Report - qetyvep.com/YanWZ/login.php/

Report Overview

Submitted URL
qetyvep.com/YanWZ/login.php/
IP
72.14.185.43
ASN
#63949 Linode, LLC
Submitted
2023-06-06 02:30:43
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
qetyvep.com	unknown	2022-06-10	2012-12-01	2023-06-06	2.4 kB	1.9 kB	45.33.30.197
www1.qetyvep.com	unknown	2022-06-10	2023-04-26	2023-06-05	2.3 kB	8.0 kB	13.248.148.254
www.google.com	7	1997-09-15	2015-05-10	2023-06-05	3.7 kB	116 kB	216.58.207.228
d38psrni17bvxu.cloudfront.net	unknown	2008-04-25	2022-09-22	2023-06-05	398 B	12 kB	54.230.245.8
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-05	1.7 kB	3.5 kB	142.250.74.131
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2023-06-05	969 B	2.2 kB	142.250.74.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com
2023-06-06	medium	qetyvep.com

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	968 B	2023-03-08	2024-04-19
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:24:08 Last Seen2024-04-19 15:56:40 Times Seen27678 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	703 B	2023-06-06	2023-06-06
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-06 04:30:44 Last Seen2023-06-06 04:30:44 Times Seen1 Hash 7977ddb3c6a99bb9cdd477d8879d1d78 bb8979b912ea351675b08518383cea1bd5f71555 4090dd3c76104aaa131122c0d64e4518003f3a12492b070b9b51bd4d72498fa7 Loading...

	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	246 B	2023-06-06	2023-06-06
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-06 04:30:44 Last Seen2023-06-06 04:30:44 Times Seen1 Hash aa65b2c79b5e67fa9651821f8b515326 84f987817983e5ec07c0be9861c9224f2395f1e0 6499f85da76793931c2e963c50d6ebc10bc068f85237916c644dd638cc47d622 Loading...

	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	7.0 kB	2023-03-13	2024-01-03
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:10:31 Last Seen2024-01-03 14:22:39 Times Seen25920 Hash 04b2b624f94797c26d17a57f399d9356 3143986e839c47a5c1eff03bd9df63ecc54dca9c 233b1cbfb295a0629bcf68a2a4198a62132f02ee1f061ada2ce7143bd5d2dabb Loading...

	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	1.2 kB	2023-06-06	2023-06-06
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-06 04:30:44 Last Seen2023-06-06 04:30:44 Times Seen1 Hash 7ed41b74846bd6aabe48523aa1496aca 4de15e00d356f2e4b137e7e5849cb717bc6f0265 5bff9ddded40d507b9ac989805f3ee73b3139c72c0938ac602f956779d07e99c Loading...

	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	20 B	2023-03-12	2024-01-03
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 13:00:05 Last Seen2024-01-03 14:22:39 Times Seen13851 Hash bb9472ed191ad69435d630c50e139a17 4efa10c70dbfe37ec4c8bb5a04b907c549de7e3d eec645c8d410f4d6accc5c4c3326bbff80fdd9d105e423ad50c5c87b22845492 Loading...

	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	65 B	2023-04-26	2023-06-14
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-26 08:12:50 Last Seen2023-06-14 17:03:12 Times Seen3080 Hash 88509ad33225897bf131e892ee5c9f35 0f2aa7edc79aad77334a6d25e193d9d63f546bec c74f823d97f995f1209cb84aeed9653cca3b2f90c308d9dff3e135250c6c8974 Loading...

	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	472 B	2023-03-13	2024-01-03
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:13:46 Last Seen2024-01-03 14:22:39 Times Seen25251 Hash d31eefc1e54bdae9204297e4ae5b9cce fc49bf319586a623670a81c01d43bbd93b477fbb 2683a6247a15433dd269eaefbc7131b1326c7bc0146361913ea10ad8fa23bb14 Loading...

	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	669 B	2023-06-06	2023-06-06
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-06 04:30:44 Last Seen2023-06-06 04:30:44 Times Seen1 Hash a62948b84e10b215c44a555350365e9f e50cdc1d56f7f59096794d26bb9c070238a9c1a4 4e5a66dc3ce6b51a7a8bb2dab859a24cf5f5fe08ac411079e722e926145f117c Loading...

	www.google.com/adsense/domains/caf.js?abp=1	148 kB	2023-06-01	2023-06-07
Pretty URL www.google.com/adsense/domains/caf.js?abp=1 IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 21:04:47 Last Seen2023-06-07 14:52:15 Times Seen595 Hash 4572aa32939156690f34b65b7c2b6c1c 262b13f69e548577f25a62256a541f6780235e49 6250014665f82b65e29a3ce71e8f7564155b83ed4ade3ef805eb9594316794d1 Loading...

	www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.qetyvep.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdlOWE0Mzg0MmQ1fHx8MTY4NjAxODYyNy41NDg0fGFkYTFjMzFhM2M5MDkzNmI2YzlmMWJlMjRkZDI2MzVlYTZmM2Q1NGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZzJNREU0TmpJd0xqQXhOVEUwT1RBd01EQWlmUT09fGM5NTZmMGVhY2IyZmVmZDZjNWQ1ZDE4OWIzYmQ2NzBlMDBjZGZmZWJ8MHxkcC10ZWFtaW50ZXJuZXQwOV8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2920222099909144&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301182%2C17301185&format=r3%7Cs&nocache=7751686018627248&num=0&output=afd_ads&domain_name=www1.qetyvep.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686018627250&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fwww1.qetyvep.com%2F%3Ftm%3D1%26subid4%3D1686018620.0151490000&adbw=master-1%3A530	7.1 kB	2023-06-06	2023-06-06
Pretty URL www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.qetyvep.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdlOWE0Mzg0MmQ1fHx8MTY4NjAxODYyNy41NDg0fGFkYTFjMzFhM2M5MDkzNmI2YzlmMWJlMjRkZDI2MzVlYTZmM2Q1NGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZzJNREU0TmpJd0xqQXhOVEUwT1RBd01EQWlmUT09fGM5NTZmMGVhY2IyZmVmZDZjNWQ1ZDE4OWIzYmQ2NzBlMDBjZGZmZWJ8MHxkcC10ZWFtaW50ZXJuZXQwOV8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2920222099909144&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301182%2C17301185&format=r3%7Cs&nocache=7751686018627248&num=0&output=afd_ads&domain_name=www1.qetyvep.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686018627250&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fwww1.qetyvep.com%2F%3Ftm%3D1%26subid4%3D1686018620.0151490000&adbw=master-1%3A530 IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-06 04:30:44 Last Seen2023-06-06 04:30:44 Times Seen1 Hash 9abfd7bcebec7ce8adbd3d60657a6c05 4de064dbf7b5d0e66ef1f4c32fb5b05136938e86 e2e92a9097faaf4c2264c96231698ea58302d0435dceed767329769f21a681ab Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-06-02	2023-06-07
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 04:35:41 Last Seen2023-06-07 12:24:14 Times Seen13 Hash e0c00bbe30bfaf63859d2441e1f03b30 e20811820910aeac6d02dee1f123c85297441208 5bd94ae205f0a3848e3c5a12e595c68b3e4cac8e381d8daec18e4ffdc957ba54 Loading...

	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	40 B	2023-04-18	2023-06-27
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 09:10:37 Last Seen2023-06-27 14:44:07 Times Seen10821 Hash bcdb5f35f5da29644017c63a72a72921 5bd1c81154b546c01c88b02fdb29b687f0c9cef3 a71d2bc0274b66fc2cb2c8daf1bf8b8a6a4cbfd5bd1e30574e9abb61aa9c3983 Loading...

	www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000	71 B	2023-03-08	2024-01-04
Pretty URL www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:23:53 Last Seen2024-01-04 08:38:22 Times Seen25410 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

HTTP Transactions (22)

URL IP Response Size

qetyvep.com/YanWZ/login.php/

45.33.30.197

0 B

URL
qetyvep.com/YanWZ/login.php/
IP
45.33.30.197:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /YanWZ/login.php/ HTTP/1.1
Host: qetyvep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
content-length: 0
location: http://qetyvep.com/YanWZ/login.php/
cache-control: no-cache
set-cookie: mtmssl=1; path=/;

qetyvep.com/YanWZ/login.php/

45.79.19.196

561 B

URL
qetyvep.com/YanWZ/login.php/
IP
45.79.19.196:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (333)
Size
561 B (561 bytes)
Hash
380f804a328f10982923767f1340ea75
1e5a36b4c5c3490467a0c7911c534bad6d641cd8
dbdf97e46214696e2afa2d158739025eadc3e14a2db6dda43592036ef3b19f08

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /YanWZ/login.php/ HTTP/1.1
Host: qetyvep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: mtmssl=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 06 Jun 2023 02:30:26 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close

qetyvep.com/YanWZ/login.php?gp=1&js=1&uuid=1686018626.0088699518&other_args=eyJ1cmkiOiAiL1lhbldaL2xvZ2luLnBocCIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9

45.33.30.197

302 Found

0 B

URL User Request GET HTTP/1.1
qetyvep.com/YanWZ/login.php?gp=1&js=1&uuid=1686018626.0088699518&other_args=eyJ1cmkiOiAiL1lhbldaL2xvZ2luLnBocCIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9
IP
45.33.30.197:80
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /YanWZ/login.php?gp=1&js=1&uuid=1686018626.0088699518&other_args=eyJ1cmkiOiAiL1lhbldaL2xvZ2luLnBocCIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 HTTP/1.1
Host: qetyvep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://qetyvep.com/YanWZ/login.php/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: mtmssl=1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
content-length: 0
location: http://qetyvep.com/YanWZ/login.php?gp=1&js=1&uuid=1686018626.0088699518&other_args=eyJ1cmkiOiAiL1lhbldaL2xvZ2luLnBocCIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9
cache-control: no-cache
set-cookie: mtmssl=1; path=/;

45.33.2.79

302 Found

0 B

URL User Request GET HTTP/1.1
qetyvep.com/YanWZ/login.php?gp=1&js=1&uuid=1686018626.0088699518&other_args=eyJ1cmkiOiAiL1lhbldaL2xvZ2luLnBocCIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9
IP
45.33.2.79:80
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /YanWZ/login.php?gp=1&js=1&uuid=1686018626.0088699518&other_args=eyJ1cmkiOiAiL1lhbldaL2xvZ2luLnBocCIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 HTTP/1.1
Host: qetyvep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://qetyvep.com/
DNT: 1
Connection: keep-alive
Cookie: mtmssl=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Tue, 06 Jun 2023 02:30:27 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000
referrer-policy: no-referrer
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJxZXR5dmVwLmNvbSIsImh0dHA6Ly93d3cxLnFldHl2ZXAuY29tLz90bT0xJnN1YmlkND0xNjg2MDE4NjIwLjAxNTE0OTAwMDAiLDEsIjIwMjMtMDYtMDYgMDI6MzA6MjAiLDIsIjE2ODYwMTg2MjAuMDE1MTQ5ODE3OCIsNTUyLG51bGwsbnVsbF0:1q6MSp:Ti2y_VcOio9UByo6g9gawX6s_JU; expires=Tue, 06-Jun-2023 03:30:27 GMT; Max-Age=3600; Path=/
connection: close

www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000

13.248.148.254

200 OK

5.5 kB

URL User Request GET HTTP/1.1
www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000
IP
13.248.148.254:80
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1264)
Size
5.5 kB (5531 bytes)
Hash
cdd3e1d82d0fdd3bacb257614a45840c
d51d861ef75d061a740d7d788ccdecf1a1c462b0
b53ab5767edb10084705b3dcbbbecd9734dbb036595a7040cc3decf89adbef1e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /?tm=1&subid4=1686018620.0151490000 HTTP/1.1
Host: www1.qetyvep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Jun 2023 02:30:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket102
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_cSkyAhu7YvfxboAiGaLBB/3Nh7ouJH3qSXGQMOPeox/8/5v7uWkVxfXaqV0vZ8tZNpcuScNV9GfWqZ+f2TeZZQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: qetyvep.com
X-Subdomain: www1
Content-Encoding: gzip

www.google.com/adsense/domains/caf.js?abp=1

216.58.207.228

200 OK

54 kB

URL GET HTTP/1.1
www.google.com/adsense/domains/caf.js?abp=1
IP
216.58.207.228:80
ASN
#15169 GOOGLE

Requested by
http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000

File type
ASCII text, with very long lines (2125)
Size
54 kB (53981 bytes)
Hash
4572aa32939156690f34b65b7c2b6c1c
262b13f69e548577f25a62256a541f6780235e49
6250014665f82b65e29a3ce71e8f7564155b83ed4ade3ef805eb9594316794d1

HTTP Headers

GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www1.qetyvep.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Tue, 06 Jun 2023 02:30:27 GMT
Expires: Tue, 06 Jun 2023 02:30:27 GMT
Cache-Control: private, max-age=3600
ETag: "14519354767292458831"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

www1.qetyvep.com/track.php?domain=qetyvep.com&toggle=browserjs&uid=MTY4NjAxODYyNy41NDE0OmY5OGE3YTZlOTIyN2EyZWJkNTE3YjNmYjMzYTIzZmViMzQwMjBmYTE4ZWY0YmUzNGZjNjg4MzVjMTcxOWVjY2M6NjQ3ZTlhNDM4NDJmMg%3D%3D

13.248.148.254

200 OK

20 B

URL GET HTTP/1.1
www1.qetyvep.com/track.php?domain=qetyvep.com&toggle=browserjs&uid=MTY4NjAxODYyNy41NDE0OmY5OGE3YTZlOTIyN2EyZWJkNTE3YjNmYjMzYTIzZmViMzQwMjBmYTE4ZWY0YmUzNGZjNjg4MzVjMTcxOWVjY2M6NjQ3ZTlhNDM4NDJmMg%3D%3D
IP
13.248.148.254:80
ASN
#16509 AMAZON-02

Requested by
http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /track.php?domain=qetyvep.com&toggle=browserjs&uid=MTY4NjAxODYyNy41NDE0OmY5OGE3YTZlOTIyN2EyZWJkNTE3YjNmYjMzYTIzZmViMzQwMjBmYTE4ZWY0YmUzNGZjNjg4MzVjMTcxOWVjY2M6NjQ3ZTlhNDM4NDJmMg%3D%3D HTTP/1.1
Host: www1.qetyvep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Jun 2023 02:30:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

www1.qetyvep.com/ls.php?t=647e9a43&token=c956f0eacb2fefd6c5d5d189b3bd670e00cdffeb

13.248.148.254

201 Created

16 B

URL GET HTTP/1.1
www1.qetyvep.com/ls.php?t=647e9a43&token=c956f0eacb2fefd6c5d5d189b3bd670e00cdffeb
IP
13.248.148.254:80
ASN
#16509 AMAZON-02

Requested by
http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ls.php?t=647e9a43&token=c956f0eacb2fefd6c5d5d189b3bd670e00cdffeb HTTP/1.1
Host: www1.qetyvep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000
Cookie: GoogleAdServingTest=Good
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 201 Created
Date: Tue, 06 Jun 2023 02:30:27 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 647e9a439619872a3a701017
Charset: utf-8
Access-Control-Allow-Origin: 
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_mGKUDisg87T4VEFTVwTe1BQVWRPJoRxc9BvXb3mJgTN39mIJKqQ6mON8usmnJUNyaI/WLYcLqfkIqfbVajzGgA==

d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png

54.230.245.8

200 OK

11 kB

URL GET HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP
54.230.245.8:80
ASN
#16509 AMAZON-02

Requested by
http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000

File type
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11375 bytes)
Hash
0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

HTTP Headers

GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www1.qetyvep.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Tue, 06 Jun 2023 01:25:07 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XNiprrJ-rdhFVhmA4bnPyvt8TPW6QesQasviGczggDadq7hzm7BTIA==
Age: 3920

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4213a8781121945333307a54d318355d
131499425454e1b0d402cb56534a5425feb8b9aa
6d874c13595072502141c93df344de38934313ac583be6569e370aa5a549a5e4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Jun 2023 02:30:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.qetyvep.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdlOWE0Mzg0MmQ1fHx8MTY4NjAxODYyNy41NDg0fGFkYTFjMzFhM2M5MDkzNmI2YzlmMWJlMjRkZDI2MzVlYTZmM2Q1NGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZzJNREU0TmpJd0xqQXhOVEUwT1RBd01EQWlmUT09fGM5NTZmMGVhY2IyZmVmZDZjNWQ1ZDE4OWIzYmQ2NzBlMDBjZGZmZWJ8MHxkcC10ZWFtaW50ZXJuZXQwOV8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2920222099909144&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301182%2C17301185&format=r3%7Cs&nocache=7751686018627248&num=0&output=afd_ads&domain_name=www1.qetyvep.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686018627250&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fwww1.qetyvep.com%2F%3Ftm%3D1%26subid4%3D1686018620.0151490000&adbw=master-1%3A530

216.58.207.228

200 OK

2.5 kB

URL GET HTTP/2
www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.qetyvep.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdlOWE0Mzg0MmQ1fHx8MTY4NjAxODYyNy41NDg0fGFkYTFjMzFhM2M5MDkzNmI2YzlmMWJlMjRkZDI2MzVlYTZmM2Q1NGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZzJNREU0TmpJd0xqQXhOVEUwT1RBd01EQWlmUT09fGM5NTZmMGVhY2IyZmVmZDZjNWQ1ZDE4OWIzYmQ2NzBlMDBjZGZmZWJ8MHxkcC10ZWFtaW50ZXJuZXQwOV8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2920222099909144&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301182%2C17301185&format=r3%7Cs&nocache=7751686018627248&num=0&output=afd_ads&domain_name=www1.qetyvep.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686018627250&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fwww1.qetyvep.com%2F%3Ftm%3D1%26subid4%3D1686018620.0151490000&adbw=master-1%3A530
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6248)
Size
2.5 kB (2514 bytes)
Hash
8be5cb0f2ec0f90edba149fa9717ac3e
64b019b6608d17d33e2cabbd1a4697ed92458038
d707d203d0b21fed7c97bf7f614508e4144f49710e06703d04660aacc0759f4b

HTTP Headers

GET /afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.qetyvep.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdlOWE0Mzg0MmQ1fHx8MTY4NjAxODYyNy41NDg0fGFkYTFjMzFhM2M5MDkzNmI2YzlmMWJlMjRkZDI2MzVlYTZmM2Q1NGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZzJNREU0TmpJd0xqQXhOVEUwT1RBd01EQWlmUT09fGM5NTZmMGVhY2IyZmVmZDZjNWQ1ZDE4OWIzYmQ2NzBlMDBjZGZmZWJ8MHxkcC10ZWFtaW50ZXJuZXQwOV8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2920222099909144&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301182%2C17301185&format=r3%7Cs&nocache=7751686018627248&num=0&output=afd_ads&domain_name=www1.qetyvep.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686018627250&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fwww1.qetyvep.com%2F%3Ftm%3D1%26subid4%3D1686018620.0151490000&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www1.qetyvep.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Tue, 06 Jun 2023 02:30:27 GMT
expires: Tue, 06 Jun 2023 02:30:27 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-f477y90X9JBJjefXM0OxmQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 2514
x-xss-protection: 0
set-cookie: NID=511=XGD8inp_jhkwFvCq_r6ikkgT38yq1stI3gtwDux31f9TNn2m5Ya9SQB9WSCxhCO_rD0E9GWSM4II2lVVXMzZiMbRoD6dJ5jW1_iDg_XaBr6-Q073hdiOjyo2ElIMdV_nqM8ooYAKdtgE4F2QIA5x_PeS1eUe19O4eQ2mUmhRriI; expires=Wed, 06-Dec-2023 02:30:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+645; expires=Thu, 05-Jun-2025 02:30:27 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
228335310e064064e595f506f85bce16
be51dc4247d0c1f4930bcb48acf84b684ab39c63
11e3db6caae7ff90f20e7edf253909003afc8243a8524190c1a7fa8f7d5e944a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Jun 2023 02:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c3877f8c5e69ab86800072785d542359
1696ca3d3c82f96f9044539d9194d0709205919e
cbafcae3cc98d92e14fa2a5d8c12238d9ae8765a2f2f14dd897b6eadd5019bb0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Jun 2023 02:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c3877f8c5e69ab86800072785d542359
1696ca3d3c82f96f9044539d9194d0709205919e
cbafcae3cc98d92e14fa2a5d8c12238d9ae8765a2f2f14dd897b6eadd5019bb0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Jun 2023 02:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/adsense/domains/caf.js

216.58.207.228

200 OK

54 kB

URL GET HTTP/3
www.google.com/adsense/domains/caf.js
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.qetyvep.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdlOWE0Mzg0MmQ1fHx8MTY4NjAxODYyNy41NDg0fGFkYTFjMzFhM2M5MDkzNmI2YzlmMWJlMjRkZDI2MzVlYTZmM2Q1NGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZzJNREU0TmpJd0xqQXhOVEUwT1RBd01EQWlmUT09fGM5NTZmMGVhY2IyZmVmZDZjNWQ1ZDE4OWIzYmQ2NzBlMDBjZGZmZWJ8MHxkcC10ZWFtaW50ZXJuZXQwOV8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2920222099909144&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301182%2C17301185&format=r3%7Cs&nocache=7751686018627248&num=0&output=afd_ads&domain_name=www1.qetyvep.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686018627250&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fwww1.qetyvep.com%2F%3Ftm%3D1%26subid4%3D1686018620.0151490000&adbw=master-1%3A530
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type
ASCII text, with very long lines (2125)
Size
54 kB (54245 bytes)
Hash
7ac6b458bf8a2d304b8b3085be872ae5
a5dfb7b2ff78915e6205c70a0a8377e6248ec62b
5c0691c903b077d9654b0713b544c1bd06b578e14ae452e77c7cb78dcdbb5c0a

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Tue, 06 Jun 2023 02:30:28 GMT
expires: Tue, 06 Jun 2023 02:30:28 GMT
cache-control: private, max-age=3600
etag: "13656266738342309007"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.74.97

200 OK

174 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.qetyvep.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdlOWE0Mzg0MmQ1fHx8MTY4NjAxODYyNy41NDg0fGFkYTFjMzFhM2M5MDkzNmI2YzlmMWJlMjRkZDI2MzVlYTZmM2Q1NGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZzJNREU0TmpJd0xqQXhOVEUwT1RBd01EQWlmUT09fGM5NTZmMGVhY2IyZmVmZDZjNWQ1ZDE4OWIzYmQ2NzBlMDBjZGZmZWJ8MHxkcC10ZWFtaW50ZXJuZXQwOV8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2920222099909144&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301182%2C17301185&format=r3%7Cs&nocache=7751686018627248&num=0&output=afd_ads&domain_name=www1.qetyvep.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686018627250&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fwww1.qetyvep.com%2F%3Ftm%3D1%26subid4%3D1686018620.0151490000&adbw=master-1%3A530
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintAC:83:32:AA:E9:4D:2F:A2:F2:C9:F0:F3:7B:98:49:1B:5B:DE:7E:44
ValidityFri, 19 May 2023 12:57:31 GMT - Fri, 11 Aug 2023 12:57:30 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
174 B (174 bytes)
Hash
11b3089d616633ca6b73b57aa877eeb4
07632f63e06b30d9b63c97177d3a8122629bda9b
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 17:41:57 GMT
expires: Tue, 06 Jun 2023 16:41:57 GMT
cache-control: public, max-age=82800
age: 31711
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www1.qetyvep.com/track.php?domain=qetyvep.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4NjAxODYyNy41NDE0OmY5OGE3YTZlOTIyN2EyZWJkNTE3YjNmYjMzYTIzZmViMzQwMjBmYTE4ZWY0YmUzNGZjNjg4MzVjMTcxOWVjY2M6NjQ3ZTlhNDM4NDJmMg%3D%3D

76.223.26.96

200 OK

20 B

URL GET HTTP/1.1
www1.qetyvep.com/track.php?domain=qetyvep.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4NjAxODYyNy41NDE0OmY5OGE3YTZlOTIyN2EyZWJkNTE3YjNmYjMzYTIzZmViMzQwMjBmYTE4ZWY0YmUzNGZjNjg4MzVjMTcxOWVjY2M6NjQ3ZTlhNDM4NDJmMg%3D%3D
IP
76.223.26.96:80
ASN
#16509 AMAZON-02

Requested by
http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /track.php?domain=qetyvep.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4NjAxODYyNy41NDE0OmY5OGE3YTZlOTIyN2EyZWJkNTE3YjNmYjMzYTIzZmViMzQwMjBmYTE4ZWY0YmUzNGZjNjg4MzVjMTcxOWVjY2M6NjQ3ZTlhNDM4NDJmMg%3D%3D HTTP/1.1
Host: www1.qetyvep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Jun 2023 02:30:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c3877f8c5e69ab86800072785d542359
1696ca3d3c82f96f9044539d9194d0709205919e
cbafcae3cc98d92e14fa2a5d8c12238d9ae8765a2f2f14dd897b6eadd5019bb0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Jun 2023 02:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=6bi7e3uix5pc&aqid=Q5p-ZMTSNuKDxdwPweK-qAQ&psid=8676772880&pbt=bs&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=536423577&csala=25%7C0%7C344%7C148%7C258&lle=0&ifv=1&usr=1

216.58.207.228

204 No Content

0 B

URL GET HTTP/3
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=6bi7e3uix5pc&aqid=Q5p-ZMTSNuKDxdwPweK-qAQ&psid=8676772880&pbt=bs&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=536423577&csala=25%7C0%7C344%7C148%7C258&lle=0&ifv=1&usr=1
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=6bi7e3uix5pc&aqid=Q5p-ZMTSNuKDxdwPweK-qAQ&psid=8676772880&pbt=bs&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=536423577&csala=25%7C0%7C344%7C148%7C258&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www1.qetyvep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-jnpuwWve9PT2k2NGqDzntA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Tue, 06 Jun 2023 02:30:30 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=RyaeRuzIxLHbUEQacpfFHZpMmtHrk3K9lK7xZovZDSLCXP-TfL7UMg91F8uyoURnoBt7XDsg1Wf7MUgnCYHNjAT_c7GhquY8SUN9N4UN21wnSC0exe3Isrn54Zz_HQpP6FbiOGGxWNFEtPeRgcHsCfaSN_WbGeyKVa-IHVmrMFM; expires=Wed, 06-Dec-2023 02:30:30 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+763; expires=Thu, 05-Jun-2025 02:30:30 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=n4dl0qcjl2cy&aqid=Q5p-ZMTSNuKDxdwPweK-qAQ&psid=8676772880&pbt=bv&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=536423577&csala=25%7C0%7C344%7C148%7C258&lle=0&ifv=1&usr=1

216.58.207.228

204 No Content

0 B

URL GET HTTP/3
www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=n4dl0qcjl2cy&aqid=Q5p-ZMTSNuKDxdwPweK-qAQ&psid=8676772880&pbt=bv&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=536423577&csala=25%7C0%7C344%7C148%7C258&lle=0&ifv=1&usr=1
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=n4dl0qcjl2cy&aqid=Q5p-ZMTSNuKDxdwPweK-qAQ&psid=8676772880&pbt=bv&adbx=375&adby=94&adbh=500&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=536423577&csala=25%7C0%7C344%7C148%7C258&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www1.qetyvep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-SJGlSRlX8o5GfmnCPhQp0Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Tue, 06 Jun 2023 02:30:30 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=v0LQR7NFLm1rA2-TNLdRdsDGt_o3kpWXjNmLhi7-sQ5WW66ooT11OvKLt8gri_3fntVxtAhOHCCV4dbKodqEtZY7CR6RkEuAQNUPKOuuWqvhxK3_MDE0i_MmKNkaSKha2zSV4w3rWiOm43FtKNdyjadi_WU103Ggd1tlomPyQvM; expires=Wed, 06-Dec-2023 02:30:30 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+842; expires=Thu, 05-Jun-2025 02:30:30 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www1.qetyvep.com/favicon.ico

0.0.0.0

0 B

URL GET
www1.qetyvep.com/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www1.qetyvep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www1.qetyvep.com/?tm=1&subid4=1686018620.0151490000
Pragma: no-cache
Cache-Control: no-cache

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

142.250.74.97

200 OK

391 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.qetyvep.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdlOWE0Mzg0MmQ1fHx8MTY4NjAxODYyNy41NDg0fGFkYTFjMzFhM2M5MDkzNmI2YzlmMWJlMjRkZDI2MzVlYTZmM2Q1NGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZzJNREU0TmpJd0xqQXhOVEUwT1RBd01EQWlmUT09fGM5NTZmMGVhY2IyZmVmZDZjNWQ1ZDE4OWIzYmQ2NzBlMDBjZGZmZWJ8MHxkcC10ZWFtaW50ZXJuZXQwOV8zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2920222099909144&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301182%2C17301185&format=r3%7Cs&nocache=7751686018627248&num=0&output=afd_ads&domain_name=www1.qetyvep.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686018627250&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=760&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fwww1.qetyvep.com%2F%3Ftm%3D1%26subid4%3D1686018620.0151490000&adbw=master-1%3A530
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintAC:83:32:AA:E9:4D:2F:A2:F2:C9:F0:F3:7B:98:49:1B:5B:DE:7E:44
ValidityFri, 19 May 2023 12:57:31 GMT - Fri, 11 Aug 2023 12:57:30 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (406), with no line terminators
Size
391 B (391 bytes)
Hash
249bb4c6a37dfa60d6ecf838cada5020
4e56099d13b015804f79d1182f66982bc6e4662b
a2cebc2af2fd29cbee1ed7860ef5b12088b85259918d8bf2f2aaa99b915fa3f4

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 04:19:51 GMT
expires: Tue, 06 Jun 2023 03:19:51 GMT
cache-control: public, max-age=82800
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 79837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML