8dea1c8dd04f9474489541bca012175b ada487edd0cde69a3b8dc8fc0d15a393ac865e65 f1b4243e2948e50bd1024644673f303d9e5a14873f86ae05fd3e27b55009ddb1 Loading...

HTTP Transactions (16)

URL IP Response Size

gahyqah.com/login.php-~L

162.255.119.102

58 B

URL User Request GET
gahyqah.com/login.php-~L
IP
162.255.119.102:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text
Size
58 B (58 bytes)
Hash
bbf56d1304cf0801831bc89379498e6b
3d2d3f2c05b024a16f566dd5a3a0617d26ada587
f5bba6b6c497bfd23cdd26fff02e9c068cab21fa3f63dbfce499f5e8209dedb3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login.php-~L HTTP/1.1
Host: gahyqah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 16 Apr 2024 20:23:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 58
Connection: keep-alive
Location: http://www.gahyqah.com/login.php-~L
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx

img.sedoparking.com/templates/images/hero_nc.svg

205.234.175.175

200 OK

20 kB

URL GET HTTP/2
img.sedoparking.com/templates/images/hero_nc.svg
IP
205.234.175.175:443
ASN
#30081 CACHENETWORKS

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerGlobalSign nv-sa
Subject*.cachefly.net
Fingerprint0F:4E:B2:D7:96:B9:94:D0:35:66:76:6C:4B:16:18:49:DE:42:80:71
ValidityMon, 13 Nov 2023 19:46:02 GMT - Sat, 14 Dec 2024 19:46:01 GMT

File type
SVG Scalable Vector Graphics image
Size
20 kB (20346 bytes)
Hash
5a2c392e7acdf6e9de6e00129500503c
c8d0f80381e4ce180b5eb3c4c98539907292a7bb
878da09a057ec8f1775cdc522e5f7ec44966df547a87a9c29826ba114833c24b

HTTP Headers

GET /templates/images/hero_nc.svg HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:23:03 GMT
content-type: image/svg+xml
content-length: 20346
access-control-allow-origin: *
x-cff: B
last-modified: Thu, 05 Oct 2023 09:16:15 GMT
vary: Accept-Encoding
x-cf3: H
cf4age: 18658
x-cf-tsc: 1711139347
cf4ttl: 31517342.000
content-encoding: gzip
x-cf2: H
server: CFS 1124
x-cf-reqid: 2ad8cc972b56496e15a7e211dce7214c
x-cf1: 11696:fB.arn1:nom:cacheN.arn1-01:H
accept-ranges: bytes
X-Firefox-Spdy: h2

img.sedoparking.com/templates/bg/arrows-curved.png

205.234.175.175

200 OK

14 kB

URL GET HTTP/2
img.sedoparking.com/templates/bg/arrows-curved.png
IP
205.234.175.175:443
ASN
#30081 CACHENETWORKS

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerGlobalSign nv-sa
Subject*.cachefly.net
Fingerprint0F:4E:B2:D7:96:B9:94:D0:35:66:76:6C:4B:16:18:49:DE:42:80:71
ValidityMon, 13 Nov 2023 19:46:02 GMT - Sat, 14 Dec 2024 19:46:01 GMT

File type
PNG image data, 413 x 594, 8-bit/color RGBA, non-interlaced
Size
14 kB (13502 bytes)
Hash
107694ee1e94990d97b7e58651ffd6a0
7dd9ae7badf78be01ea0623df1e90171348716ff
7aa2a3e9a9575a27f5593c3b0357423128c468a46ed20d284ce5a21555ee67bc

HTTP Headers

GET /templates/bg/arrows-curved.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:23:03 GMT
content-type: image/png
content-length: 13502
access-control-allow-origin: *
cache-control: max-age=604800
expires: Tue, 23 Apr 2024 20:23:03 GMT
x-cfhash: "107694ee1e94990d97b7e58651ffd6a0"
x-cff: B
last-modified: Tue, 12 Oct 2021 05:19:02 GMT
x-cf3: H
cf4age: 238283
x-cf-tsc: 1711139574
cf4ttl: 31297716.000
x-cf2: H
server: CFS 1124
x-cf-reqid: c42c6ce5ea108ab629304eb8cea932b5
x-cf1: 11696:fB.arn1:cf:cacheN.arn1-01:H
accept-ranges: bytes
X-Firefox-Spdy: h2

www.gahyqah.com/login.php-~L

91.195.240.19

200 OK

7.7 kB

URL User Request GET HTTP/2
www.gahyqah.com/login.php-~L
IP
91.195.240.19:443
ASN
#47846 SEDO GmbH

Certificate
IssuerDigiCert Inc
Subjectwww.gahyqah.com
Fingerprint8A:D6:92:94:41:E8:FD:F0:62:23:5E:D2:DA:E0:C3:7A:E3:ED:A8:40
ValidityFri, 29 Sep 2023 00:00:00 GMT - Sat, 28 Sep 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
7.7 kB (7728 bytes)
Hash
0e909202f16aeb6ed2185717a32c5f1d
6b10b38a3db8af7c0b6782e67757831bcd28d82f
a191aeb6698e816c913f994e9c42a0eed30f3ccb3860d78eb125a5e7f5c3b8dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login.php-~L HTTP/1.1
Host: www.gahyqah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 16 Apr 2024 20:23:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 16 Apr 2024 20:23:03 GMT
pragma: no-cache
server: NginX
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_sDNAy9yly1I8ZuwH9wsG7vJucx0OpbDjp87vUSmeaMzUct2/GRBW1ypMSJBWVerLA5ck5kDuMafK5k3VDE0CmA==
x-cache-miss-from: parking-d5776bf9c-sqjzl
x-powered-by: PHP/8.1.17
X-Firefox-Spdy: h2

www.gahyqah.com/search/tsc.php?200=NTM1NzEyNzg2&21=OTEuOTAuNDIuMTU0&681=MTcxMzI5ODk4MzU2OGE5MDQ2M2ViNmEzNDk3MzkzZWJiYTVhZTgwZjQ1&crc=6f55aba2e4c1cf9bdf3895bbf9ff163c612f1d9f&cv=1

91.195.240.19

200 OK

0 B

URL GET HTTP/2
www.gahyqah.com/search/tsc.php?200=NTM1NzEyNzg2&21=OTEuOTAuNDIuMTU0&681=MTcxMzI5ODk4MzU2OGE5MDQ2M2ViNmEzNDk3MzkzZWJiYTVhZTgwZjQ1&crc=6f55aba2e4c1cf9bdf3895bbf9ff163c612f1d9f&cv=1
IP
91.195.240.19:443
ASN
#47846 SEDO GmbH

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerDigiCert Inc
Subjectwww.gahyqah.com
Fingerprint8A:D6:92:94:41:E8:FD:F0:62:23:5E:D2:DA:E0:C3:7A:E3:ED:A8:40
ValidityFri, 29 Sep 2023 00:00:00 GMT - Sat, 28 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /search/tsc.php?200=NTM1NzEyNzg2&21=OTEuOTAuNDIuMTU0&681=MTcxMzI5ODk4MzU2OGE5MDQ2M2ViNmEzNDk3MzkzZWJiYTVhZTgwZjQ1&crc=6f55aba2e4c1cf9bdf3895bbf9ff163c612f1d9f&cv=1 HTTP/1.1
Host: www.gahyqah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/login.php-~L
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 16 Apr 2024 20:23:03 GMT
server: NginX
x-cache-miss-from: parking-d5776bf9c-f7nwd
x-powered-by: PHP/8.1.17
content-length: 0
X-Firefox-Spdy: h2

img.sedoparking.com/templates/logos/sedo_logo.png

205.234.175.175

200 OK

15 kB

URL GET HTTP/2
img.sedoparking.com/templates/logos/sedo_logo.png
IP
205.234.175.175:443
ASN
#30081 CACHENETWORKS

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerGlobalSign nv-sa
Subject*.cachefly.net
Fingerprint0F:4E:B2:D7:96:B9:94:D0:35:66:76:6C:4B:16:18:49:DE:42:80:71
ValidityMon, 13 Nov 2023 19:46:02 GMT - Sat, 14 Dec 2024 19:46:01 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15086 bytes)
Hash
def00c11b1596db4efee6a9fbe64fc27
bd298981e6d8d7e4ffa18abcf687041f4246672d
95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4

HTTP Headers

GET /templates/logos/sedo_logo.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:23:03 GMT
content-type: image/png
content-length: 15086
access-control-allow-origin: *
cache-control: max-age=604800
expires: Tue, 23 Apr 2024 20:23:03 GMT
x-cfhash: "def00c11b1596db4efee6a9fbe64fc27"
x-cff: B
last-modified: Mon, 11 Jan 2021 07:44:34 GMT
x-cf3: H
cf4age: 741679
x-cf-tsc: 1711642967
cf4ttl: 30794320.000
x-cf2: H
server: CFS 1124
x-cf-reqid: cdc7a68db97262baec3d57e05f70afdd
x-cf1: 11696:fB.arn1:cf:cacheN.arn1-01:H
accept-ranges: bytes
X-Firefox-Spdy: h2

www.adsensecustomsearchads.com/afs/ads/i/iframe.html

216.58.211.14

200 OK

728 B

URL GET HTTP/2
www.adsensecustomsearchads.com/afs/ads/i/iframe.html
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintF3:76:52:2E:82:03:17:59:3A:0C:25:75:49:66:99:4F:AB:15:33:CE
ValidityMon, 04 Mar 2024 06:40:54 GMT - Mon, 27 May 2024 06:40:53 GMT

File type
HTML document, ASCII text, with very long lines (1559)
Size
728 B (728 bytes)
Hash
f4d68f93e19f59ed7b160fd8603b2ba8
1dd3304a0c2e99a214630377c993d6002dcab10c
c1e4646f4414e04bd9ec6b19e8dbd6db777ad84e8db823c690e598cfd1fb6f1b

HTTP Headers

GET /afs/ads/i/iframe.html HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-ijaXNQwt1E1SRY5jJ5xk-w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 728
date: Tue, 16 Apr 2024 20:23:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 06:00:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C44786252&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fwww.gahyqah.com%2Fcaf%2F%3Fses%3DY3JlPTE3MTMyOTg5ODMmdGNpZD13d3cuZ2FoeXFhaC5jb202NjFlZGUyNzQ3MDhhMS42MzU3MDM3MCZ0YXNrPXNlYXJjaCZkb21haW49Z2FoeXFhaC5jb20mYV9pZD0zJnNlc3Npb249LWxCLVNzSmVqeWVrTkdrQ3NRLWs%3D&type=3&uiopt=false&swp=as-drid-2280784292183247&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301447%2C17301481&client_gdprApplies=1&format=r3%7Cs&nocache=501713298983740&num=0&output=afd_ads&domain_name=www.gahyqah.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713298983747&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1146&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=https%3A%2F%2Fwww.gahyqah.com%2Flogin.php-~L

216.58.211.14

200 OK

2.9 kB

URL GET HTTP/2
www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C44786252&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fwww.gahyqah.com%2Fcaf%2F%3Fses%3DY3JlPTE3MTMyOTg5ODMmdGNpZD13d3cuZ2FoeXFhaC5jb202NjFlZGUyNzQ3MDhhMS42MzU3MDM3MCZ0YXNrPXNlYXJjaCZkb21haW49Z2FoeXFhaC5jb20mYV9pZD0zJnNlc3Npb249LWxCLVNzSmVqeWVrTkdrQ3NRLWs%3D&type=3&uiopt=false&swp=as-drid-2280784292183247&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301447%2C17301481&client_gdprApplies=1&format=r3%7Cs&nocache=501713298983740&num=0&output=afd_ads&domain_name=www.gahyqah.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713298983747&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1146&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=https%3A%2F%2Fwww.gahyqah.com%2Flogin.php-~L
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintF3:76:52:2E:82:03:17:59:3A:0C:25:75:49:66:99:4F:AB:15:33:CE
ValidityMon, 04 Mar 2024 06:40:54 GMT - Mon, 27 May 2024 06:40:53 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (13637)
Size
2.9 kB (2894 bytes)
Hash
df979fd653c8f5b9003aa9d165c55d98
32749b8ca59c90a4d341590583e73efacfb55fa9
a068f337dffde56715de57295d4a7ee853ac8c1c55a0a78ce4d1277f5768bb5a

HTTP Headers

GET /afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C44786252&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fwww.gahyqah.com%2Fcaf%2F%3Fses%3DY3JlPTE3MTMyOTg5ODMmdGNpZD13d3cuZ2FoeXFhaC5jb202NjFlZGUyNzQ3MDhhMS42MzU3MDM3MCZ0YXNrPXNlYXJjaCZkb21haW49Z2FoeXFhaC5jb20mYV9pZD0zJnNlc3Npb249LWxCLVNzSmVqeWVrTkdrQ3NRLWs%3D&type=3&uiopt=false&swp=as-drid-2280784292183247&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301447%2C17301481&client_gdprApplies=1&format=r3%7Cs&nocache=501713298983740&num=0&output=afd_ads&domain_name=www.gahyqah.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713298983747&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1146&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=https%3A%2F%2Fwww.gahyqah.com%2Flogin.php-~L HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Tue, 16 Apr 2024 20:23:03 GMT
expires: Tue, 16 Apr 2024 20:23:03 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-YsnHnoUt4wRiuY2YtsAD9A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2894
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.adsensecustomsearchads.com/adsense/domains/caf.js

216.58.211.14

200 OK

75 kB

URL GET HTTP/3
www.adsensecustomsearchads.com/adsense/domains/caf.js
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C44786252&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fwww.gahyqah.com%2Fcaf%2F%3Fses%3DY3JlPTE3MTMyOTg5ODMmdGNpZD13d3cuZ2FoeXFhaC5jb202NjFlZGUyNzQ3MDhhMS42MzU3MDM3MCZ0YXNrPXNlYXJjaCZkb21haW49Z2FoeXFhaC5jb20mYV9pZD0zJnNlc3Npb249LWxCLVNzSmVqeWVrTkdrQ3NRLWs%3D&type=3&uiopt=false&swp=as-drid-2280784292183247&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301447%2C17301481&client_gdprApplies=1&format=r3%7Cs&nocache=501713298983740&num=0&output=afd_ads&domain_name=www.gahyqah.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713298983747&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1146&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=https%3A%2F%2Fwww.gahyqah.com%2Flogin.php-~L
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintF3:76:52:2E:82:03:17:59:3A:0C:25:75:49:66:99:4F:AB:15:33:CE
ValidityMon, 04 Mar 2024 06:40:54 GMT - Mon, 27 May 2024 06:40:53 GMT

File type
gzip compressed data, max compression
Size
75 kB (74673 bytes)
Hash
42dd3077089e5c924894e61a2134181b
8e52760526dde28e44405b1eb765823e4f6493da
3b1ed91718427edee49682dec1617ee3673d729270adc321efc50efda1c18587

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.adsensecustomsearchads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Tue, 16 Apr 2024 20:23:04 GMT
expires: Tue, 16 Apr 2024 20:23:04 GMT
cache-control: private, max-age=3600
etag: "1384710628422246480"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.74.97

200 OK

174 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C44786252&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fwww.gahyqah.com%2Fcaf%2F%3Fses%3DY3JlPTE3MTMyOTg5ODMmdGNpZD13d3cuZ2FoeXFhaC5jb202NjFlZGUyNzQ3MDhhMS42MzU3MDM3MCZ0YXNrPXNlYXJjaCZkb21haW49Z2FoeXFhaC5jb20mYV9pZD0zJnNlc3Npb249LWxCLVNzSmVqeWVrTkdrQ3NRLWs%3D&type=3&uiopt=false&swp=as-drid-2280784292183247&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301447%2C17301481&client_gdprApplies=1&format=r3%7Cs&nocache=501713298983740&num=0&output=afd_ads&domain_name=www.gahyqah.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713298983747&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1146&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=https%3A%2F%2Fwww.gahyqah.com%2Flogin.php-~L
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
SVG Scalable Vector Graphics image
Size
174 B (174 bytes)
Hash
11b3089d616633ca6b73b57aa877eeb4
07632f63e06b30d9b63c97177d3a8122629bda9b
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.adsensecustomsearchads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:37:08 GMT
expires: Wed, 17 Apr 2024 08:37:08 GMT
cache-control: public, max-age=82800
age: 38756
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2

142.250.74.97

200 OK

272 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=3259787283&channel=exp-0051%2Cauxa-control-1%2C44786252&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fwww.gahyqah.com%2Fcaf%2F%3Fses%3DY3JlPTE3MTMyOTg5ODMmdGNpZD13d3cuZ2FoeXFhaC5jb202NjFlZGUyNzQ3MDhhMS42MzU3MDM3MCZ0YXNrPXNlYXJjaCZkb21haW49Z2FoeXFhaC5jb20mYV9pZD0zJnNlc3Npb249LWxCLVNzSmVqeWVrTkdrQ3NRLWs%3D&type=3&uiopt=false&swp=as-drid-2280784292183247&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301447%2C17301481&client_gdprApplies=1&format=r3%7Cs&nocache=501713298983740&num=0&output=afd_ads&domain_name=www.gahyqah.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1713298983747&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1146&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=623135625&rurl=https%3A%2F%2Fwww.gahyqah.com%2Flogin.php-~L
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
SVG Scalable Vector Graphics image
Size
272 B (272 bytes)
Hash
a6ad6e65373db8c1b1f154c4c83f8ce5
84cc007d6d682c589e1e1f87482a5278830f3000
920a378947204498c122722933b3a4b67788a2b6fade8bd0d47cf830eeee0563

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.adsensecustomsearchads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 23:13:52 GMT
expires: Tue, 16 Apr 2024 22:13:52 GMT
cache-control: public, max-age=82800
age: 76152
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=k9pnjhy2fwya&aqid=J94eZp65O_mOxdwPzZig-Ag&pbt=bs&adbx=490&adby=986.0499877929688&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=5%7C0%7C568%7C72%7C39&lle=0&ifv=1&hpt=0

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=k9pnjhy2fwya&aqid=J94eZp65O_mOxdwPzZig-Ag&pbt=bs&adbx=490&adby=986.0499877929688&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=5%7C0%7C568%7C72%7C39&lle=0&ifv=1&hpt=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintF3:76:52:2E:82:03:17:59:3A:0C:25:75:49:66:99:4F:AB:15:33:CE
ValidityMon, 04 Mar 2024 06:40:54 GMT - Mon, 27 May 2024 06:40:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=k9pnjhy2fwya&aqid=J94eZp65O_mOxdwPzZig-Ag&pbt=bs&adbx=490&adby=986.0499877929688&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=5%7C0%7C568%7C72%7C39&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-A3AyaMqxC8BNO3X34STNMw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Tue, 16 Apr 2024 20:23:05 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=5whz7a4biwyd&aqid=J94eZp65O_mOxdwPzZig-Ag&psid=3259787283&pbt=bs&adbx=392&adby=413.04998779296875&adbh=553&adbw=496&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=14%7C0%7C559%7C72%7C39&lle=0&ifv=1&hpt=0

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=5whz7a4biwyd&aqid=J94eZp65O_mOxdwPzZig-Ag&psid=3259787283&pbt=bs&adbx=392&adby=413.04998779296875&adbh=553&adbw=496&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=14%7C0%7C559%7C72%7C39&lle=0&ifv=1&hpt=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintF3:76:52:2E:82:03:17:59:3A:0C:25:75:49:66:99:4F:AB:15:33:CE
ValidityMon, 04 Mar 2024 06:40:54 GMT - Mon, 27 May 2024 06:40:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=5whz7a4biwyd&aqid=J94eZp65O_mOxdwPzZig-Ag&psid=3259787283&pbt=bs&adbx=392&adby=413.04998779296875&adbh=553&adbw=496&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=14%7C0%7C559%7C72%7C39&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-4AyJ8mfK1-BOSLv1wmRkxQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Tue, 16 Apr 2024 20:23:05 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=p5dtqyncdaqk&aqid=J94eZp65O_mOxdwPzZig-Ag&psid=3259787283&pbt=bv&adbx=392&adby=413.04998779296875&adbh=553&adbw=496&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=14%7C0%7C559%7C72%7C39&lle=0&ifv=1&hpt=0

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=p5dtqyncdaqk&aqid=J94eZp65O_mOxdwPzZig-Ag&psid=3259787283&pbt=bv&adbx=392&adby=413.04998779296875&adbh=553&adbw=496&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=14%7C0%7C559%7C72%7C39&lle=0&ifv=1&hpt=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintF3:76:52:2E:82:03:17:59:3A:0C:25:75:49:66:99:4F:AB:15:33:CE
ValidityMon, 04 Mar 2024 06:40:54 GMT - Mon, 27 May 2024 06:40:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=p5dtqyncdaqk&aqid=J94eZp65O_mOxdwPzZig-Ag&psid=3259787283&pbt=bv&adbx=392&adby=413.04998779296875&adbh=553&adbw=496&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=14%7C0%7C559%7C72%7C39&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-CAuh61JBL0M8Z-nOBInKSg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Tue, 16 Apr 2024 20:23:06 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=p6e986vg3yoo&aqid=J94eZp65O_mOxdwPzZig-Ag&pbt=bv&adbx=490&adby=986.0499877929688&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=5%7C0%7C568%7C72%7C39&lle=0&ifv=1&hpt=0

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=p6e986vg3yoo&aqid=J94eZp65O_mOxdwPzZig-Ag&pbt=bv&adbx=490&adby=986.0499877929688&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=5%7C0%7C568%7C72%7C39&lle=0&ifv=1&hpt=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintF3:76:52:2E:82:03:17:59:3A:0C:25:75:49:66:99:4F:AB:15:33:CE
ValidityMon, 04 Mar 2024 06:40:54 GMT - Mon, 27 May 2024 06:40:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=p6e986vg3yoo&aqid=J94eZp65O_mOxdwPzZig-Ag&pbt=bv&adbx=490&adby=986.0499877929688&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=623135625&csala=5%7C0%7C568%7C72%7C39&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ykD0KtUk771a8vwk0YbUKA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Tue, 16 Apr 2024 20:23:06 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/adsense/domains/caf.js

142.250.74.164

200 OK

191 kB

URL GET HTTP/2
www.google.com/adsense/domains/caf.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.gahyqah.com/login.php-~L
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06
ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT

File type
JavaScript source, ASCII text, with very long lines (2247)
Size
191 kB (191015 bytes)
Hash
c990091375893edb85ded051e06583f2
82fd16ab35b63d29af901b93a4d923b62934d3cd
f13024dfb05dccf8e4bfaf8be6198146ce5e0e862ed5eeadaeca3ca938baf810

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gahyqah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Tue, 16 Apr 2024 20:23:03 GMT
expires: Tue, 16 Apr 2024 20:23:03 GMT
cache-control: private, max-age=3600
etag: "18075907918550314966"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL User Request GET

IP

ASN

File type