ww16.irisiln.ga/
7.0 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10263)
Hash ed8588754336535df7aa973613c57fda
4227db1c25f250d1bf816407eed8f8de4d96bfcc
80d5297466d83c6816c38fe8bb3440b8900c7b21db2ec42b36f66a80ebf70150
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET / HTTP/1.1
Host: ww16.irisiln.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Wed, 15 Nov 2023 14:03:01 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.17
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_v+lpAdWluv1SzZvKWheWLgNktqWWhvEm3U7wB0KFCXBEC+2/xbBETt8eUlQKaX4uUGImqgsL38p8Nr9RGidrbA==
last-modified: Wed, 15 Nov 2023 14:03:01 GMT
x-cache-miss-from: parking-698fb476bf-xftqn
server: NginX
content-encoding: gzip
img.sedoparking.com/templates/bg/multi-arrows.png
200 OK 2.5 kB URL GET HTTP/1.1 img.sedoparking.com/templates/bg/multi-arrows.png
IP
Requested by http://ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
File type PNG image data, 150 x 699, 8-bit colormap, non-interlaced\012- data
Hash 53f75042704429bbc0e7b7f6e85bcb1d
f5f38bd2b62556831782ee4c28456c33323926ce
bdb38096f60e6d8afd62265287852a6c82a818ec048e0288a88f2b96b4b8f475
GET /templates/bg/multi-arrows.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww16.irisiln.ga/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 15 Nov 2023 14:03:02 GMT
Content-Type: image/png
Content-Length: 2531
Connection: keep-alive
Access-Control-Allow-Origin: *
X-CFF: B
Last-Modified: Mon, 19 Dec 2022 10:23:48 GMT
X-CF3: H
CF4Age: 0
x-cf-tsc: 1700056323
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: a2c18d6efc28cee130cfa8f825ee40ef
X-CF1: 11696:fA.arn1:nom:cacheN.arn1-01:H
Accept-Ranges: bytes
ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
200 OK 7.1 kB URL User Request GET HTTP/1.1 ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10618)
Hash e3ad2adc0937238d19875d88f39d4516
e3437809a91ba595ebc1b9e1a731009151dbb6c4
da83c24f3218d0c47ccb02a8b4fd046313f30b877cdf75fccdd143eb023d4524
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /?sub1=20231116-0101-5443-8a09-cb03aeab5167 HTTP/1.1
Host: ww16.irisiln.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Wed, 15 Nov 2023 14:03:02 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.17
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_KRIw0wiTarnudUlu1I/s0MCkwEPdXWFLcmA1akOomsdZx2EUAOBcqvyjEYlFplOlG+PkqZyjhr8mB0hu4aNSMw==
last-modified: Wed, 15 Nov 2023 14:03:01 GMT
x-cache-miss-from: parking-698fb476bf-mbx66
server: NginX
content-encoding: gzip
www.google.com/adsense/domains/caf.js
200 OK 54 kB URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js
IP
Requested by http://ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
File type ASCII text, with very long lines (1888)
Hash 0808101bcc6e1191c5b6073e31bcb441
325317ef7ae2592656dcabfb8462b40f3e3ebc08
39359651a0d752d1e777094fd9deed5e4c5993ff6b2aebfd855761f41369b13e
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww16.irisiln.ga/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Wed, 15 Nov 2023 14:03:02 GMT
Expires: Wed, 15 Nov 2023 14:03:02 GMT
Cache-Control: private, max-age=3600
ETag: "12169742205723775177"
X-Content-Type-Options: nosniff
Link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
ww16.irisiln.ga/search/tsc.php?200=NTQxMzk0Mzgz&21=OTEuOTAuNDIuMTU0&681=MTcwMDA1Njk4MmM1YjkwMGQ0ZDg0ZjdmMzc0OGM3NzhiMjk3OGNkNTkz&crc=3608cfdbefe70f228bb84d111b35857674c1992f&cv=1
200 OK 0 B URL GET HTTP/1.1 ww16.irisiln.ga/search/tsc.php?200=NTQxMzk0Mzgz&21=OTEuOTAuNDIuMTU0&681=MTcwMDA1Njk4MmM1YjkwMGQ0ZDg0ZjdmMzc0OGM3NzhiMjk3OGNkNTkz&crc=3608cfdbefe70f228bb84d111b35857674c1992f&cv=1
IP
Requested by http://ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /search/tsc.php?200=NTQxMzk0Mzgz&21=OTEuOTAuNDIuMTU0&681=MTcwMDA1Njk4MmM1YjkwMGQ0ZDg0ZjdmMzc0OGM3NzhiMjk3OGNkNTkz&crc=3608cfdbefe70f228bb84d111b35857674c1992f&cv=1 HTTP/1.1
Host: ww16.irisiln.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Wed, 15 Nov 2023 14:03:02 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.17
x-cache-miss-from: parking-698fb476bf-xqxcz
server: NginX
img.sedoparking.com/templates/logos/sedo_logo.png
200 OK 15 kB URL GET HTTP/1.1 img.sedoparking.com/templates/logos/sedo_logo.png
IP
Requested by http://ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash def00c11b1596db4efee6a9fbe64fc27
bd298981e6d8d7e4ffa18abcf687041f4246672d
95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4
GET /templates/logos/sedo_logo.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww16.irisiln.ga/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 15 Nov 2023 14:03:02 GMT
Content-Type: image/png
Content-Length: 15086
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Wed, 22 Nov 2023 14:03:02 GMT
X-CFHash: "def00c11b1596db4efee6a9fbe64fc27"
X-CFF: B
Last-Modified: Mon, 11 Jan 2021 07:44:34 GMT
X-CF3: H
CF4Age: 0
x-cf-tsc: 1700056313
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: fb96d973f3cdc35647994d5d5265b51a
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
www.adsensecustomsearchads.com/afs/ads/i/iframe.html
200 OK 727 B URL GET HTTP/2 www.adsensecustomsearchads.com/afs/ads/i/iframe.html
IP
Requested by http://ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
Fingerprint5E:E9:56:77:00:6B:F7:41:C9:A9:BA:29:99:1A:B9:B6:0B:69:F0:FE
ValidityMon, 16 Oct 2023 08:04:08 GMT - Mon, 08 Jan 2024 08:04:07 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Hash a1776913a810d81ad79ddd8a7680518b
c7f20202360ad4b3fa9484e71d29f44715e077dd
5e172622293dc138801e8e41996f143ef284863856e729722d4c678170c00b47
GET /afs/ads/i/iframe.html HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww16.irisiln.ga/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-wrwrxJ5D1v0E-hpnYiibUg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 727
date: Wed, 15 Nov 2023 14:03:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 14 Nov 2023 07:00:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=7154764821&channel=exp-0057%2Cexp-0051%2Cauxa-control-1%2C445328&client=dp-sedo92_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww16.irisiln.ga%2Fcaf%2F%3Fses%3DY3JlPTE3MDAwNTY5ODImdGNpZD13dzE2LmlyaXNpbG4uZ2E2NTU0Y2Y5NjA4ZjljOS4xNDU0ODE4MCZ0YXNrPXNlYXJjaCZkb21haW49aXJpc2lsbi5nYSZhX2lkPTMmc2Vzc2lvbj1NdEF0M19hckpuQS1SRW82cGtRNg%3D%3D&type=3&uiopt=false&swp=as-drid-2777688820344496&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r6%7Cs&nocache=4541700056982834&num=0&output=afd_ads&domain_name=ww16.irisiln.ga&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1700056982842&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1424&frm=0&cl=579967862&uio=--&cont=rb-default&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww16.irisiln.ga%2F%3Fsub1%3D20231116-0101-5443-8a09-cb03aeab5167
200 OK 587 B URL GET HTTP/2 www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=7154764821&channel=exp-0057%2Cexp-0051%2Cauxa-control-1%2C445328&client=dp-sedo92_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww16.irisiln.ga%2Fcaf%2F%3Fses%3DY3JlPTE3MDAwNTY5ODImdGNpZD13dzE2LmlyaXNpbG4uZ2E2NTU0Y2Y5NjA4ZjljOS4xNDU0ODE4MCZ0YXNrPXNlYXJjaCZkb21haW49aXJpc2lsbi5nYSZhX2lkPTMmc2Vzc2lvbj1NdEF0M19hckpuQS1SRW82cGtRNg%3D%3D&type=3&uiopt=false&swp=as-drid-2777688820344496&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r6%7Cs&nocache=4541700056982834&num=0&output=afd_ads&domain_name=ww16.irisiln.ga&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1700056982842&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1424&frm=0&cl=579967862&uio=--&cont=rb-default&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww16.irisiln.ga%2F%3Fsub1%3D20231116-0101-5443-8a09-cb03aeab5167
IP
Requested by http://ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
Fingerprint5E:E9:56:77:00:6B:F7:41:C9:A9:BA:29:99:1A:B9:B6:0B:69:F0:FE
ValidityMon, 16 Oct 2023 08:04:08 GMT - Mon, 08 Jan 2024 08:04:07 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (634)
Hash 91875c0cae7d340237608759100d018f
71e16038db5f7dea0fe1214972f4ef8753bfe5a0
bc2ef44ec92debf7c0c6cd04ebf9c700c4ff03eacf8bb1d408f0a03ae0519d91
GET /afs/ads?adsafe=low&adtest=off&psid=7154764821&channel=exp-0057%2Cexp-0051%2Cauxa-control-1%2C445328&client=dp-sedo92_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww16.irisiln.ga%2Fcaf%2F%3Fses%3DY3JlPTE3MDAwNTY5ODImdGNpZD13dzE2LmlyaXNpbG4uZ2E2NTU0Y2Y5NjA4ZjljOS4xNDU0ODE4MCZ0YXNrPXNlYXJjaCZkb21haW49aXJpc2lsbi5nYSZhX2lkPTMmc2Vzc2lvbj1NdEF0M19hckpuQS1SRW82cGtRNg%3D%3D&type=3&uiopt=false&swp=as-drid-2777688820344496&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r6%7Cs&nocache=4541700056982834&num=0&output=afd_ads&domain_name=ww16.irisiln.ga&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1700056982842&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1424&frm=0&cl=579967862&uio=--&cont=rb-default&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww16.irisiln.ga%2F%3Fsub1%3D20231116-0101-5443-8a09-cb03aeab5167 HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww16.irisiln.ga/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Wed, 15 Nov 2023 14:03:02 GMT
expires: Wed, 15 Nov 2023 14:03:02 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-VF36_1pyTEcQWiyqJBdO5g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 587
x-xss-protection: 0
set-cookie: CONSENT=PENDING+483; expires=Fri, 14-Nov-2025 14:03:02 GMT; path=/; domain=.adsensecustomsearchads.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ww16.irisiln.ga/search/fb.php?ses=6e6d4b30a54f20c901700056982e9d3a52b63789e4&ec=23
403 Forbidden 82 B URL GET HTTP/1.1 ww16.irisiln.ga/search/fb.php?ses=6e6d4b30a54f20c901700056982e9d3a52b63789e4&ec=23
IP
Requested by http://ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
File type exported SGML document, ASCII text
Hash b8c4d1fac45db0a65d6b29a24cd03b98
cbfef348d832c6f9314bcf2d769134de3f780bdf
6b83ac6820cafb971566055f48729373b4be5a9743eb6bbc12b40fc568d2f9c3
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /search/fb.php?ses=6e6d4b30a54f20c901700056982e9d3a52b63789e4&ec=23 HTTP/1.1
Host: ww16.irisiln.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww16.irisiln.ga/?sub1=20231116-0101-5443-8a09-cb03aeab5167
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
date: Wed, 15 Nov 2023 14:03:03 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.17
x-cache-miss-from: parking-698fb476bf-lvhcl
server: NginX
content-encoding: gzip
www.adsensecustomsearchads.com/adsense/domains/caf.js
200 OK 150 kB URL GET HTTP/3 www.adsensecustomsearchads.com/adsense/domains/caf.js
IP
Requested by https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=7154764821&channel=exp-0057%2Cexp-0051%2Cauxa-control-1%2C445328&client=dp-sedo92_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww16.irisiln.ga%2Fcaf%2F%3Fses%3DY3JlPTE3MDAwNTY5ODImdGNpZD13dzE2LmlyaXNpbG4uZ2E2NTU0Y2Y5NjA4ZjljOS4xNDU0ODE4MCZ0YXNrPXNlYXJjaCZkb21haW49aXJpc2lsbi5nYSZhX2lkPTMmc2Vzc2lvbj1NdEF0M19hckpuQS1SRW82cGtRNg%3D%3D&type=3&uiopt=false&swp=as-drid-2777688820344496&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r6%7Cs&nocache=4541700056982834&num=0&output=afd_ads&domain_name=ww16.irisiln.ga&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1700056982842&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1424&frm=0&cl=579967862&uio=--&cont=rb-default&jsid=caf&jsv=579967862&rurl=http%3A%2F%2Fww16.irisiln.ga%2F%3Fsub1%3D20231116-0101-5443-8a09-cb03aeab5167
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
Fingerprint5E:E9:56:77:00:6B:F7:41:C9:A9:BA:29:99:1A:B9:B6:0B:69:F0:FE
ValidityMon, 16 Oct 2023 08:04:08 GMT - Mon, 08 Jan 2024 08:04:07 GMT
File type ASCII text, with very long lines (1888)
Size 150 kB (149649 bytes)
Hash 295c98d1ef062dc83574af065c768d68
8db1bf9d4d203fda081389f9099fae82fce9995a
0dcbe293f090c78fd766dca3b924bd45bb58ede279aab98705b8e57b6b189c8f
GET /adsense/domains/caf.js HTTP/1.1
Host: www.adsensecustomsearchads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.adsensecustomsearchads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 15 Nov 2023 14:03:03 GMT
expires: Wed, 15 Nov 2023 14:03:03 GMT
cache-control: private, max-age=3600
etag: "17662540289770248759"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
64.190.63.136
205.234.175.175